David Scrobonia

David Scrobonia

CTO & Co-Founder

Share the love

Want to stay updated? Subscribe below to keep in touch.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg"> <mask id="mask0_996_165" style="mask-type:luminance" maskUnits="userSpaceOnUse" x="2" y="1" width="46" height="46"> <path d="M47.2941 1.41177H2.11768V46.5882H47.2941V1.41177Z" fill="white"/> </mask> <g mask="url(#mask0_996_165)"> <path fill-rule="evenodd" clip-rule="evenodd" d="M16.2353 4.2353C16.2353 2.67591 17.4995 1.41177 19.0589 1.41177H44.4706C46.0301 1.41177 47.2941 2.67591 47.2941 4.2353V29.6471C47.2941 31.2065 46.0301 32.4706 44.4706 32.4706H38.8236V12.7059C38.8236 11.1465 37.5595 9.88236 36 9.88236H16.2353V4.2353ZM4.94121 15.5294C3.3818 15.5294 2.11768 16.7935 2.11768 18.353V43.7647C2.11768 45.3242 3.3818 46.5882 4.94121 46.5882H30.353C31.9124 46.5882 33.1765 45.3242 33.1765 43.7647V18.353C33.1765 16.7936 31.9124 15.5294 30.353 15.5294H4.94121Z" fill="currentColor"/> </g> </svg>
Product Updates
3 min

Introducing Enclave MPC API

The Portal Enclave MPC API enables access to the strength of MPC security with the simplicity of an API by leveraging confidential computing. The result is quicker development, faster signing, and the same security.

October 31, 2024

Introducing Enclave MPC API

Portal’s core multi-party computation (MPC) cryptography provides secure key material management by distributing one share to user and one to a server. This enables our customers to build secure embedded wallets into their applications.

MPC cryptography requires that both parties perform a series of computations and message exchanges to securely generate signatures. This code is run on the user’s device (via one of our React Native, iOS, Android, or Web SDKs) and our backend. This requires that our customers’ applications incorporate our SDK.

Now, with the Enclave MPC API, we can run the same MPC code that runs on a user’s device on a secure enclave, leveraging confidential compute to provide API access to the same MPC power without sacrificing security.

How does this work?

The Enclave MPC API runs in an AWS Nitro Enclave. Visit the AWS docs to learn more about how Nitro Enclaves work, but at a high level, they provide a trusted execution environment by leaning on private key burned into the CPU by the chip manufacturer. This key is used to encrypt memory and verify execution.

Encrypted memory means that all of the data being processed on the enclave can’t be accessed by anything other than the running application. Portal employees can’t even read the data on there! Verified execution means that a user can cryptographically verify that their request was handled in a secure enclave. When a user sends an API request to the enclave, Portal returns a set of signed “measurements” that can be verified by the enclave’s public key to ensure that the request was processed on an AWS Nitro Enclave.

These enable the Enclave MPC API to act as an extension of the client trust. Key material created by running generate, backup, and recover is still stored on the user’s device. The key material is transmitted to the stateless Enclave MPC API for signing where no details about the key material are stored, logged, or leave the trusted execution environment.

What are the benefits?

You get the security of MPC with the simplicity of an API and the speed of server-side compute:

  • Security: Two key shares managed by two parties.
  • Simplicity: One endpoint to generate your wallet. One endpoint to sign a transaction.
  • Speed: Beefy server-side compute that can complete signatures in less than a second.

By moving the MPC compute to a server, you don’t need to rely on user devices, which can range in operating system, CPU, and age that lead to variable results. The Enclave MPC API provides consistent, quick computation.

Who does this help?

Everybody! Non-custodial or custodial. Backend treasury operations or client-side wallet applications. Read the Slingshot Finance case study on how they're using the Enclave MPC API for high-performance, cross-chain trading.

Reach out today to learn how to incorporate the MPC API into your application!