Papers
Topics
Authors
Recent
Search
2000 character limit reached

MPC-EVM: Multiparty Computation Enhanced EVM

Updated 10 March 2026
  • MPC-EVM is an enhanced Ethereum Virtual Machine integrating off-chain multiparty computation for asynchronous, privacy-preserving smart contracts.
  • It introduces new instructions that suspend and resume contract execution, decoupling heavy cryptographic operations from on-chain processing.
  • Empirical benchmarks demonstrate less than 3% throughput degradation under continuous MPC use, supporting secure applications like sealed-bid auctions and multiparty voting.

MPC-EVM (Multiparty Computation–Enhanced Ethereum Virtual Machine) denotes an extension to the Ethereum Virtual Machine aimed at enabling efficient, asynchronous calls to off-chain secure multiparty computation (MPC) protocols from within smart contract execution. This class of systems integrates MPC as a first-class primitive for privacy-preserving computation by smart contracts, introducing new operational semantics, formal access control, and performance engineering to guarantee consistency, security, and negligible throughput degradation even under high MPC call workloads (Zhou et al., 28 Jul 2025).

1. System Architecture and Execution Model

MPC-EVM extends the EVM with explicit support for MPC-invoking instructions, treating the entry into an MPC as a transaction suspension point: the ongoing contract call’s state (including program counter, stack, and local variables) is checkpointed, the MPC protocol runs asynchronously off-chain, and execution resumes on receipt of the final MPC output. The core execution pipeline involves:

  • Addition of a new instruction type y=enter_mpc(cid,x)y = \mathsf{enter\_mpc}(\mathsf{cid}, x), marking entry into an off-chain MPC designated by identifier cid\mathsf{cid} with inputs xx.
  • Transaction context is saved in a mapping $\mpcstates : \mathrm{Address} \mapsto (y, M, \rtaskconf)$, storing the output variable yy, current MPC state MM, and call stack.
  • Two classes of special transactions are recognized: suspension after MPC invocation (which stores in-flight state) and resumption after the MPC completes (which restores state and resumes execution).
  • Off-chain, the MPC manager executes the required protocol (e.g., via Shamir secret sharing or circuit evaluation), streams intermediate rounds via blockchain messages, and upon completion posts the output via a dedicated on-chain transaction that triggers contract resumption.

This design effectively decouples the heavy cryptographic MPC computation from the blockchain consensus path, ensuring non-blocking operation and minimal on-chain modifications (Zhou et al., 28 Jul 2025).

2. Formal Semantics and Small-Step Operational Rules

MPC-EVM’s semantics extend standard EVM steps to handle MPC instructions with explicit small-step rules. The principal new transitions include:

  • MPC-invoke: On encountering enter_mpc\mathsf{enter\_mpc}, the machine snapshots its local state and call stack, inserts an entry into $\mpcstates$, and empties the current stack. Execution returns immediately, and the transaction is considered paused until the result is posted.
  • MPC-complete: When the result returns (via a dedicated mpcretTx), the corresponding saved context is restored: the local variable is assigned the result, the program counter is advanced, the $\mpcstates$ entry is cleared, and execution continues as a regular EVM transaction.
  • Call Handling: Calls are permitted only to addresses not currently present in $\mpcstates$, enforcing access control and serialization (see next section).

The configurations are formalized as 4-tuples $\mu = (\gsconf,\rtaskconf,\mpcstates,\calladdrs)$, tracking blockchain state, call stack, MPC context mapping, and set of accessed addresses (Zhou et al., 28 Jul 2025).

3. Access Control, Isolation, and Consistency

A central contribution of MPC-EVM is a robust access control mechanism ensuring contract state consistency during asynchronous, multi-transaction interactions:

  • Locking Policy: Any contract address currently in MPC suspension (i.e., present in $\mpcstates$) is locked. No other transaction, whether it is a CALL, balance query, contract creation, transfer, or self-destruct, can access or modify storage or balance at a locked address until the associated MPC completes.
  • Sequential Consistency: Formally, for any two transactions (with or without MPC) the global state evolution is equivalent to a serial ordering in on-chain appearance order.
  • Isolation Theorem: If transaction tx\mathsf{tx} is paused at address aa, all other transactions touching aa are rejected until tx\mathsf{tx} resumes, preventing conflicting concurrent changes (Zhou et al., 28 Jul 2025).

