Getting your Trinity Audio player ready... |
Would you like to secure your Bitcoin stash like Satoshi Nakamoto did? It’s not as difficult as you might think.
SecretSlices.com is a simple, one-page browser app from SmartLedger that lets any user encrypt a secret and divide it into shares (“slices”) using Shamir’s Secret Sharing algorithm. The secret can only be decrypted and restored when a certain number of shareholders pool their information, keeping passwords, passphrases, or private keys safe by distributing them.
You can think of Shamir’s Secret Sharing (SSS) as a locked box with multiple keys. One key cannot open the box, and a single key reveals nothing about the original secret’s contents. The idea is that the keys to the locked box are given to separate people who can be anywhere, but the box can only be reopened when they bring their keys together.
According to court witness testimony, SSS was used to split access to some of the earliest Bitcoin wallets between multiple individuals, each located in a different part of the world.
The SSS algorithm divides the original secret into several key shares/slices the user sets. The user can also set the minimum number of shares required to reach a “threshold” (or quorum) to unlock the secret. In this way, it’s a bit like a multi-signature wallet. Not every single shareholder needs to pool their information, but to be secure, it should be more than one.
Splitting keys and setting a threshold means a single key shareholder can’t go rogue and steal the secret, and there can also be protection against a single holder dying or becoming incapacitated, or otherwise losing their keys. SSS isn’t a perfect system, but it’s a lot safer than trusting everything to one person.
👀📷 https://t.co/YUXHKm8zrU is now 100% browser-based for your privacy and protection. Furthermore, #BSV #onchain version available at the bottom of the app, for your pleasure and future-proof ability.@Codenlighten1 @Smart_Ledger
— Codenlighten (@Codenlighten1) March 7, 2024
Speaking to CoinGeek, SmartLedger’s Greg Ward said he built the SecretSlices app so ordinary users could use a more sophisticated method to secure assets and information.
“The motivation behind building SecretSlices.com was multifaceted. Above all, I am deeply committed to enhancing privacy and accountability within the blockchain space. The ability to creatively manage authority and execute actions through a distributed group of shareholders opens up numerous possibilities, from managing trusteeships to other collaborative decision-making processes.”
How do you use SecretSlices?
SecretSlices.com makes it all pretty easy for you. In fact, loading the site even auto-generates a 12-word English-language passphrase for you. You can change that to a random alphanumeric string if you prefer.
From there, all you need to do is select how many shares you’d like to divide the master key into and how many of those shares you want to require as a minimum threshold for recovering the secret (i.e., the master key). For example, if you create 10 shares, you can set 8 as the minimum, or two, or five… or all ten.
SecretSlices then presents you with lines of JSON code representing each key share/slice, which you can copy/paste into separate text files. You can also ask it to simply download separate files for each one, which you can then distribute to each trusted holder.
To recover the information, just copy the individual lines of JSON code into SecretSlices’ Recovery text box. The order in which you paste the slices doesn’t matter, as it will still return the initial secret.
Using this method, it’s necessary for a single user to have access to the entire set of shares at this initial stage, so for it to be truly secure, you’d have to have witnesses or trust the person setting it up to ensure someone isn’t keeping a complete copy of the share files in one place. Note that this is a weakness with Shamir’s Secret Sharing technique itself, not the SecretSlices app.
What can you use SecretSlices to protect?
Ward said he has tested SecretSlices with longer texts, the longest being the original Bitcoin white paper—though most would probably use it on something much shorter than that. It also supports up to 255 key shares/slices, so there’s plenty of flexibility for different security needs and scenarios.
What you use SecretSlices for is entirely up to you. Access to a Bitcoin/blockchain wallet is probably the most obvious one for CoinGeek readers, though it could also be used to split ordinary passwords, entire documents, or access to other assets.
Ward said future interactions with the service may include suggestions on other ways to use it.
“While I believe the platform is relatively straightforward to use, I recognize the importance of continuous improvement, especially in making it more accessible to newcomers. Future updates will focus on enhancing user guidance and demonstrating the applicability of Shamir Secret Sharing in various contexts,” said Ward.
SecretSlices is browser-based and open-source. There’s also an on-chain version. You can examine the code on GitHub here. Ward said he initially considered creating a server-based version, but having each user’s browser use the open-source code instead provided greater transparency and user control.
“To maximize security and functionality, I’ve also incorporated crypto-js encryption and
Bitcoin SV libraries into both the single HTML file of our browser-based application and the on-chain transaction version. This ensures the integrity and extensibility of the solution.”
This approach, he added, allows users to inspect the code directly and rely on a tested on-chain version for future dependability. The link to the on-chain version can be found at the bottom of the application’s webpage.
What if you need to recover the secret you split, but the SecretSlices website isn’t available at some point in the future? It can still be done, provided you have the requisite minimum threshold number of shares. Since it’s based on the Shamir algorithm, which is widely available, it’s a pretty safe and future-proof method since there will always be some way to recover the information.
Try SecretSlices for yourself a few times on some non-important material first to get a feel for how it all works, and then use it on something of crucial importance. Not only is it effective, but you’ll also feel a sense of street cred from using similar esoteric cryptographic techniques Satoshi Nakamoto used to lock up the original Bitcoins back in 2009. Just make sure you remember who has the key slices and where in the world those people are, and you can guarantee some of you will be able to come together again at some point.
Watch: Bitcoin wallets for individuals and businesses