Key Takeaways
- Shamir backup (Shamir’s Secret Sharing) is a cryptographic method that enhances the security of cryptocurrency wallets by splitting the recovery seed into multiple shares.
- It offers superior protection against loss and theft compared to traditional single seed backups.
- Shamir backup allows users to set a threshold of required shares for wallet recovery, providing flexibility and redundancy.
- Hardware wallets like Trezor are implementing Shamir backup, making it accessible to crypto users.
- Secure storage solutions like Coinplate provide durable, physical backups for Shamir shares.
Introduction
As cryptocurrencies continue to gain popularity, the need for secure storage solutions for private keys and seed phrases has become paramount. One innovative approach to enhancing the security of crypto assets is the Shamir backup method, sometimes called Multi Share Backup. This article will discuss what Shamir backup is, how it works, and why it’s an essential tool for crypto enthusiasts and investors alike.
Understanding Shamir Backup
Shamir backup, based on Shamir’s Secret Sharing algorithm developed by Adi Shamir in 1979, is a cryptographic technique that allows users to split their wallet’s recovery seed into multiple unique shares. This method addresses the two most common risks associated with protecting wallet backups: theft and loss.
The core principle of Shamir backup is that it enables users to create multiple recovery shares, specifying a set number (known as the threshold) needed to recover the wallet. For instance, in a 2-of-3 Shamir backup scheme, three unique shares are created, any two of which can be combined to recover the wallet. This means that if one share is lost or stolen, the wallet remains safe and accessible with the remaining shares.
The Mechanics of Shamir Backup
Recovery Shares
Recovery shares in Shamir backup are similar to the BIP39 recovery seed generated during a single backup process. Each share is a sequence of 20 (or less commonly 33) English words carrying a part of the cryptographic secret. When the required number of shares (meeting the threshold) are combined, they create the master secret (seed) needed to recover a wallet.
One full Shamir Backup with three recovery shares might look something like this:
dive traffic acrobat leader parcel survive manager sharp deliver fact galaxy quantity carpet verify numerous shrimp impulse graduate slap timber fumes much meaning
dive traffic beard leader music bishop again surface python yelp surprise debris secret triumph browser false alive prevent huge mama downtown manual package
dive traffic ceramic leader slice change lily crush craft gravity trend random race priority news wine necklace obesity lyrics lamp muscle home crowd
It’s important to note that the first three words of each share serve specific purposes:
- The first and second words are identifiers, helping you recognize that these shares belong to the same backup.
- The third word encodes the group index used in Super Shamir Backup schemes.
Thresholds
The threshold is the predetermined number of shares necessary to recover a wallet. When generating a new wallet with Shamir backup, you set this threshold according to your needs. For example, if you create a Shamir backup consisting of three recovery shares and set the threshold to “2/3”, you’ll need any two of the three shares to reconstruct the wallet.
The SLIP-39 Word List
Shamir backup uses a specific word list defined by the SLIP-39 protocol. SLIP39 word list contains 1024 common English words (plus “satoshi”) that are easy to store and remember. The list has been carefully composed with several key features:
- All words are between 4 and 8 letters long
- Words are alphabetically sorted
- Each word begins with a unique 4-letter prefix
- The minimum Damerau-Levenshtein distance between any two words is at least 2
- The similarity between the pronunciation of any two words has been minimized
This means SLIP39 has similar characteristics to the standard BIP39 word list. But one has to remember that they use different sets of words (only some of them are on both lists).
Advantages of Shamir Backup
Shamir backup offers several significant advantages over traditional single-seed backups:
- Enhanced Security: By distributing the recovery information across multiple shares, Shamir backup reduces the risk of a single point of failure.
- Protection Against Loss and Theft: Even if some shares are lost or stolen, the wallet can still be recovered as long as the threshold is met with the remaining shares.
- Flexibility: Users can create various backup schemes (e.g., 3-of-5, 5-of-8) to suit their specific security needs and risk tolerance.
- Redundancy: The ability to create more shares than needed for recovery provides built-in redundancy.
With all these advantages, one should remember that it is much more complicated than a standard seed phrase. This requires a deeper knowledge of cryptocurrencies and being more careful during recovery.
An alternative approach to securing the seed phrase is using a standard seed phrase with additional passphrase, it is more straightforward to use and that is why it might be a better choice for less experienced holders.
