Related · tier-1 reading. For what a portable artifact actually is, see Portable Artifact.
Multi-party key generation, signing, and resharing with H33 Substrate 3-key attestation (ML-DSA + FALCON + SLH-DSA). 74-byte proof per session. Configurable N-of-M threshold. No single party ever holds the complete key.
Create a session, collect contributions from each party, finalize with threshold combination, and receive an H33 Substrate-attested result — three PQ signature families in 74 bytes. All contributions are zeroed from memory on completion.
Watch a complete MPC signing flow. Three parties hold key shares. Only two are needed to produce a valid ML-DSA-attested signature. The full key is never reconstructed.
Every MPC session is memory-safe, post-quantum attested, and designed with zero persistence. Party contributions never touch disk.
| Parameter | Value |
|---|---|
| Operations | Sign, KeyGen, Reshare |
| Threshold | Configurable N-of-M |
| Attestation | Dilithium (ML-DSA, NIST PQC) |
| Session storage | In-memory DashMap (zero persistence) |
| Party contributions | Zeroize-on-drop (memory-safe) |
| Sign gateway | gRPC proxy to MPC backend |
| Max rounds (Sign) | 2 (FROST protocol) |
| Max rounds (KeyGen) | 3 (DKG protocol) |
| Max rounds (Reshare) | 2 |
| Post-quantum | ML-DSA-5 attestation (NIST Level 5) |
H33-MPC is built on information-theoretic security, post-quantum cryptography, and memory-safe Rust. No single compromise can break the system.
Four endpoints for the complete MPC lifecycle. Create, contribute, finalize, and query session status. All endpoints authenticated via API key.
curl -X POST https://api.h33.ai/v1/mpc/session/create \ -H "Authorization: Bearer $H33_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "operation": "Sign", "threshold": 2, "total_parties": 3, "party_ids": ["party_alice", "party_bob", "party_carol"], "message_hash": "base64_sha256_of_message..." }' # Response: # { # "session_id": "mpc_abc123", # "phase": "AwaitingContributions", # "contributions_needed": 2, # "max_rounds": 2 # }
curl -X POST https://api.h33.ai/v1/mpc/session/mpc_abc123/contribute \ -H "Authorization: Bearer $H33_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "party_id": "party_alice", "round": 1, "payload": "base64_key_share_alice..." }' # Response: { "accepted": true, "contributions_so_far": 1, "threshold": 2 }
curl -X POST https://api.h33.ai/v1/mpc/session/mpc_abc123/contribute \ -H "Authorization: Bearer $H33_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "party_id": "party_bob", "round": 1, "payload": "base64_key_share_bob..." }' # Response: { "accepted": true, "contributions_so_far": 2, "phase": "ReadyToFinalize" }
curl -X POST https://api.h33.ai/v1/mpc/session/mpc_abc123/finalize \ -H "Authorization: Bearer $H33_API_KEY" # Response: # { # "phase": "Finalized", # "result": "base64_threshold_signature...", # "attestation": { # "algorithm": "ML-DSA-5", # "signature": "base64_dilithium_sig...", # "session_id": "mpc_abc123", # "parties": ["party_alice", "party_bob"], # "threshold": "2-of-3" # }, # "contributions_zeroed": true # }
curl -X POST https://api.h33.ai/v1/mpc/session/create \ -H "Authorization: Bearer $H33_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "operation": "KeyGen", "threshold": 3, "total_parties": 5, "party_ids": ["custodian_1", "custodian_2", "custodian_3", "custodian_4", "custodian_5"] }' # DKG requires 3 rounds of contributions from all parties. # Each party submits per-round payloads: # Round 1: Commitment polynomial # Round 2: Share distribution # Round 3: Verification # # After all 3 rounds, finalize produces: # { # "phase": "Finalized", # "result": "base64_public_key...", # "attestation": { "algorithm": "ML-DSA-5", ... }, # "key_shares_distributed": true, # "contributions_zeroed": true # }
H33-MPC eliminates single points of failure in key management. No single party ever holds the complete signing key — threshold combination is required for every operation.
Feature-by-feature comparison against leading threshold signing and MPC platforms.
| Feature | H33-MPC | Fireblocks | Lit Protocol | Threshold Network |
|---|---|---|---|---|
| Threshold scheme | Configurable N-of-M | 2-of-3 (fixed) | N-of-N (all required) | N-of-M |
| PQ attestation | ML-DSA-5 (L5) | None | None | None |
| Session model | Stateless (DashMap) | Persistent (HSM) | Blockchain-anchored | On-chain (Ethereum) |
| Key material safety | Zeroize-on-drop | HSM-stored | Encrypted at rest | On-chain |
| Operations | Sign, KeyGen, Reshare | Sign only | Sign, Encrypt | Sign |
| Integration | REST API (4 endpoints) | Proprietary SDK | Lit JS SDK | Ethereum contracts |
| Self-hosted | Yes | No (SaaS only) | Partial (nodes) | No (Ethereum) |
| Audit trail | PQ-signed attestation | Proprietary logs | On-chain events | On-chain events |
| Pricing | 8 credits/session | Enterprise pricing | Token-gated | Gas fees |
AwaitingContributions until enough parties respond or the session times out./v1/mpc/session/create and /v1/mpc/session/{id}/contribute endpoints accept JSON payloads compatible with standard key-share formats. Integration typically requires adding H33-MPC as a signing backend in your custody platform's key management module.8 credits, which covers session creation, all party contributions, threshold finalization, and ML-DSA attestation. The free tier includes 1,000 credits per month (125 MPC sessions). For high-volume enterprise usage, volume pricing is available. The 8-credit cost is fixed regardless of the number of parties or rounds in the session.Post-quantum threshold signing with ML-DSA attestation. 8 credits per session. Free tier included.
H33-MPC distributes signing so no single party ever holds a complete key — the responsibility of holding keys, owned by H33-Key. It generates, signs, and reshares under an N-of-M threshold. H33-MPC uses primitives it does not own: each session emits a 74-byte proof H33-74 produces, Verification renders the verdict on that proof, and when a signature authorizes a governed action, that authority is owned by Agent-008. The ML-DSA / FALCON / SLH-DSA families are referenced against their NIST standards, not owned here.