What Is a TSS Wallet?
TSSMPCThreshold SignaturesDKLS23Self-Custody

What Is a TSS Wallet?

By VultisigUpdated April 27, 2026

What Is a TSS Wallet?

The best definition is also the most counterintuitive one: a TSS wallet is a crypto wallet where the private key never exists.

Not "stored securely." Not "protected by hardware." Never created.

That's threshold signature cryptography. It's the architecture behind a new generation of seedless wallets that don't have a recovery phrase to lose, steal, or misplace.

TSS vs. What Came Before

Imagine producing a signature without ever holding the pen. Multiple parties each contribute partial work, the math combines their inputs, and a valid signature appears. That's TSS.

Every wallet you've used before this one runs on a private key. The key gets generated, stored, and used to sign transactions. The seed phrase is just a portable representation of that key. 24 words that reconstruct it anywhere, anytime.

That key is the single point of failure. Whoever has it has your funds. Everything else (passwords, hardware chips, 2FA) is a wrapper around that one secret.

TSS takes a different path entirely.

Threshold Signature Scheme (TSS) is a cryptographic protocol where multiple parties collaborate to produce a valid signature, and no single party ever holds (or needs) a complete private key. During signing, your devices combine their key shares to produce a standard signature. The underlying key is never assembled.

The result looks identical to a normal transaction on-chain. No one watching the blockchain can tell you used TSS.

How the Math Works (Simple Version)

You need two locks to open this safe. But neither lock is a traditional key. They're pieces of a formula.

You hold piece one. Your other device holds piece two. When you initiate a transaction, both pieces collaborate to compute a valid signature. The computation happens without either piece ever combining into a complete key.

This is called 2-of-3 threshold signing: any 2 of your 3 devices can authorize a transaction. Lose one device, you still have two. Use those two to reshare the vault to a new device. No funds at risk. No seed phrase needed.

TSS vs. Multi-Signature

Multi-signature (multisig) is the older approach to shared signing. You've probably heard of it in the context of team treasuries or Safe{Wallet}. It works differently.

  • Private key. TSS: never exists. Multisig: multiple keys held by each party.
  • On-chain. TSS: one signature, looks normal. Multisig: multiple signatures visible.
  • Chain support. TSS: works across any chain with ECDSA. Multisig: chain-specific implementation.
  • Change signers. TSS: reshare without moving funds. Multisig: must create new wallet.
  • Transaction fees. TSS: one signature, standard fees. Multisig: multiple signatures, higher fees.
  • Privacy. TSS: indistinguishable from single-sig. Multisig: structure exposed on-chain.

TSS is strictly more flexible. The tradeoff: signing parties have to communicate during the signing process, which adds latency. Software handles this for agentic flows. Humans tap a second device.

The DKLS23 Upgrade

Not all TSS is the same. The protocol matters.

The original production TSS implementations used GG20. It was secure but slow: 6 rounds of communication per signature, plus a known vulnerability in its Paillier encryption component.

Vultisig uses DKLS23 (Doerner, Kondi, Lee, Shelat, 2023). It's the current state of the art. DKLS23 reduces signing to 3 rounds, runs significantly faster than GG20, replaces Paillier with oblivious transfer (no known vulnerability), and supports WebAssembly natively. The implementation has been audited.

The practical difference: on Vultisig, a 2-of-3 threshold signing operation between two phones takes seconds. The cryptographic overhead is invisible.

What This Means for Custody

A TSS wallet is fully self-custodial. Vultisig's servers act as relay infrastructure. They facilitate communication between your devices during signing. They never receive, hold, or see key material.

Your key shares exist only on your devices. If Vultisig's servers disappeared tomorrow, your vault would still function. The signing protocol doesn't require a trusted third party. It requires your devices to talk to each other.

No seed phrase means no static secret for an attacker to steal, phish, or coerce out of you. The attack surface becomes: compromise multiple physical devices simultaneously, in real-time. That's a qualitatively harder problem than stealing a piece of paper.

How Vultisig Uses TSS

Vultisig implements DKLS23 threshold signing across all 30+ supported chains. The same vault, the same key shares on your devices, controls Bitcoin, Ethereum, Solana, THORChain, and the rest.

You set up once. Your key shares distribute across your devices. After that, you sign transactions with any two of your three devices, without ever seeing a seed phrase or a private key.

It's open source. The cryptographic implementation is publicly auditable at github.com/vultisig.

Vultisig is a free, open-source, multi-chain TSS wallet. No seed phrase. No third party. No trust required.
Download at vultisig.com

← Back to Articles