Introducing BitGo TSS: More coins, lower fees, outstanding security

In order to support new coins faster and decrease transaction fees, BitGo will secure wallets on certain blockchains with a technology called Threshold Signature Scheme (TSS).

In addition to our Multi-Signature architecture — considered the gold standard for guarding digital assets — TSS offers more robust coin coverage while still providing industry-leading security.

TSS is a branch of multi-party computation (MPC) protocols. That said, unlike MPC utilized by other digital asset companies, which typically only supports “2-of-2” or “3-of-3” security models, TSS enables BitGo to continue utilizing the “2-of-3” security model to protect against both theft and loss. With this innovation, BitGo is able to provide the best MPC security possible in both cold and hot storage scenarios.

What this means for you

From a customer point of view, TSS helps you in three ways:

• More coins: BitGo will support more coins, faster, without the use of smart contracts — and continue to support hot wallets and cold storage alike. In the coming weeks and months, we’ll be introducing coverage for a series of new coins and tokens, so you can hold, trade, and stake more assets.
• Lower fees: TSS keeps your blockchain transaction fees low for these newly supported coins, and will decrease fees for several coins and tokens we already support.
• Outstanding security: Your account will continue to be protected by industry-leading technology, as well as our expertise as a qualified, regulated custodian.

How TSS works

At a high-level, TSS shards critical information — namely, your wallet key, which is never revealed — into multiple parts so they can be distributed and stored in multiple places. To sign any transaction, you need two of the three resulting pieces. That means a hack of a single piece isn’t enough for a malicious actor to actually gain control over your account. In that scenario, you still maintain 2-of-3 control over your wallet, while the single piece — by itself — is unable to transact and effectively meaningless.

This is conceptually similar to BitGo’s renowned Multi-Signature security model. The principal difference lies in the number of keys per wallet. Multi-Sig consists of three keys split three ways (which can be sharded further); TSS, meanwhile, consists of one key split three ways (which, likewise, can be sharded further still).

To be clear about terminology, a “key share” represents the TSS equivalent of a Multi-Sig key, whereas a “shard” refers to taking a key or key share and breaking it into even smaller pieces.

Compared to other security schemes on the market, BitGo’s TSS includes unique features that add extra protection to your account and meet BitGo’s exacting standard for security.

What makes BitGo’s TSS superior to MPC

MPC schemes (offered by several other players in the market) typically suffer from the following challenges:

• Lack of accountability: MPC, by nature of its design, makes it difficult to tell which parties and which key shares were involved in a given transaction.
• Lack of cold storage: Many MPC “custodians” are merely technology providers offering hot wallets, rather than regulated, qualified custodians with true cold storage options.
• Lack of battle-tested technology: Many MPC providers rely on proprietary cryptography — and assume that because they haven’t been able to break it, no one can.
• Lack of purpose-built hardware: MPC solutions typically rely on machines that weren’t built specifically for digital assets and their unique cryptographic needs.
• Lack of backup keys: Some MPC providers don’t always offer backup key shares, which means it’s possible for your funds to get irretrievably locked.
• Lack of protection against loss: Most deployed MPC instances today only offer m-of-m models, where all key shares must participate in the signing process. This means that if your MPC provider loses their key share or is unavailable, you won’t be able to sign a transaction.

By contrast, BitGo’s TSS improves upon existing MPC solutions in the following ways:

• Audits and ledgers for greater accountability. Our system tracks every time the key shares are used to sign a transaction, adding an extra layer of auditable data.
• Cold storage options. Any cold wallets built on BitGo TSS are managed by our regulated, qualified Trust company.
• Open-sourced, peer reviewed code. We’ve had our code scrutinized by third-party security experts, and made it available open-source for additional pressure testing.
• Purpose-built machines. BitGo builds its own Hardware Security Modules (HSMs) to manage keys, provide greater cryptographic support, and ensure that the wallet policies you customize get honored.
• Backup key shares. BitGo always offers a third key share (in addition to the customer key and the platform key), so your funds won’t be locked if any one key share gets lost or hacked.
• Protection against loss. Because BitGo always works on an m-of-n model (ie, 2 keys out of 3), it’s more resilient to issues with any one key, therefore providing you with additional protection against theft and loss.

Why we’re introducing TSS

We’re introducing TSS because we believe we can offer greater coin coverage and lower transaction costs without sacrificing security.

Moving forward, BitGo will support new coins with either Multi-Sig or TSS — whichever is most efficient for that particular blockchain while still meeting our ultra-high standard for security. We also plan to leverage TSS to reduce transaction fees for ETH and thus deliver an even better experience for our customers.

Connect with us to learn more.

About BitGo

BitGo provides the most secure and scalable solutions for the digital asset economy, offering regulated custody, borrowing and lending, and core infrastructure to investors and builders alike.

Founded in 2013 — the early days of crypto — BitGo pioneered the multi-signature wallet and later built TSS to improve upon other companies’ MPC offerings. Between multi-sig and TSS, BitGo offers the safest technology on the market and safeguards over 600 tokens across a wide variety of blockchains.

Over the years, BitGo has expanded from offering wallets into providing a full-suite solution that lets clients hold assets safely and then put them to work.

BitGo launched BitGo Trust Company in 2018, providing fully regulated, qualified cold storage to complement BitGo Inc’s original hot wallet solution. In 2020, BitGo launched BitGo Prime, which allows its clients to trade, borrow, and lend. Moreover, BitGo also provides access to DeFi, staking, NFT wallets, and beyond, and serves as the world’s sole custodian for WBTC, or wrapped Bitcoin.

Today, BitGo is the leader in digital asset security, custody, and liquidity, providing the operational backbone for more than 700 institutional clients in over 50 countries — a list that includes many regulated entities and the world’s top cryptocurrency exchanges and platforms. BitGo also processes approximately 20% of all global Bitcoin transactions by value.

For more information, please visit www.bitgo.com.

©2022 BitGo. All rights reserved. BitGo Trust Company, BitGo Inc., and BitGo Prime LLC are separately operated, wholly-owned subsidiaries of BitGo Holdings, Inc., a Delaware corporation headquartered in Palo Alto, CA. No legal, tax, investment, or other advice is provided by any BitGo entity. Please consult your legal/tax/investment professional for questions about your specific circumstances. Digital asset holdings involve a high degree of risk, and can fluctuate greatly on any given day. Accordingly, your digital asset holdings may be subject to large swings in value and may even become worthless.