Bitcoin Forum

I want to use Shamir's Secret Sharing algorhythm to make a paper wallet in a way some risks are lowered : paper wallet lost, burnt or stolen.

My first idea was to use https://encryptedbitcoinwallet.com/ with 5 shares and 3 required and then to set in 5 envelopes one share with the secret and one bip38 paper wallet.

But i do not see clearly the benefit of sharing a passphrase versus directly sharing the bitcoin private key.

If someone could clear my mind on the subject.

Maybe... What is the right section ?  :-\

Great idea. So like a m/n armory seed backup just for a single key. I don't think there is a special tool for it yet.

In regards to BIP38 (AFAIK the encrypted paper wallets): For a long time I did not see the benefit. However, I think these are awesome in case that you can only use an insecure printer. e.g. create wallets offline and then take them to a insecure by usb stick as a .pdf. Write the PW onto the wallet after printing. I guess there are other good use-cases but I don't know them.

BIP38 + strong passphrase shared using shamir's secret scheme. Your bitcoins can't be stolen and you can't lost them if you correctly store shares of passphrase and bip38 paper in different places.

If you are using SSS then I would share the private key directly.  For added security one or more custodians could then encrypt their share.

SSS can be complex to implement.  If you are looking for a simpler solution you could just XOR two or more "subkeys".  This provides no direct redundancy but you could create duplicates for partial redudnacy (i.e. A, A, B, B and you need at least one A and one B to create the full key).   Still at this point with multisig tools getting better personally I would just create two or more BIP38 addresses.

Then create a single P2SH address using those BIP38 addresses and fund that.