Are there people using Shamir backups

[Somegory]

Just like the saying that "No knowledge is Lost" is the reason why I feel like I should know about this, when I got my airgapped hardware wallet two days ago I chose to use the 12 recovery seed and everything is up and active since then, but what I could not get off my mind is something called shamir backup



I did proceeded but to say the truth I don't know what I am looking at.

There are lessons that I have learned from, that some things are better left alone especially when you don't know what you are looking at or when you have no single clue about them..

Numbers of shares and Threshold? I have no single clue, so I chose to bring it up here, please tell me what this is and what type of extra security that this does, also what type of people need this the most.

[BattleDog]

Shamir backup is basically splitting your seed into pieces, then require a minimum number of pieces to rebuild it. So if you pick 5 shares with a threshold of 3, you can lose up to 2 shares and still recover, but a thief would need to steal 3 of them before they can do anything. It's not multisig and it doesn't change your wallet on-chain, it's just a fancier way of storing the same secret.

People use it when they want redundancy across locations or some light "steal one paper and you get nothing" protection.

The tradeoff is complexity: most losses I've seen over the years came from people getting cute with backups and then not being able to reconstruct them under stress. If you do try it, do a full recovery test once (on a fresh device, with no cameras around) and consider something boring like 2-of-3 with each share stored separately...... otherwise a well-protected standard seed (and maybe a passphrase if you understand it) is honestly fine for most folks.

Cheers

[Charles-Tim]

I know how Shamir was even before it was modified to be words, they were characters before, when after it was modified to be words, I still did not see any reason to use it as I prefer with seed phrase and passphrase, or multisig wallet if 2 or more people are involved. If I can use these, why alternatives.

[hd49728]

Just like the saying that "No knowledge is Lost" is the reason why I feel like I should know about this, when I got my airgapped hardware wallet two days ago I chose to use the 12 recovery seed and everything is up and active since then, but what I could not get off my mind is something called shamir backup

You can read about wallet backup guide.

How to back up a seed phrase?
There are many backup methods and the Generic Shamir's Secret Sharing is one of them but this method has its pitfalls too.
Shamir's Secret Sharing shortcomings

Seed splitting need to be avoided as your backup method too.
Bitcoin Q&A: Why is Seed Splitting a Bad Idea?

[melinoe]

You basically put your seed in shares, each one would be on a card, and if you have at least 2 out of 3, you are good to go and get access to your wallet.

[Ucy]

Looks similar to a multi signature setup, but unlike multisig where 5 people(5 shares, in the case of your device) control 5 different secret keys, your device 5 shamir shares are made of 5 different keys (with each Share having one different key) and all Shares controlled by one person (you) which maybe distributed or shared to different people to keep for you.. A minimum of 3 of the 5 share are needed to access your assets.

*While "Threshold" is probably the length of key in each Share

[hosemary]

You basically put your seed in shares, each one would be on a card, and if you have at least 2 out of 3, you are good to go and get access to your wallet.

Your shamir backup doesn't have to be 2 of 3.
You can choose any number from 1 to 16 for the number of shares and any number from 1 to total shares for threshold.

*While "Threshold" is probably the length/number of keys in each Share or bunch

Threshold is the number of shares that will be required for generating the wallet.

[Cricktor]

What I like about Shamir Secret Shares:

• As long as you have shares below the threshold number, the shares don't reveal anything about the encoded secret. So if you distribute shares over locations and someone finds or peeks at one or few (below threshold) shares, nothing is compromised.
• You can afford to loose shares for whatever reason as long as you have the threshold number of unique shares intact which allows successful recovery.

What I don't like about Shamir Secret Shares:

• It adds complexity.
• Only very few wallets support it.
• It's to my knowledge not really standardized. Yes, I know about SLIP-39, primarily supported by Trezor (Electrum can import, but not create it). I'm certainly missing other wallets that may support it.
• It's way less common than BIP-39.