This mechanism is efficiently implemented by checking the invariant $\dom(\mpcstates) \cap \calladdrs = \emptyset$ at transaction processing time.

4. Performance and Throughput Guarantees

MPC-EVM is engineered for negligible impact on bulk throughput:

  • Each MPC-invoking transaction introduces only two extra on-chain transactions (final output delivery, and optional intermediate round messages). All cryptographic computation remains off-chain.
  • Theoretical complexity analysis yields amortized O(1)O(1) overhead per transaction; hence, TMPC=Tbase−O(1)T_\mathrm{MPC} = T_\mathrm{base} - O(1) where TbaseT_\mathrm{base} is baseline EVM throughput.
  • Empirical testing on AptosEVM with five benchmark MPC contracts (e.g., 10-party auctions, voting, arithmetic circuits) and high-throughput (2 million transaction) streams shows a maximum transaction per second (TPS) degradation of <3%<3\% even when MPC is continuously exercised. Table 1 below summarizes representative throughput data:
Workload ETH Transfer TPS ERC20 Transfer TPS
No MPC 1905 1653
MPC Multiplication 1903 1650
MPC Comparison 1887 1633
1×MPC Voting (10-party) 1884 1632
2×MPC Voting (10-party) 1881 1613
1×MPC Auction (10-party) 1860 1611

Percent overhead Δ<2.6%\Delta < 2.6\% in all cases (Zhou et al., 28 Jul 2025).

5. Use Cases and Security Properties

MPC-EVM enables dynamic, privacy-preserving smart contracts such as sealed-bid auctions, multiparty voting, and confidential arithmetic computations where state must remain hidden or aggregated among multiple participants. Contracts can effectively suspend, securely coordinate off-chain, and then atomically resume without leaking intermediate state.

A critical security property is that all access and modifications to contracts involved in MPC remain serialized, with the lock held for the full duration of the computation. This blocks attempted double-writes, guarantee atomic update semantics on resumption, and preserves both privacy and correctness under honest-majority MPC assumptions (Zhou et al., 28 Jul 2025).

6. Implementation Details and Benchmarks

The reference implementation is built on the AptosEVM platform, running in a 10-node testnet on AWS EC2. Practical runs span multiplication, comparison, voting, and auction circuits, all instrumented with automated transaction streams and contract locking enforced at every EVM entry point. The benchmark methodology involves maximal overlap between MPC-invoking and ordinary transactions to stress test the non-blocking and concurrency features.

Case study of a 10-party sealed-bid auction illustrates strict bid privacy (losing bids hidden by multiparty secure comparison), and total on-chain computational/gas overhead is minor due to the off-chain delegation of MPC computation.

7. Impact and Future Directions

MPC-EVM establishes that asynchronous, non-blocking integration of multiparty computation inside a major smart contract VM is possible with essentially unaltered throughput, strong isolation guarantees, and only modest changes to operational semantics. This suggests a promising direction for deploying privacy-preserving, composable logic in blockchain platforms where native support for heavy cryptographic protocols is otherwise prohibitive. A plausible implication is the rapid expansion of confidential DeFi and decentralized governance applications built atop multiparty primitives, with secure contract-level serialization layered onto existing EVM-compatible chains (Zhou et al., 28 Jul 2025).

Definition Search Book Streamline Icon: https://streamlinehq.com
References (1)

Topic to Video (Beta)

No one has generated a video about this topic yet.

Whiteboard

No one has generated a whiteboard explanation for this topic yet.

Follow Topic

Get notified by email when new papers are published related to MPC-EVM.