Ask anyone who lost coins in an exchange collapse what went wrong and you will eventually arrive at one sentence: someone had the keys. The whole problem of crypto custody is that a private key is a single secret that controls everything, and a single secret is a single point of failure — to steal, to lose, or to seize. Multi-party computation, or MPC, is the engineering answer that the institutional side of the market settled on, and a patent the U.S. Patent and Trademark Office issued to Nasdaq on April 28, 2026 (U.S. Patent No. 12,615,147) is an unusually clean window into how it works — and, more usefully, where it can still break.

Start with the core idea, because the marketing tends to obscure it. In an MPC custody system there is no moment, anywhere, when a complete private key exists. The key is generated as a set of mathematical shares, each held by a different node, and those nodes run a joint protocol that produces a valid signature on a transaction without ever bringing the shares together into one key. If an attacker compromises one node, they get a share, which on its own is useless. That is the entire pitch: you replace "guard the secret" with "there is no whole secret to guard."

"A system includes a primary asset custody subsystem in a first cloud computing data center and a backup asset custody subsystem in a second cloud computing data center different from the first cloud computing data center."

Nasdaq's patent does not claim MPC itself — that prior art is deep — but a specific, deeply practical sub-problem: disaster recovery. What happens to your custody system when the data center holding your primary MPC cluster catches fire, floods, or simply goes dark? You need a backup in a second location. But a naive backup re-introduces exactly the risk MPC was built to eliminate: if you copy the key shares to a second site in the clear, you now have the secret sitting in two places, doubling the attack surface and creating a tempting target in transit.

Here is how the grant threads that needle. The system defines a primary custody subsystem in one cloud data center and a backup subsystem in a second, geographically distinct one. Each asset owner gets its own cluster of MPC nodes in both. To replicate a share safely, every backup node first generates an export public/private key pair and sends only its export public key over to the primary side. Each primary node then encrypts its private-key share using the corresponding backup node's export public key, and ships the encrypted blob across. Only the matching backup node — holding the matching export private key — can decrypt its share. The plaintext share never travels; it is re-wrapped specifically for one recipient and unwrapped only there.

The elegance is that the backup is built without any party ever seeing a key it shouldn't. The primary cluster never learns the backup's export private keys. The transport layer carries only ciphertext that is useless to anyone but the intended node. And the reconstructed backup shares sit ready so that if the primary subsystem fails, the backup cluster can take over signing — preserving both the security model and business continuity. Forget the ticker; this is the kind of plumbing that determines whether a custodian survives an outage without either losing access to assets or quietly centralizing the secret to stay online.

It helps to name what MPC is not. It is not the same as multi-signature, where several independent on-chain keys must each sign and the blockchain itself enforces the threshold. With multisig, the chain sees multiple signatures and multiple keys. With MPC, the chain sees one ordinary signature from one ordinary address; the splitting happens off-chain, invisible to the protocol. That has real consequences: MPC works identically across chains that have no native multisig, it is cheaper on-chain, and it leaks less about your custody arrangement to outside observers. The trade-off is that the security now lives entirely in the off-chain protocol and its operators rather than in the transparent rules of the chain.

Which is exactly where a document-first reader should put their attention. MPC removes the single-key failure, but it does not remove trust — it relocates it. The new questions are: who runs the nodes, and are they genuinely independent? The patent is careful to place the primary and backup subsystems in different data centers, which defends against a regional disaster but says nothing about whether the same operator controls both. If one organization runs every node, a sufficiently deep insider or a sufficiently broad compromise can still reach a signing threshold. The cryptography is only as good as the independence assumption underneath it.

The export-key handshake is another place to look hard. The whole backup scheme rests on each export public key truly belonging to the node that claims it; if an attacker can substitute their own export public key during the exchange, the primary side would happily encrypt a share straight to the attacker. The grant's CPC tags — H04L 9/0894 and H04L 9/0825 for key distribution, H04L 9/3247 for digital signatures, and the blockchain-specific H04L 9/50 — signal that the authentication of those export keys is doing quiet but load-bearing work. A reader evaluating any custodian's MPC claims should ask how export and share keys are authenticated, not just that they are encrypted.

None of this is a knock on the design. It is a good design, and the fact that an exchange operator filed and obtained it is itself a signal: the institutional market now treats custody resilience as patentable infrastructure rather than a configuration detail. But the value of reading the actual grant — rather than a press release about it — is that it lets you separate what the mechanism guarantees from what it merely assumes. MPC guarantees no single compromised node yields the key. It assumes the nodes are independent, the export keys are authenticated, and the operators are honest. When a custodian tells you assets are 'secured by MPC,' those three assumptions are the questions that actually matter.

So the next time a platform says your coins are safe because there is 'no single point of failure,' you now have the mechanism to check the claim. Ask where the shares live, who runs the nodes, how they are backed up across regions, and how the keys that protect the backup are themselves authenticated. Nasdaq's patent answers the backup question in admirable detail. The rest of the answer is operational, and it is the part the document quietly hands back to the humans running the system.