Bitcoin Forum
December 10, 2019, 04:34:35 AM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [suggestion] Shamir plugin  (Read 97 times)
AltcoinBuilder
Copper Member
Jr. Member
*
Offline Offline

Activity: 70
Merit: 5


View Profile WWW
November 27, 2019, 10:51:43 AM
Merited by ETFbitcoin (1)
 #1

Would be nice if someone try to build a shamir  plugin.
Python source code is on the internet: https://pypi.org/project/shamir/ and only need someone familiar with electrum plugin development to do it.
 
  

1575952475
Hero Member
*
Offline Offline

Posts: 1575952475

View Profile Personal Message (Offline)

Ignore
1575952475
Reply with quote  #2

1575952475
Report to moderator
1575952475
Hero Member
*
Offline Offline

Posts: 1575952475

View Profile Personal Message (Offline)

Ignore
1575952475
Reply with quote  #2

1575952475
Report to moderator
1575952475
Hero Member
*
Offline Offline

Posts: 1575952475

View Profile Personal Message (Offline)

Ignore
1575952475
Reply with quote  #2

1575952475
Report to moderator
Transactions must be included in a block to be properly completed. When you send a transaction, it is broadcast to miners. Miners can then optionally include it in their next blocks. Miners will be more inclined to include your transaction if it has a higher transaction fee.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1575952475
Hero Member
*
Offline Offline

Posts: 1575952475

View Profile Personal Message (Offline)

Ignore
1575952475
Reply with quote  #2

1575952475
Report to moderator
1575952475
Hero Member
*
Offline Offline

Posts: 1575952475

View Profile Personal Message (Offline)

Ignore
1575952475
Reply with quote  #2

1575952475
Report to moderator
1575952475
Hero Member
*
Offline Offline

Posts: 1575952475

View Profile Personal Message (Offline)

Ignore
1575952475
Reply with quote  #2

1575952475
Report to moderator
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 770
Merit: 3050


Decent


View Profile
November 27, 2019, 01:34:41 PM
 #2

I'm not sure that's a great idea. As the majority of people who are using Electrum are doing so on a non-airgapped machine, doing this might encourage people to input or otherwise access their seeds on an internet connected computer, which is a big security risk. Similarly, the secrets they generate would then be on an internet connected machine. This is the same risk as generating a paper wallet on a non-airgapped machine.

You can obviously never stop doing people doing this, but we shouldn't be encouraging it. Better to download and run a generator offline, such as https://iancoleman.io/shamir/.

Abdussamad
Legendary
*
Offline Offline

Activity: 2310
Merit: 1218



View Profile
November 27, 2019, 01:56:46 PM
 #3

a non-airgapped computer is a networked computer and how can using the features of electrum result in seed compromise? what you said  doesn't make sense.
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 770
Merit: 3050


Decent


View Profile
November 27, 2019, 02:06:26 PM
 #4

a non-airgapped computer is a networked computer and how can using the features of electrum result in seed compromise? what you said  doesn't make sense.
If there is a plugin which either asks for you to type in your seed or takes your seed from your Electrum wallet, and splits it in to 3 or 5 or whatever parts, and then displays those parts as text or creates a number of files, all while being non-airgapped (i.e. connected to the internet), then you are at risk of losing your seed to malware which could copy or transmit your "secrets" via the internet. This is the exact same reason why we tell people never to generate a paper wallet on an internet enabled device.

My point was that generating your secrets on an internet-connected device is not a smart idea, and I feel an Electrum plugin would encourage that.

Abdussamad
Legendary
*
Offline Offline

Activity: 2310
Merit: 1218



View Profile
November 27, 2019, 02:49:17 PM
Merited by ETFbitcoin (1)
 #5

a non-airgapped computer is a networked computer and how can using the features of electrum result in seed compromise? what you said  doesn't make sense.
If there is a plugin which either asks for you to type in your seed or takes your seed from your Electrum wallet, and splits it in to 3 or 5 or whatever parts, and then displays those parts as text or creates a number of files, all while being non-airgapped (i.e. connected to the internet), then you are at risk of losing your seed to malware which could copy or transmit your "secrets" via the internet. This is the exact same reason why we tell people never to generate a paper wallet on an internet enabled device.

My point was that generating your secrets on an internet-connected device is not a smart idea, and I feel an Electrum plugin would encourage that.

Electrum itself generates your seed and electrum plugins have access to everything electrum does. Plugins are included with electrum and they are coded by the same developers that make electrum. You don't download them from third parties. So IDK see what the problem is.

@OP you could make a feature request on github. there are some similar requests there: https://github.com/spesmilo/electrum/issues/5419 & https://github.com/spesmilo/electrum/issues/5418
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 770
Merit: 3050


Decent


View Profile
November 27, 2019, 04:02:57 PM
 #6

Because at some point after splitting your seed in to a number of secrets, those secrets either have to be displayed on screen for you to copy by hand or saved in a file(s) for you to distribute/print, both of which could be accessed by malware and transmitted to a third party if the computer has an internet connection. When generating a paper wallet, it should be done on an airgapped computer in case malware accesses your seed. When generating a secret, it should be done on an airgapped computer in case malware access your seed or secret.

My issue isn't with Electrum, it's with what happens after Electrum has produced your secret. This should be done in an offline environment, and having a simple button to press that says "Generate a 3-of-5 secret for my seed" or similar will encourage people to do so on an internet enabled computer.

