MetaMask / metamask-extension

:globe_with_meridians: :electric_plug: The MetaMask browser extension enables browsing Ethereum blockchain enabled websites
https://metamask.io
Other
12k stars 4.91k forks source link

enable sharding of seed word #1292

Closed wanderer closed 5 years ago

wanderer commented 7 years ago

using Shamir's threshold secret sharing scheme it would be nice to be able to split my seed pharse in to N pieces. Then I could give those N pieces to trusted friends. In case of an unfortunate event, M (where M < N) of my friends could come together and resemble my seed with M pieces.

danfinlay commented 7 years ago

That's awesome. I just tried real quick, and it seems to work as advertised. We could totally restore a vault with this.

One thing I haven't seen yet is a seed-to-mnemonic function, do you know of one?

wanderer commented 7 years ago

seed-to-mnemonic?

@flyswatter isn't the seed a mnemonic?

danfinlay commented 7 years ago

The example I posted shows what we do to get the seed from the mnemonic. I don't actually know their relationship that well. It probably goes both ways easily, but I don't really know. I'll check the source...

danfinlay commented 7 years ago

Nope, looks like there is a use of the pbkdf2 hashing algorithm to derive the actual seed material from the mnemonic phrase.

https://github.com/bitcoinjs/bip39/blob/master/index.js#L23

danfinlay commented 7 years ago

This just means that while the multi-key system would be capable of recovering the vault, it would not be capable of recovering the original singular mnemonic. Which is probably a good thing, now that I think about it? Prevents reassembling the one true ring, in a way?

danfinlay commented 7 years ago

Meh, I don't actually see a huge benefit. It's just a small downside. Still a super cool export format.

danfinlay commented 7 years ago

The real question is:

Do we try to fit this into the current UI, or do we wait for the new UI, for which we are just now onboarding the new designer?

leafcutterant commented 6 years ago

Ian Coleman already created a tool (shamir39) that takes a bip39 seed, and breaks it into N Shamir secrets which are also encoded as bip39 seeds and can have an arbitrary reconstruction threshold M. You can try it here.

It's a very undervalued tool. And it's either something that Metamask shouldn't bother implementing, or it should because it would be cool to have another implementation of it which is geared towards secure and convenient consumer use.

frankiebee commented 5 years ago

Hey, frankie! I think there is a super interesting moment in metamask where we could prototype something experimental and interesting during the metamask setup here at step 6 of the process.... To be totally upfront we're shopping around for partners from the ethereum community that we can do some exploratory impactful experiements as part of our grant from the Ethereum Foundation. We're currently half way through and have hit all the milestones from 3 months and are in the process of setting up the milestones for the next 3 months. EF have expressed they are interested in these experiements and have declared that it's likely that they will actually be focusing their efforts/funding on scaling as a priority. This being the case we're hoping that some impactful experiements of integrations will help our case in proposing for some more funding. Specifically what I mean by integration here is an opportunity to figrue out if there are other ways of backing up the seed amongst peers using the dark crystal patterns / existing protocols...

ssb message id: %p2zJ7HnBaEC+ZA4NGdSUbLWIyEn1EJyYNZ4euOESKqM=.sha256

frankiebee commented 5 years ago

closing in favor of #6308