Penta Security provides SDK for Penta MPC Demo Program.
Please click here to find the Korean version of the document.
Secure MPC is known in other words as ‘multi-party computation’, a cryptography technology that allows multiple parties to compute a common result without exposing any of the sensitive inputs to each other.
The MPC technology that Penta Security provides is meant to be a threshold-based signature technology, also known as the ‘Threshold Signature Scheme’ that runs on secure multi-party computation protocol.
These are the special traits of Penta Security’s MPC technology.
- Users rely on minimum quorum of parties to carry out the operation without revealing any of their secret value to one another.
- To generate one public key, minimum of N number of secret keys are required. Then to make generate one signature, N out of M keys are combined. (N ≤ M)
- A whole private key does not ever exist in the entire scheme of MPC.
Penta Security’s MPC SDK was created to help the testing/developing of non-commercial demo programs for the two following MPC functions.
- Create MPC Group
“MPC Group” is created.
“MPC Group” is a pool of MPC participants known as the “members” to gather and operate MPC functionalities.
- MPC Signing
“Signing of MPC” is processed.
“MPC Signing” requires majority consent of the “members” in the “MPC Group”.
Supported OS
- Windows
- Unix / Linux
- Android
- iOS
Operation Environment
- JDK 1.8
MPC SDK provided by Penta Security is intended for testing of MPC demos, and supports limited test environment as follows.
In MPC technology, N-of-M configuration is as follows.
N = Threshold quorum to authorize the operation
M = The entire number of “members” in the “MPC Group”
Therefore, the input of N-out-of-M quorum is mandatory to authorize MPC operation
- Number of “members” is set to 2 ≤ M ≤ 10. The number of “members” should be inserted during the application process.
2 ≤ M = ‘members’ ≤ 10
- Threshold value is set to 2 ≤ Threshold Value ≤ M ≤ 10.
2 ≤ N = Threshold ≤ M = ‘members’ ≤ 10
- The value for “MPC Group” and “Members” will be reset on a monthly basis.
Please follow this link to request testing for MPC demo.
Once the form is complete and registered, you will receive an email from us in your inbox.
After verifying the email address, Customer ID will be issued so that you may gain access to the demo program.
If you wish to test run without being constraint to any limitations of the demo version, and would further like to review Penta MPC SDK for commercial use, please contact the email below.
mpc@pentasecurity.com
The SDK is composed into MPC SDK JAR (Java Archive) and Native Module.
JAR file must be added to the CLASSPATH environment variable or java -cp option.
Native Module must be added to the library PATH of each OS or java -Djava.library.path.
Native module should be used after checking each OS and the corresponding unpacking tar.gz.
- e.g.)
$ ls /opt/pentampc native mpc-sdk-1.0-SNAPSHOT.jar mpc-sdk-1.0-SNAPSHOT-javadoc.jar pcw-common-1.6.2-SNAPSHOT.jar $ ls /opt/pentampc/native libPenta_MPC-0.2.0.0211.e8c9.android.x86.tar.gz libPenta_MPC-0.2.0.0211.e8c9.Darwin.tar.gz libPenta_MPC-0.2.0.0211.e8c9.android.x86_64.tar.gz libPenta_MPC-0.2.0.0211.e8c9.android.arm64-v8a.tar.gz libPenta_MPC-0.2.0.0211.e8c9.ios.tar.gz libPenta_MPC-0.2.0.0211.e8c9.android.armeabi-v7a.tar.gz libPenta_MPC-0.2.0.0211.e8c9.linux.x64.tar.gz libPenta_MPC-0.2.0.0211.e8c9.linux.x64.so libPenta_MPC.so $ java -cp /opt/pentampc/mpc-sdk-1.0-SNAPSHOT.jar:/opt/pentampc/pcw-common-1.6.2-SNAPSHOT.jar:. -Djava.library.path=/opt/pentampc/native com.mpcdemo
┬ MPCDemo : MPC Demo
│ ├ bin/ : Start Script
│ ├ src/ : Demo source
│ └ build.gradle : gradle script
├ MPCSdk : PentaMPC SDK
│ ├ native/ : PentaMPC native modules
│ ├ mpc-sdk-1.0-SNAPSHOT-javadoc.jar : PentaMPC javadoc
│ ├ mpc-sdk-1.0-SNAPSHOT.jar : PentaMPC Java Archive
│ └ pcw-common-1.6.2-SNAPSHOT.jar : PentaMPC Common Java Archive
└ docs/ : MPCSdk Javadoc
Click here to view the interface provided for Penta MPC SDK.
