One MPC Platform, Two Modes to Sign: Cloud-Assisted or Hardware-Grade
A single MPC platform with two modes to sign — mobile + cloud for instant reach, or the preferred mobile + PHSM, the first hardware wallet to run MPC directly on a secure element.
The CrossBar Team
6/10/20264 min read
Crossbar supports both cloud-assisted and hardware-grade signing on a single platform, giving users the flexibility to choose between convenience today and the strongest self-custody model available.
1. A Closer Look at Mode 2: Hardware-Backed MPC
Multi-Party Computation (MPC) has quietly become the backbone of modern self-custody. Instead of one private key sitting in one place — a seed phrase on paper, a file on a phone — an MPC key is split into independent shares held by different parties. Signing happens collaboratively, and the full private key is never assembled, not even for a single instant. There is no complete secret to steal.
Crossbar exposes two modes to sign on one platform. Both protect the key the same way, but they differ in how much trust the user has to place outside their own hands — and on that axis they are not equal. Mobile + PHSM is the more secure mode, and the one Crossbar recommends: both shares stay with the user, and every signature is rooted in dedicated security hardware. Mobile + cloud exists as a lighter-weight option for cases where availability and instant onboarding matter most.
Mode 1: Cloud-assisted signing (Mobile + Cloud). One share on the user’s phone, one co-signing share in the Crossbar cloud. High availability, instant onboarding, and server-enforced policy — ideal for consumer wallets that need to scale.
Mode 2: Hardware-grade signing (Mobile + PHSM). One share on the user’s phone, one inside the PHSM hardware wallet. Both shares are user-held, Crossbar holds none. True self-custody, every signature hardware-backed.
The security gap between the two comes down to where the second share lives. In cloud-assisted signing, the co-signer is software running on a server; in mobile + PHSM, the co-signer is a secure element the user physically holds, so there is no cloud component to compromise, subpoena, or take offline. That is why it is the preferred mode for anyone protecting meaningful value. Teams that need a gentle start can still onboard on cloud-assisted signing and later upgrade to a PHSM co-signer through key resharing — no new wallet, no moved funds, just a stronger trust model.
The cloud-assisted mode is powerful and familiar. The hardware mode is where Crossbar does something the rest of the industry hasn’t: PHSM is the first hardware wallet to run MPC directly on a custom secure element. That distinction is worth unpacking, because it changes what “hardware wallet” actually means.
The core idea is that, in Mode 2, the PHSM key share is generated within the secure hardware and never leaves the device. Rather than exporting a key to software for signing, the PHSM performs its portion of the MPC protocol directly within the chip and outputs only a partial signature. The mobile device then completes the signing process over Bluetooth Low Energy (BLE). At no point does either device — or any server — have access to the complete private key.
Why Most Hardware Wallets Fall Short
Crossbar’s hardware team identified two structural weaknesses in nearly every hardware wallet on the market today. First, almost all of them rely on off-the-shelf general-purpose microcontrollers — the same STMicro-class chips found in countless other products — which perform cryptography in firmware with no dedicated hardware acceleration. That means slower operations and weaker security guarantees. Second, those chips store secrets in charge-based nonvolatile memory like EEPROM or NOR Flash, which is vulnerable to physical extraction: with advanced electron microscopy, an attacker can partially or fully read out what’s stored.
A general-purpose chip was never designed to be the vault for someone’s life savings. PHSM was.
What’s Different About PHSM?
Built by an experienced IC design team, PHSM uses a custom secure core purpose-built for blockchain workloads. Four things set it apart:
On-die crypto acceleration. MPC and signing run on dedicated hardware, not firmware — faster and far harder to tamper with.
ReRAM secure storage. Secrets live in ReRAM, a nonvolatile memory that resists the microscopy attacks that defeat EEPROM and Flash.
22nm fabrication. Built on an advanced 22nm node — several generations ahead of competitors still shipping on legacy 40nm processes.
FIDO2 + general storage. Beyond MPC, PHSM is FIDO2-certified for passwordless authentication and also functions as secure general-purpose data storage.
Put together, the result is a device where the secure element doesn’t just hold a key — it actively participates in the signing protocol while keeping its share sealed inside hardened silicon. The key share is created on-chip, used on-chip, and backed up to an offline NFC card the user keeps. Crossbar has zero access to any of it.
2. True Self-custody, By Construction
In the hardware configuration, the architecture is deliberately lopsided in the user’s favor. Share #1 lives in the phone’s Secure Enclave, passkey-derived and device-bound. Share #2 lives in the PHSM secure element. Both backups are user-controlled too — the mobile share to the user’s own encrypted personal cloud, the PHSM share to that offline NFC card. Crossbar holds zero shares and zero backups. Daily signing needs no Crossbar participation at all, and because every team member can carry their own phone-plus-PHSM pair, the same model scales cleanly to multi-user, team-managed wallets.
3. The Platform Underneath Both Modes
Whichever mode a wallet chooses, it inherits the same platform engineering. A mnemonic-compatible MPC option solves one of MPC’s oldest headaches, restoring BIP32/39 interoperability so users can move between wallet ecosystems instead of being locked in. Key rotation and resharing let participants be added, removed, or swapped — including upgrading from cloud to PHSM — without ever migrating the wallet. And an optional, server-enforced transaction policy layer adds address whitelisting with time delays and USD spending limits — protections that activate only when a user wants them.
Two modes to sign, one platform — but not two equals. Mobile + cloud is there when reach and availability come first; mobile + PHSM is the more secure, recommended mode, and the reason is the hardware: a real secure element, not a repurposed microcontroller, sitting at the center of self-custody and signing with a share that never leaves the chip.
— The CrossBar Team