Your key is never in
one place.
Multi-party computation splits your private key across multiple independent nodes. No single node — or person — ever holds a complete key. Every transaction requires agreement from a threshold of nodes to proceed.
MPC made easy for any developer
Threshold signing used to mean shipping a DKG ceremony, running your own MPC cluster, and reviewing cryptographic papers before you wrote a single line of code. With Zafeguard, one SDK call mints a threshold-signed wallet that works on EVM, Solana, and Bitcoin — and the same wallet plugs into payments, AI agents, DeFi automation, cross-chain swaps, and embedded social-login flows without a rewrite.
5 lines to first signature
Install the SDK, call create(), call sign(). No DKG plumbing. No node operations. No cryptography PhD required.
One wallet, every use case
The same MPC key signs payments, swaps, NFT mints, gas-sponsored transactions, agent actions, and DeFi rebalances. Pick the workflow — the signer is already there.
Universal multi-chain
EVM L1s and L2s, Solana, and Bitcoin under one wallet identity. The secp256k1 signer covers EVM and Bitcoin; an Ed25519 signer covers Solana. Adding a chain is selecting a component, not integrating a new wallet.
import { EmbeddedSigner, Curve } from '@zafeguard/mpc-sdk'
const signer = new EmbeddedSigner({ agent, threshold: 2, curve: Curve.Secp256k1 })
const loaded = await signer.create({ signerId, recovery }) // DKG done, share placed, public key ready
const sig = await loaded.sign({ messageHash }) // threshold-signed, no private key reassembledThat is the entire integration. Pricing, gas sponsorship, recovery, social login, and policy controls are layered on top — opt in only what you need.
How threshold signing works
Signing happens inside the nodes — no complete key is ever assembled
The transaction is distributed to all MPC nodes. Each node sees the request but holds only its own shard — no node ever sees a full key.
Any 2-of-3 nodes independently agree to participate. The third node can be offline or withheld and signing still succeeds.
Each participating node computes a partial signature. These are cryptographically combined — the full private key is never reconstructed at any point.
▶ Hit Sign Transaction to watch threshold signing in action
How key generation works
Before any signing can happen, each node independently generates its secret shard through a distributed ceremony. No trusted dealer. No full key. Ever.
No complete private key was ever assembled
▶ Commitments exchanged between parties — private shards never leave each node
Choose your deployment model
Both deployment models ship from the same test-gated source. Every release passes 1,100+ cryptographic assertions across all 12 supported curves and every ceremony — DKG, presigning, signing, reshare, recovery. Same mathematics, same guarantees, whether we host it or you do.
Every workspace on Professional and above gets MPC-backed key protection out of the box. No servers, no configuration — we handle the infrastructure across geographically distributed nodes.
- Keys split across multiple secure, globally distributed nodes
- No seed phrase — social login + MPC recovery
- Threshold agreement required for every transaction
- Gasless signing via gas station integration
- Active in minutes, zero infrastructure setup
- 1,100+ cryptographic checks pass on every release
- Included on Professional plan and above
Deploy our MPC node cluster entirely on your own infrastructure. Keys never leave your environment — no third party is ever involved in any signing operation. Ideal for institutions with strict data-sovereignty requirements.
- Deploy MPC nodes on your own servers or cloud
- Keys entirely within your controlled environment
- Connect your existing identity and compliance stack
- Custom threshold policies (e.g. 3-of-5 nodes)
- Full audit logs piped to your SIEM
- Same binary as the built-in cluster — same test gate
- Dedicated support and deployment assistance
Integrate MPC in your app
The MPC SDK ships native Node.js binaries plus a WebAssembly fallback so the same code runs in browsers, React Native, Expo, and Cloudflare Workers. Two public entry points — pick the one that matches your topology.
The high-level facade. User's device holds one share, the cohort of cloud agents holds the rest, threshold signing requires the device plus the configured number of agents. Five-method lifecycle covers create · sign · export · load · reshare. Includes a presignature pool so the device can sign offline between agent round-trips.
import { EmbeddedSigner, Curve } from '@zafeguard/mpc-sdk'
const signer = new EmbeddedSigner({
agent: [{ baseUrl: 'https://node-1', apiKey: '…' }],
threshold: 2,
curve: Curve.Secp256k1,
})
const loaded = await signer.create({ signerId, recovery })
const sig = await loaded.sign({ messageHash })The lower-level surface. Direct HTTP client for a single MPC cluster node when you want server-side custody with no embedded device party — pure cluster-managed keys for institutional hot wallets, custody backends, or cold-storage flows. Exposes the full cluster ceremony surface and the recovery primitives.
import { MPCAgent } from '@zafeguard/mpc-sdk'
const agent = MPCAgent.connect(host, port, apiKey)
const session = await agent.sessions.createKeyShare({ /* DKG */ })
const partial = await agent.presignature.sign(presigId, {
messageHashB64,
})Build your own security strategy
MPC is the foundation — what you build on top is yours to design. Define custom threshold policies, compose layered recovery paths, and create approval rules that match your exact risk model without writing any cryptographic code.