HCP
Legendary
*
Offline Offline

Activity: 1176
Merit: 1986

<insert witty quote here>


View Profile
November 27, 2019, 08:24:32 PM
 #7

Because at some point after splitting your seed in to a number of secrets, those secrets either have to be displayed on screen for you to copy by hand or saved in a file(s) for you to distribute/print, both of which could be accessed by malware and transmitted to a third party if the computer has an internet connection. When generating a paper wallet, it should be done on an airgapped computer in case malware accesses your seed. When generating a secret, it should be done on an airgapped computer in case malware access your seed or secret.
I think the point that Abdussamad is making is that when initially creating your Electrum wallet... the Electrum seed is displayed on the screen... AND you have to then type it back into the computer to complete the process.

Quote
My issue isn't with Electrum, it's with what happens after Electrum has produced your secret. This should be done in an offline environment, and having a simple button to press that says "Generate a 3-of-5 secret for my seed" or similar will encourage people to do so on an internet enabled computer.
So, in effect... your issue IS with Electrum... as it is already doing what you're saying a plugin should not. And I would suspect that most Electrum users are NOT using it in an offline air-gapped way to generate their seeds. Undecided

Having a plugin to generate Shamir shares isn't likely to change that... and would not be doing anything or encouraging any behaviour that Electrum doesn't already.


NOTE: Don't get me wrong... I agree, people should be creating their Electrum seeds/wallets offline to mitigate risk... but I suspect the majority don't.

pooya87
Legendary
*
Online Online

Activity: 1848
Merit: 2106


Remember tonight for it's the beginning of forever


View Profile
November 28, 2019, 04:56:55 AM
 #8

Having a plugin to generate Shamir shares isn't likely to change that... and would not be doing anything or encouraging any behaviour that Electrum doesn't already.

it could give users a false sense of security that if they use Shamir's "secret" sharing algorithm and split their hot wallet's secrets their security is increased whereas it really isn't.
of course if it is added as a plugin which is more like opt-in features that you have to explicitly enable and use, then it could mitigate that to some extent.

HCP
Legendary
*
Offline Offline

Activity: 1176
Merit: 1986

<insert witty quote here>


View Profile
November 28, 2019, 05:12:01 AM
 #9

One could probably argue that the security of the backup is increased... as without the minimum number of pieces, you can't access the seed mnemonic and restore the wallet. (assuming the pieces are stored separately in safe and secure locations etc)

However, I would agree that the overall security of the wallet is essentially the same if it was all done (wallet creation + shamir split) on an online machine.

pooya87
Legendary
*
Online Online

Activity: 1848
Merit: 2106


Remember tonight for it's the beginning of forever


View Profile
November 28, 2019, 05:36:29 AM
 #10

One could probably argue that the security of the backup is increased... as without the minimum number of pieces, you can't access the seed mnemonic and restore the wallet. (assuming the pieces are stored separately in safe and secure locations etc)

if increasing the "security of the backup" is the goal then a better solution is to use an encryption technique* that is also already available in Electrum's code so there is no need for any new code being added. meaning they should just expose a GUI option for user to get the seed that is encrypted using AES256 that Electrum uses for seeds and wallet files already.

* Shamir algorithm is mainly for "sharing" secrets whereas encryption is for increasing security of what you store which is what most users would be looking for.

Abdussamad
Legendary
*
Offline Offline

Activity: 2310
Merit: 1218



View Profile
November 28, 2019, 11:47:40 AM
Merited by hugeblack (1)
 #11

There's already a way to split the backups between multiple locations, people and/or devices. It's called a multisig wallet and electrum has supported it for years but few users take advantage of it. In some ways it's safer than using SSS because you don't have to reconstitute all the keys on the same device at any point in time. They can remain on different devices and you simply pass around partially signed transactions for signing.

The downside of multisig over SSS is that it costs more in transaction fees than SSS since multisig transactions tend to be larger than single sig ones.
pooya87
Legendary
*
Online Online

Activity: 1848
Merit: 2106


Remember tonight for it's the beginning of forever


View Profile
November 29, 2019, 05:56:40 AM
 #12

The downside of multisig over SSS is that it costs more in transaction fees than SSS since multisig transactions tend to be larger than single sig ones.

not for long though!
as soon as we get Schnorr signatures and the accompanying MuSig which is basically taking advantage of the signature aggregation feature of Schnorr algorithm, the cost of transactions that require multiple signatures will reduce (ie. become smaller than a tx with single signature)!
how? by being a SegWit transaction (probably version 2 address) and also getting rid of the stupid DER encoding for signatures that makes them smaller and obviously only having 1 aggregated sig!

hugeblack
Hero Member
*****
Offline Offline

Activity: 896
Merit: 936


For ReNt


View Profile
November 30, 2019, 09:58:25 AM
 #13

@OP you could make a feature request on github. there are some similar requests there: https://github.com/spesmilo/electrum/issues/5419 & https://github.com/spesmilo/electrum/issues/5418
The biggest winner of this plugin is altcoins so Electrum is not the best place to suggest it (feature request.) Multi-sigs win when we compare them to Shamir’s Secret Sharing (SSS,) but multi-party computation (MPC) can make a difference (does not require the parts to be reassembled on a single device.)
You still need to make a signature using multiple signatures, so MPC can be used to enhance the security of multiple signatures keys.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!