Please follow the following steps for Penta MPC SDK demo program testing.
Download the demo program as follows.
When the download is complete, check to make sure that the directory and configuration files exist.
/home/mpc> git clone https://github.com/pentasecurity/mpc-demo-sdk.git
Cloning into 'mpc-demo-sdk'...
remote: Enumerating objects: 83, done.
remote: Counting objects: 100% (83/83), done.
remote: Compressing objects: 100% (67/67), done.
remote: Total 83 (delta 16), reused 49 (delta 1), pack-reused 0
Unpacking objects: 100% (83/83), done.
/home/mpc> ls
mpc-demo-sdk
/home/mpc> cd mpc-demo-sdk
/home/mpc/mpc-demo-sdk> ls
LICENSE MPCDemo MPCSdk README.md build.gradle gradle gradlew gradlew.bat settings.gradle
/home/mpc/mpc-demo-sdk> cd MPCDemo
Build the program as follows.
When the build is complete, check to make sure that the directory and configuration files exist.
/home/mpc/mpc-demo-sdk/MPCDemo> gradle build
BUILD SUCCESSFUL in 1s
2 actionable tasks: 2 up-to-date
/home/mpc/mpc-demo-sdk/MPCDemo> chmod +x bin/MPCDemo.sh
/home/mpc/mpc-demo-sdk/MPCDemo> gradle copyRelease
/home/mpc/mpc-demo-sdk/MPCDemo> cd build/release
/home/mpc/mpc-demo-sdk/MPCDemo/build/release> ls
MPCDemo-1.0.jar MPCDemo.bat MPCDemo.sh lib
To run the demo program, you must first apply for the registration and have your email verified, so that a Customer ID is issued.
Please click here for demo registration.
When running the demo program, you may enter Customer ID with -c option.
A valid Customer ID that has been issued from the registration process must be entered to operate the demo.
- e.g.) When customer ID is set as [Customer ID 00000000-0000-0000-0000-000000000000]
/home/mpc/mpc-demo-sdk/MPCDemo/build/release> ./MPCDemo.sh -c 00000000-0000-0000-0000-000000000000
1. Login
2. Create member
9. Exit
Select Menu. (1,2,9) :
Users are able to run and test out MPC functions with Penta MPC SDK.
Demo program does not retain or save the generated keys when it is rebooted.
The Key Pairs created for every Member when MPC Group is being formed, are managed in form of HashMap only.
“Members” are the those that play the primary role in utilizing the MPC functionalities.
Members gather to form a “Group”, and within that Group, signing of MPC takes place.
- e.g.) In the example below, Customer ID is set as [Customer ID 00000000-0000-0000-0000-000000000000] and three Member IDs are set as “member1”, “member2”, “member 3”.
// Run the Demo Program by entering Customer ID as an option
/home/mpc/mpc-demo-sdk/MPCDemo/build/release> ./MPCDemo.sh -c 00000000-0000-0000-0000-000000000000
// Set Member (member1)
1. Login
2. Create member
9. Exit
Select Menu. (1,2,9) : 2
Please enter ID : member1
Please enter Name : MEMBER1
Please enter Password:
Please enter your password again:
// Set Member (member2)
1. Login
2. Create member
9. Exit
Select Menu. (1,2,9) : 2
Please enter ID : member2
Please enter Name : MEMBER2
Please enter Password:
Please enter your password again:
// Set Member (member3)
1. Login
2. Create member
9. Exit
Select Menu. (1,2,9) : 2
Please enter ID : member3
Please enter Name : MEMBER3
Please enter Password:
Please enter your password again:
1. Login
2. Create member
9. Exit
Select Menu. (1,2,9) :
Members log in on the MPC Server.
Logged in Members can form a Group and then later process MPC signature.