Custom threshold policies
Set any m-of-n threshold — 2-of-3 for teams, 3-of-5 for institutions, or 4-of-7 for maximum fault tolerance. Adjust policies without a re-keying ceremony.
Social recovery
Assign trusted guardians who can collectively restore access without ever touching raw key material. No seed phrase. No single person can unilaterally recover.
Hardware integration
Combine MPC shards with HSMs or physical security keys for defense-in-depth. Your shard strategy can span cloud nodes, on-premises servers, and hardware simultaneously.
Composable approval flows
Chain multiple conditions — time locks, quorum approvals, geo-restrictions — into a recovery policy that satisfies your compliance and operational requirements.
Our team can help you design a recovery and approval strategy for your specific compliance requirements — from SOC 2 to institutional-grade sovereign custody.
Why MPC beats the alternatives
A single seed phrase is a single point of failure. Written down, it can be stolen. Stored digitally, it can be compromised.
MPC splits the key across multiple nodes. There is no seed phrase to steal because no complete key ever exists in one place.
Hardware wallets protect the key at rest, but require physical access, can be lost, and become a bottleneck for automated operations.
MPC nodes operate 24/7 and can participate in automated workflows without any physical device — while maintaining the same security guarantees.
A single server holding a private key is one database breach or insider threat away from total loss.
With MPC, no single server holds a complete key. Compromising one node reveals nothing — an attacker needs to compromise the threshold simultaneously.
MPC vs Multisig
Both approaches distribute signing authority across multiple parties — but they differ fundamentally in where that distribution happens: on-chain or off-chain.
Multiple independent private keys are created, each held by a different party. A transaction is only valid when a threshold (m) of those key-holders each sign separately — and the blockchain verifies all signatures on-chain.
Key shards are held by separate nodes that never communicate the full key. When a threshold of nodes agree, they perform a distributed computation that produces one standard signature — indistinguishable from a single-signer transaction on-chain.
- Full on-chain transparency is a compliance requirement
- You are building a DAO or on-chain treasury with public accountability
- The chain natively supports multisig with no extra cost
- You need cross-chain key management from a single unified key
- Gas efficiency matters — high-frequency or automated transactions
- Privacy is required — policy must not be visible on-chain
- You want programmatic, 24/7 signing without physical key-holders
Four things you do not get anywhere else, together
Each of these capabilities exists somewhere in the market in isolation. The differentiator is the combination — MPC primitives, a visual workflow canvas, true multi-chain coverage, and a path from hosted to fully self-hosted — sold as one product, with one SDK and one bill.
MPC made easy for any developer
Threshold-signed wallet in 5 lines of TypeScript. No DKG ceremony to ship. No MPC node ops. No cryptography PhD required. The complexity stays in the SDK — your app code stays normal.
One platform, every on-chain use case
Payments, swaps, NFT mints, gas-sponsored transactions, AI agent actions, DeFi automation, embedded wallets — composed visually in the same canvas as signing. No glue code between services you bought from five vendors.
Multi-chain under one wallet identity
EVM L1s and L2s, Solana, and Bitcoin from one workspace. Secp256k1 covers EVM and Bitcoin; Solana uses Ed25519. Two signers under one namespace, one SDK surface across all of them.
Hosted, embedded, or fully self-hosted
Use built-in MPC on day one. Move to embedded device + cloud cohort when your UX needs it. Lift the entire MPC cluster onto your own infrastructure when compliance demands it. Same SDK at every step.
How Zafeguard MPC compares
Wallet infrastructure today is split across four categories. Each does part of the job. Below is how Zafeguard maps to the capabilities those categories represent — and where the gaps tend to live.
Capability snapshot based on each category's typical public surface as of 2026. Individual vendors may differ; check the latest from each provider for current detail.
Scroll the table horizontally to see every column.