Multi-party computation (MPC) wallets use a class of cryptographic protocols to let several parties jointly produce a signature without ever assembling the private key in one place. Each party holds a share of the key; signing requires a threshold of parties to participate.
Compared to multi-sig:
- MPC produces a single on-chain signature, chains and dApps see a normal address, not a smart contract.
- It works on chains that don't support smart-contract wallets natively (Bitcoin, some Cosmos chains, etc.).
- Key share rotation does not change the wallet address.
- It does not leave an on-chain governance trail the way Safe does.
Trade-offs: MPC implementations are cryptographically subtle and have shipped real bugs (biased nonces, weak randomness, recovery-path bypasses). Multi-sig is more transparent on-chain; MPC is more flexible operationally. The right answer depends on the operational and threat model, not on which is "better" in the abstract.