- e.g.) In the example below “member1” logs on as a Member
Please enter your password again:
1. Login
2. Create member
9. Exit
Select Menu. (1,2,9) : 1
Member ID : member1
Password:
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) :
- e.g.) In the example below “member 1” logs in with -m -p option
/home/mpc/mpc-demo-sdk/MPCDemo/build/release> ./MPCDemo.sh -m member1 -p password -c 00000000-0000-0000-0000-000000000000
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) :
MPC Groups can be created with the participation of minimum 2 and maximum 10 members: 2 ≤ M ≤10.
Let’s say one person proposes to create a group.
Contrary to the general method of how a group created, for MPC Group formation a Member proposes the act and then chooses who the Members will be to make the new group.
The initiator proposes a new group, selects the participant Members and then receives a Session ID to confirm Members’ intentions.
The Session ID created during the initiation process is manually delivered to other Member’s demo program.
But for the use of the commercial program (*not the demo version), a Push Alert will pop up on the Application immediately.
- e.g.) In the example below a Threshold MPC group that requires 2 signatures out of a 3 Member Group is proposed.
// Initiator is set as member1.
// Participants (members) are set as member2, member3.
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) : 1
1. MPC Group Participation Request
2. Join in the creation of MPC Group
8. Previous Menu
9. Exit
Select Menu. (1,2,8,9) : 1
list of MemberIDs. (separator is comma(,)) : member2,member3
number of members required for signing : 2
name : MPC Group for testing
comment : testing...
1. ecdsa_256k1
2. ecdsa_p256
3. ed25519
Select an algorithm. (1,2,3) : 1
[createGroup] Session ID: 27f59c84-f1f1-4fb9-a0c2-16ab6e89db89
Step: -1
Non-initiating Members can deliver their intentions of participating in the group.
If any of the selected Members do not consent to participate in the group as a Member, the proposal to create the group is cancelled.
When a Session is created, the Session must be completed by the given time (time set with createGroup interface parameter).
Otherwise, it will be on Timeout and the Session will automatically be canceled.
For the demo program the time is set for 5 minutes in default.
- e.g.) In the example below member2 is participating as one of the members in the MPC Group.
Please enter your password again:
1. Login
2. Create member
9. Exit
Select Menu. (1,2,9) : 1
Member ID : member2
Password:
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) : 1
1. MPC Group Participation Request
2. Join in the creation of MPC Group
8. Previous Menu
9. Exit
Select Menu. (1,2,8,9) : 2
Please enter Session ID : 27f59c84-f1f1-4fb9-a0c2-16ab6e89db89
Once the creation of MPC Group is complete, MPC Group ID, Group Index for Members, MPC Group Public Key, Private Key Pair and Secret Value is provided.
Because of its innate characteristics, the secret key of the MPC Group is unknown, undisclosed and unsaved in the server.
When a signature is requested, it calls for the combination of each key that every Member holds.
The creation of the MPC Group proceeds in 5 steps from initiation (Step -1) to completion (Step 3).
Do you join this Session? ([A]PPROVE, [R]EJECT) : a
Step: -1
Step: 0
Step: 1
Step: 2
Step: 3
MPC Group ID: 27f59c84-f1f1-4fb9-a0c2-16ab6e89db89
Member Index: 1
Group PubKey: 0x02d58fb448606b5a53f6498999f9cbc3363c432551a68529a1168fe3b9a79e7728
Member PriKey: 0x76c2424a0592ee7ec05d0c32d17977971635fe73e0bd134ff78a6a4e06404387
Member PubKey: 0x0215e0c7ee5fae92c90850e64fee74ee3eca43160834c1a0c236d20ad2d408043f
Member Secret: 0x4ef8b2664bf8406867c42a6ac19e422480e62579af1e74956da3cad5d5770bed
1. MPC Group Participation Request
2. Join in the creation of MPC Group
8. Previous Menu
9. Exit
Select Menu. (1,2,8,9) : 8
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) : 5
================================================================================================
MPC Group ID : 27f59c84-f1f1-4fb9-a0c2-16ab6e89db89
MPC Group Name : MPC Group for testing
Owner : member1
Threshold : 2
Group Size : 0
Algorithm : ecdsa_256k1
MPC Group PubKey : 0x02d58fb448606b5a53f6498999f9cbc3363c432551a68529a1168fe3b9a79e7728
My PubKey : 0x0215e0c7ee5fae92c90850e64fee74ee3eca43160834c1a0c236d20ad2d408043f
My PriKey : 0x76c2424a0592ee7ec05d0c32d17977971635fe73e0bd134ff78a6a4e06404387
My Secret : 0x4ef8b2664bf8406867c42a6ac19e422480e62579af1e74956da3cad5d5770bed
MemberID : member1 Index: 0
MemberID : member2 Index: 1
MemberID : member3 Index: 2
================================================================================================
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) :
Once the MPC Group is created, signatures can now be issued.
