Bitcoin Forum
December 11, 2024, 06:21:14 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Sha-mir backup done securely online ?  (Read 175 times)
Maidak (OP)
Legendary
*
Offline Offline

Activity: 1890
Merit: 1058


Vave.com - Crypto Casino


View Profile
August 08, 2022, 02:38:27 AM
 #1

So doing a shamir backup phrase an then storing the address but I was wondering if theres anyone out there whos got a detailed method on remotely creating a shamir phrase "securely?" was going to be doing 10 of 10 phrases but not quite sure the best method to do this for working strictly remotely ?

ranochigo
Legendary
*
Offline Offline

Activity: 3052
Merit: 4443


Crypto Swap Exchange


View Profile
August 08, 2022, 02:45:26 AM
Merited by pooya87 (3), ABCbits (1), hosseinimr93 (1)
 #2

Generally, you want to create Shamir Shares in a secure environment and that would automatically rule out doing so remotely because that is an entire path for the attacker to exploit. You would first need to ensure that your remote environment is sanitized and your connection is secured.

Afterwards, you would probably want to stick to a known standard, SLIP39 is one that I would recommend. Here's a Python tool that Trezor uses: https://github.com/trezor/python-shamir-mnemonic/. You should try your best to find one that is more refined rather than this but I can't find any other reputable code myself.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
NotATether
Legendary
*
Offline Offline

Activity: 1806
Merit: 7475


Top Crypto Casino


View Profile WWW
August 08, 2022, 05:19:18 AM
 #3

May I ask what is the name of the wallet software that is giving you the backups in the form of Shamir shares? Note that the more parts of the whole you have scattered, the more risk there is that you lose one of them.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
ranochigo
Legendary
*
Offline Offline

Activity: 3052
Merit: 4443


Crypto Swap Exchange


View Profile
August 08, 2022, 06:13:13 AM
 #4

Note that the more parts of the whole you have scattered, the more risk there is that you lose one of them.
That is fine. Shamir Secret Sharing allows full recovery with only a partial number of shares, and that is why it is acceptable for the secret to be split.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Charles-Tim
Legendary
*
Offline Offline

Activity: 1764
Merit: 5252


Leading Crypto Sports Betting & Casino Platform


View Profile
August 08, 2022, 07:47:55 AM
 #5

I have seen Shamir secret sharing to be an option to protect seed phrase, it is true that it has shares (let me regard it as M) part of secret (let me regard the secret as N) that can be used to reconstruct the seed phrase, private key or anything it is used to encrypt, but I do not like the fact that what supposed to be words (seed phrase) encryption is converted to characters like the private key which is difficult to backup. I prefer multisig wallet instead.

May I ask what is the name of the wallet software that is giving you the backups in the form of Shamir shares? Note that the more parts of the whole you have scattered, the more risk there is that you lose one of them.
Assuming you have 7 secrets scattered, but you make it to require just 3 secrets to be used to reconstruct the whole words. If 4 are lost, the remaining 3 can reconstruct the word. So it depends. If it is 7-of-7, you are correct, because the whole 7 secrets would be needed.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
Cricktor
Legendary
*
Offline Offline

Activity: 966
Merit: 1619


Crypto Swap Exchange


View Profile
August 08, 2022, 09:51:58 AM
 #6

So doing a shamir backup phrase an then storing the address but I was wondering if theres anyone out there whos got a detailed method on remotely creating a shamir phrase "securely?" was going to be doing 10 of 10 phrases but not quite sure the best method to do this for working strictly remotely ?

As already said by others, it isn't safe to do it online or in a remote connection. I wouldn't do that. You should use any tool solely in an offline and disposable environment.
I use TAILS for this and don't allow a TOR connection to be active rendering TAILS to be completely offline. After shutdown TAILS has forgotten everything. Import/export of safe scripts and data can be done with an additional USB stick before shutdown of TAILS.

As tools you can have a look at the provided three scripts here: https://iancoleman.io/ (download the scripts, verify, use only the offline versions!)
Or you choose some other verified tools. Electrum e.g. can import SLIP-39 but not create it.

You should thoroughly test your recovery! To my knowledge SLIP-39 is not commonly adopted by other wallets. Trezor T can create and import it, Electrum can only import it. I'm not aware of other wallets to use it.

With 10of10-shares you have no redundancy whatsoever. That makes no sense to me, except that none of the shares reveals any details as a normal non-SSS split-setup would do. You loose any single 10of10 share, you loose all data as you can't recover anymore.

Do you mind to explain your 10-of-10 setup?

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
dkbit98
Legendary
*
Offline Offline

Activity: 2436
Merit: 7634



View Profile WWW
August 08, 2022, 06:16:25 PM
 #7

So doing a shamir backup phrase an then storing the address but I was wondering if theres anyone out there whos got a detailed method on remotely creating a shamir phrase "securely?" was going to be doing 10 of 10 phrases but not quite sure the best method to do this for working strictly remotely ?
I think that doing 10 of 10 split is overkill, but it's still better protection than having just regular seed phrase.
Note that only two hardware wallets support Shamir Secret Sharing, that is Trezor model T and Keystone so you could also use them in your setup.
I would always prefer using more secure way of Multisis setup instead, so you can check comparison I made last year in one of my topics:
https://bitcointalk.org/index.php?topic=5328606.0

That is fine. Shamir Secret Sharing allows full recovery with only a partial number of shares, and that is why it is acceptable for the secret to be split.
But it's also important to say that Shamir Secret Sharing has single point of failure, unlike multisig setup.


█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!