HSM and MPC — it’s not one “versus” the other
The marketing in our industry surrounding HSM and MPC technology has resulted in confusion and an unnecessary sense of competition where there should not be one. HSMs and MPC are orthogonal to each other, in that they do different things, and are often in fact used in combination. One is not “better” than the other, instead, each fills a role in a specific use case.
MPC is a method of bringing together key shards to sign a transaction and has advantages over more classic multi-signature (“multi-sig”) signing. MPC is used in the case that the client wants to hold a part of their private key (a “shard” or a “share”), in addition to the part(s) held by the custodian. Copper says that they can have one shard, the client can have one shard, and the client’s law firm can have one shard, for example. This prevents the custodian from misusing the key, and makes the key effectively impossible to steal from either party, but increases the total responsibility for the safekeeping of the key.
HSMs are hardware that allow the safe and controlled decrypting of private keys. HSMs are often marketed as a better way to do “cold storage”, since they allow faster decryption of private keys and thus more real-time access to assets. The largest “drawback” of HSM as described in the MPC marketing is that keys are held in a single central location, and can be made to sign transactions that they shouldn’t be signing — hence the custom business logic that requires biometric authentication.
In short, HSMs are great if managed securely, but require caution around the interaction with the HSM (telling it when to sign transactions). MPC allows you to not have the key existing in a single place, but then requires many instances of secure custody of the pieces. MPC might improve security, but increases the risk that shards are lost, as they still need to be custodied somewhere.
For clients that trust their custodian fully and do not hold any part of their private key, it does not make sense for their custodian to use MPC. Finoa mimics the multi-user-approval feature of MPC without creating a risk that one of the key shards is lost, by using logic built on top of the HSM.