Trezor, the popular hardware wallet, announced support for Shamir’s Secret Sharing Scheme (SSSS) . With this technique it is possible to encrypt a seed phrase and divide it into several parts without access to the complete seed phrase with one of the parts.
One of the most important aspects of managing bitcoins is keeping the seed phrase safe . This series of (usually) 12 or 24 words is, as it were, a kind of password with which to gain access to the bitcoins. Anyone who has the private key can do whatever he or she wants with the bitcoins. Protecting a private key is therefore very important to ensure that your bitcoins are safe against theft or loss.
Many people save their seed phrase by writing it down with an old-fashioned pen and paper. That way it is impossible for a hacker to access it, and as long as the words of the private key are never typed on a computer, this will in principle remain the case.
However, this method also harbors security risks. Because what if a fire breaks out and your handwritten seed phrase is lost? And what to do in the event of a burglary or robbery in which the seed phrase is captured?
It is therefore not always safe to store a seed phrase in only one place. Many people therefore choose to keep an extra backup in another place, for example with a trusted third party such as a family member.
But when you keep backups in multiple places, the risk of losing or stealing one of them also increases. After all, there are then several copies of the seed phrase with which something could possibly happen. Moreover, full access to the bitcoins can be obtained with one of the backups, and that requires a lot of trust in the possible third party.
Fortunately, cryptographer Adi Shamir already came up with something about this in 1979. With Shamir’s Secret Sharing Scheme (SSSS) it is possible to encrypt a seed phrase and divide it into several parts ( shares ) without access to the full seed phrase with one of the parts.
To gain access to the seed phrase, predetermined conditions must be met. For example, a condition that at least two of the three parts are needed to decrypt the seed phrase backup. To get an idea of exactly how that works, you can take a look at this website, where you can try SSSS yourself.
At first glance, this looks a bit like MultiSig. The big difference, however, is that with MultiSig you always have to sign with several private keys to make a transaction, while with SSSS the various components are only needed when the backup is needed.
As long as your seed phrase has not been lost to unforeseen circumstances, you can continue to use it as usual and in its original form. Only when that is the case do you use the various parts of Shamir’s Secret to restore a backup of the seed phrase.
That way your pseed phrase backups are safe and nobody can access them unless they have multiple parts. This therefore requires that a malicious person must have at least two of the parts in order to be able to do something. The maximum number of parts into which a seed phrase can be divided via SSSS is 16. The user decides how many of these parts are needed to restore the backup of the seed phrase.
In addition to being an extra security measure against loss or theft, SSSS can also be used, for example, to give any next of kin access to funds in the event that something happens to the owner.
The Trezor Model T is the first hardware wallet to support SSSS, once again proving Trezor to be at the forefront of bitcoin innovation. Other hardware wallets will no doubt follow suit.
