Umbra Privacy LogoUmbra Privacy
Security & Cryptography

MPC Threat Model

Understand Umbra's dishonest majority security model powered by Arcium's Cerberus MPC protocol for secure encrypted balance operations and verification.

Umbra operates in the Dishonest Majority threat model using Arcium's Cerberus MPC backend. This provides security guarantees even when up to N1N-1 out of NN participants behave maliciously, as long as at least one node remains honest.

MPC Security Models

MPC protocols differ based on their security models:

Honest but Curious: All participants behave according to the protocol while trying to gather as much information as possible from the exchanged data.

Honest Majority: Require at least N/2N/2 participants to act honestly, ensuring data privacy and integrity.

Dishonest Majority (Cerberus): Can withstand up to N1N-1 participants acting maliciously, still guaranteeing privacy and correctness, as long as one participant remains honest.

Umbra uses the dishonest majority model (Cerberus) to provide maximum security guarantees.

Secret Sharing Operations

Both Cerberus and Manticore rely on secret sharing, where values are split and distributed to each participant:

Local Operations (No Communication):

  • Addition: Two shares can be added locally
  • Multiplication by constant: Can be performed locally

Interactive Operations (Requires Communication):

  • Share multiplication: Requires communication between peers using precomputed values
  • MAC verification (Cerberus only): Ensures no cheating has occurred

If forgery is detected, honest peers can abort the protocol.

Cerberus vs. Manticore

Arcium provides two MPC backends:

Cerberus (Dishonest Majority)

  • Security: Can tolerate up to N1N-1 malicious nodes
  • Authentication: MAC-based verification on all shares
  • Abort: Can abort if cheating is detected
  • Use Cases: Financial transactions, private token transfers, confidential smart contracts

Umbra uses Cerberus for all core operations.

Manticore (Honest but Curious)

  • Security: All nodes must follow the protocol (not malicious)
  • Performance: Faster (~2-3× than Cerberus, no MAC overhead)
  • Use Cases: ML/AI training, trusted operator environments
  • Trusted Dealer: Uses a trusted dealer for preprocessing

MPC vs. Alternative Encryption Techniques

Fully Homomorphic Encryption (FHE): Allows computation on encrypted data but suffers from high computational costs (~5 TPS). Not practical for large-scale blockchain implementations.

Trusted Execution Environments (TEEs): High performance but vulnerable to side-channel attacks and requires trust in hardware manufacturers.

Zero-Knowledge Proofs (ZKPs): Excellent for verifying off-chain computations but not designed for shared state systems where multiple parties interact simultaneously.

Secure Multi-Party Computation (MPC): Provides trustless, decentralized execution with robust security. Faster and more cost-effective than FHE. Does not require trusted hardware like TEEs.

Why MPC for Umbra

MPC provides the optimal blend of:

  • High Security: Dishonest majority guarantees (Cerberus)
  • Trustless: No reliance on hardware or intermediaries
  • Flexibility: Suitable for various use cases across DeFi
  • Cost and Speed Efficiency: Production-ready performance

For detailed information about Arcium's MPC protocols, see:

Unlocking Address Strategies

Choosing between registered commitments and ephemeral keys when creating UTXOs for different recipients

Poseidon as a PRF: Security Proofs

Comprehensive cryptographic security analysis of Poseidon as a Pseudorandom Function, including formal proofs and security parameters.

On this page

MPC Security ModelsSecret Sharing OperationsCerberus vs. ManticoreCerberus (Dishonest Majority)Manticore (Honest but Curious)MPC vs. Alternative Encryption TechniquesWhy MPC for Umbra