In crypto currencies, it is common practice to choose a single master key for the ECDSA digital signature and to derive multiple keys from that key. This has the advantage that it suffices to back up a single key, and yet many keys can be derived for the purpose of holding different accounts and having different addresses. This derivation takes for input a private derivation key (for example an ECDSA private key) and a public derivation string (which can be modified to obtain multiple different keys), and outputs a new key pair (private key and public key), sometimes an ECDSA key pair. An ECDSA key pair is of the form (Q,x) where Q is the public key, x is the private key, and Q=x·G where G is the generator (or base point) of the Elliptic curve being used. One particular standard for this is the BIP032/BIP044 derivation method.
In some cases, there is no single entity who holds the master key or any subsequently derived keys, and there is a set of parties who share the key, and they compute the ECDSA signature needed to transfer funds using secure multiparty computation (MPC); also known as threshold ECDSA signatures. In this case, the parties also use MPC in order to compute the derivation key, since the aim is that no key is ever held by any single party at any time. In this MPC, each party inputs its share of the key that is being used in the derivation, and the parties receive as output the shares of the new derivation key. This derivation can be achieved using standard known MPC techniques like garbled circuits for two parties or authenticated garbling of the BMR circuit for many parties. However, MPC does not prevent parties from changing their local inputs. In such a case, a malicious party can input an incorrect share of the derivation key and the result would be a derivation key that is a valid ECDSA key, but cannot be reconstructed from the master key. Thus, if the key shares are lost, then the backup master key cannot be used to recover the private key, resulting in the cryptocurrency that is protected by that key being permanently lost.