Published on: 2020-03-06T11:11:11+00:00
The email thread discusses the benefits and issues with using Shamir's Secret Sharing as a replacement for paper. A concept has been proposed for creating secret shares using paper computers, which splits a secret encoded in the Bech32 alphabet into 2-of-n shares. However, there are still more issues that need to be addressed before using it for valuable data. The proposed method is experimental and has only been tested with a 10-character "secret" data. It generates shares easily but recovering the secret data is more work. The error correcting code should contain an error correcting code for robust recovery. While this scheme may be workable for some, it requires manual computation, which may lead to errors.The limitations of Shamir split backups are discussed, mentioning that the key can exist plaintext on a device at some point. Non-interactive multisig is suggested as a better solution as it allows signing transactions without having keys in the same room/place/device ever. However, Shamir split backups still have a place in operational security scenarios. The best C-library for Shamir sharding of recovery seeds is available at the Blockchain Commons Github but needs refactoring to be a good standalone library. Air-gapped open-source open hardware for seed creations and Shamir restoration is also being worked on. Verifiable Secret Sharing (VSS) is considered better than Shamir Secret Sharing for seed sharding in the long-term. Bitcoin multisig transactions are recommended as the best solution for self-sovereign recovery of funds. The SmartCustody book offers current best practices for single seed recovery and is now working on v2 of the book, which will cover multisign and fiduciary scenarios.Seed phrase security is a topic of ongoing discussion, with different opinions and security models used by individuals. Paper or metal engraving options are commonly used but act as a single point of failure. Hardware wallets, even those using a secure element, can still be vulnerable to hacking. The Cypherock X1 Wallet offers a potential solution by using Shamir Secret Sharing to split the seed phrase into four different shares, each stored in a PIN-protected card with a secure element. Any two of these four cards are needed to recover the seed or make a transaction, reducing the risk of losing the seed phrase. The storage and computation aspects of this hardware wallet are decoupled, providing added security through distribution. However, Shamir's shares have the issue that the key does exist plaintext on a device at some point. Non-interactive multisig provides an alternative benefit by allowing transactions to be signed without having keys in the same room/place/device ever. Feedback from the community is welcomed regarding the Cypherock X1 Wallet.
Updated on: 2023-08-02T01:52:24.038046+00:00