To generate a signature within the Group, it is mandatory to have the minimum number of participants (specified as the Threshold) approve.
In other words, while the Group Members are set as member1, member2, member3 – total of 3 participants – the Threshold to approve the signature request would be 2.
So to generate a whole signature, 2-3 can be set as the Threshold.
If the Threshold is set for 2 approvals, then it would only require 2 Members’ participation to generate the signature.
If the Threshold is set for 3 approvals, then it would definitely require all 3 Members’ participation for the signature
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) : 2
1. Signing Participation Request
2. Join in the Signing
8. Previous Menu
9. Exit
Select Menu. (1,2,8,9) : 1
Message : Message to sign.
MPC Group ID : 27f59c84-f1f1-4fb9-a0c2-16ab6e89db89
Threshold : [2]
comment : comment..
[Signing] Session ID: a0dd096f-eb1b-460d-ba2a-cfae2015faeb
Step: -1
Members that are not the initiator uses the Session ID to participate in the Session.
All of the Members are eligible to participate, and identical to the process of creating the MPC Group, participants may agree or refuse to participate in the Session.
However, unlike the MPC Group creation process, generating the signature does not require a unanimous approval.
Even with a certain Member refusing to take part in the Session, as long as the number of participants meet the Threshold number, the signature, the issuing of the signature will take place.
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) : 2
1. Signing Participation Request
2. Join in the Signing
8. Previous Menu
9. Exit
Select Menu. (1,2,8,9) : 2
Please enter Session ID : a0dd096f-eb1b-460d-ba2a-cfae2015faeb
With the generation of MPC Signature, R value and S value is formed.
The Signatue proceeds in 7 steps from initiation (Step -1) to completion (Step 5).
1. Creation of MPC Group
2. Signing
3. Member List
4. Update AccessToken
5. My MPC Group
9. Exit
Select Menu. (1,2,3,4,5,9) : 2
1. Signing Participation Request
2. Join in the Signing
8. Previous Menu
9. Exit
Select Menu. (1,2,8,9) : 2
Please enter Session ID : a0dd096f-eb1b-460d-ba2a-cfae2015faeb
Do you join this Session? ([A]PPROVE, [R]EJECT) : a
Step: -1
Step: 0
Step: 1
Step: 2
Step: 3
Step: 4
Step: 5
Sigr: 0x18d6f655b73e9d5daeec915ff0e377321b280de4d2b13b9ab0e2ce6ca041ec78
Sigs: 0x349962293acc3ec8f266044c22779e865f3ee8b8f57f9545ad6f19ef76e7ab3d
Sigrecovery: 0
1. Signing Participation Request
2. Join in the Signing
8. Previous Menu
9. Exit
Select Menu. (1,2,8,9) :
If an abnormal behavior is detected during the Penta MPC SDK testing or any questions are brought up, please contact send us an email.
mpc@pentasecurity.com
To review Penta MPC SDK for commercial use of Penta MPC, please send us an email.
mpc@pentasecurity.com
Please be aware of the following discretions.
- Penta MPC SDK is provided on Github as a non-commercial test demo program.
- Testing of the demo program is available only after the full application has been submitted completely.
- Data input for MPC usage is reset periodically, and may also be reset on a irregular basis according to update/modification of the remote server.
- For commercial use or unlimited use of Penta MPC SDK, please send us an email.
mpc@pentasecurity.com