Skip to main content

End-to-End Encryption

MPCVault adopts a zero-trust architecture. All traffic between computing nodes is peer-to-peer encrypted.
ComponentProtocol
Key ExchangeNoise Protocol IK
EncryptionChaCha20-Poly1305 AEAD
HashingBlake2s
The relay server is trustless - it has no knowledge of the actual messages transmitted. End-to-End Encryption

Personal Key Certificate

Each MPCVault user has a cryptographic identity defined by an Ed25519 key pair called the Personal Key Certificate. Only you know the private key. Personal Key Certificate

How Authentication Works

LayerMethod
PlatformTraditional authentication (password, 2FA)
CryptographicEd25519 signature verification
In addition to standard authentication, MPCVault performs cryptographic attestation using your public key.

Zero-Trust Benefits

Personal Key Certificates enable:
  • Trustless secret sharing - Pass key shares between users without exposing them to MPCVault
  • End-to-end encryption - Messages encrypted directly between participants
  • Cryptographic identity - Actions are cryptographically signed and verifiable