Comparing Shamir Backup to Single Seed Backup
Here’s a quick comparison between Shamir backup and traditional single seed backup:
| Feature | Single Seed (BIP39) | Shamir Backup (SLIP39) |
| Word Length | 12, 18, or 24 words | 20 or 33 words |
| Number of Shares | 1 (Single Seed) | 1 to 16 (Multiple Shares) |
| Word List | BIP-39 Word List | SLIP-39 Word List |
| Threshold for Recovery | All words required (1/1) | User-defined (e.g., 2/3, 3/5) |
| Distribution Flexibility | None (Single copy) | Can be distributed among trusted parties or locations |
| Redundancy | None | Customizable (e.g., 3/5 allows 1 backup) |
| Susceptibility to Loss/Theft | Total loss if seed is lost/stolen | Share loss tolerated up to a threshold |
Implementing Shamir Backup
To use Shamir backup with your wallet, follow these key steps:
- Generate: Decide on the number of total shares and how many you need for recovery.
- Create backups: Make durable backups of each share (e.g. using Coinplate)
- Distribute: Share them among trusted people and/or secure locations.
- Relax: Rest easy knowing your recovery shares are secured, and safe from theft or destruction.
When creating your backup, it’s crucial to never make digital copies of your recovery seed or recovery shares, and never upload them online.
Hardware Wallets and Shamir Backup
Several hardware wallet manufacturers are now incorporating Shamir backup into their products. For example, the Trezor Model T was the first hardware wallet in the world to implement the fully functional SLIP-0039 security standard, Shamir Backup. Nowadays SLIP39 standard is still best supported in Trezor wallets such as Trezor Safe 3 and others.
These implementations allow users to easily create and manage Shamir backups directly from their hardware wallets, providing an additional layer of security for their crypto assets.
Secure Storage Solutions: Spotlight on Coinplate
While Shamir backup provides excellent security, it’s equally important to securely store the physical backup of your recovery shares. This is where products like Coinplate come into play.
Coinplate offers premium metal backup tools for securely storing your seed phrase or Shamir backup shares. Made from high-quality stainless steel, Coinplate products are designed to withstand extreme conditions, ensuring the long-term safety of your backup.
Key features of Coinplate include:
- Durability: Can withstand fires, floods, acids, rust, and impacts.
- Longevity: Remains readable even after 20 years.
- Easy to Use: Allows you to mark your seed phrase at home, away from potential security risks.
- Fireproof: Can withstand temperatures up to 1,300ยฐC/2,400ยฐF.
- Water and Corrosion Resistant: Made from superior grade Stainless Steel (1.4301 | AISI 304).
Coinplate products have undergone rigorous stress tests, including exposure to extreme heat, acid corrosion, and crushing force, consistently demonstrating their ability to protect your valuable information under the harshest conditions.
All Coinplate backups received a Triple-A score in renowned James Lopp stress tests.
Conclusion
Shamir backup represents a significant advancement in cryptocurrency security, offering a robust solution to protect digital assets against loss and theft. Distributing the risk across multiple shares and allowing for flexible recovery options, provides peace of mind for crypto holders.
As the cryptocurrency landscape continues to evolve, we can expect to see wider adoption of Shamir backup across various wallet solutions. Coupled with secure physical storage options like Coinplate, users now have powerful tools at their disposal to safeguard their digital wealth.
Common Questions and Concerns
What happens if some of the shares get lost or stolen?
As long as the number of compromised shares doesn’t reach the required threshold, your wallet remains secure. For example, in a 7-of-10 scheme, even if 5 shares are compromised, an attacker can’t reconstruct your wallet.
What if I lose so many recovery shares that I can’t meet the required threshold?
If you can’t meet the required threshold, your wallet will become unrecoverable. This underscores the importance of careful planning and secure storage of your shares.
Can I use a passphrase on a wallet created with Shamir backup?
Yes, passphrases are a part of the SLIP39 standard. Make sure to back up your passphrase offline as well. The passphrase is an integral part of the backup and shouldn’t be relied upon from memory alone.Remember, while Shamir backup offers enhanced security, it’s crucial to follow best practices in creating, distributing, and storing your backup shares. With the right approach, you can significantly reduce the risks associated with cryptocurrency ownership and enjoy the benefits of this innovative technology with confidence.