Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
After the beta launch of Coinsafe, many people asked me how does Shamir secret sharing compare to a multi-sig based approach for securing oneās crypto assets. I aim to articulate the pros and cons of each approach in thisĀ post.
Part AĀ : Shamir secret sharing schemeĀ (SSSS)
SSSS is a way where you can split some data into m of n parts called secrets where if you bring m or more parts, you can reconstruct the original data. If you have m-1 or lesser parts you get no information of the original data. 2/3 SSSS applied on āhelloā gives the following secrets:8013f2ee3bad0959eefdc5b0a8027d5c6a69093795c30ab6ac8034372e6d3b5a2672cb3edceClearly, knowing one part gives you no information about the original data i.e. āhelloā.For crypto asset security, SSSS is applied on a userās 12/24 word wallet mnemonic phrase. Eg: For a 2 of 3 SSSS, someone having access to one part, wouldnāt be able to deduce anything about your wallet phrase. This is how a sample wallet mnemonic phrase looksĀ like:
witch collapse practice feed shame open despair creek road again iceĀ least
Pros:
1) No need to get signatures from multiple devices for doing every transaction
Think of SSSS as a backup mechanism, you generate secrets of your wallet mnemonic phrase and distribute them among a set of trusted devices & friends. In case you lose your phone, your phone gets damaged etc., you gain access to a new phone and recover your mnemonic using the backed up secrets and hence gain access to your funds. Your crypto assets always stay on your main device and relevant transactions can be made from the deviceĀ itself.
2) Advanced sharing schemes like 6/11,Ā 26/51
SSSS utilizes polynomial mathematics and there is no limitation on m & n in a m of n scheme. In the extreme case, one can use schemes like 26/51 with the 51 parts stored in places like bunkers, bank lockers, although I envision people not going over 6/11 scheme especially if they are using phones/hardware devices for storing the secrets. For a multi-sig based setup, there are limitation on m & n. EgĀ : For a P2SH multisig with uncompressed public keys, n can be upto 7, referĀ this.
3) Ability to support multipleĀ coins
SSSS can be applied on any data to create relevant secrets. If applied on a BIP39 mnemonic, the secrets can be used to generate back the mnemonic phrase which can then be used to regenerate the private keys of all the coins. This mnemonic serves as the ārootā of the tree and it can be algorithmically converted into the all the relevant private keys. This is why all wallet providers only require you to right down your mnemonic phrase and not private keys of the individual coins. This means SSSS can be used for backing up all crypto assets like BTC, ETH, XMR, DOGE etc. as well as all your other altcoins.
Cons:
1) Funds have to be on oneĀ device
One security issue with SSSS is that your crypto assets stay on one device itself, the other devices holding the relevant secrets just serve as a backup of the funds and are not required for doing any transaction. Although, if you are using a non-custodial mobile wallet like Coinsafe for storing your crypto assets & say your device gets stolen, the thief would require some time to brute force your phone PIN as well as your wallet PIN to gain access to your funds. During this time, you can move your funds to a newĀ wallet.
Part BĀ : Multi-sig
Multisignature (multisig) refers to requiring more than one key to authorize a Bitcoin transaction. It is generally used to divide up responsibility for possession of bitcoins.
Standard transactions on the Bitcoin network could be called āsingle-signature transactions,ā because transfers require only one signatureāāāfrom the owner of the private key associated with the Bitcoin address. However, the Bitcoin network supports much more complicated transactions that require the signatures of multiple people before the funds can be transferred. These are often referred to as M-of-N transactions. The idea is that Bitcoins become āencumberedā by providing addresses of multiple parties, thus requiring cooperation of those parties in order to do anything with them. These parties can be people, institutions or programmed scripts. SourceĀ : BitcoinĀ Wiki
ProsĀ :
1) Funds not on oneĀ device
Multi-sig is a transaction type requiring signatures from multiple private keys (stored on different devices) before funds can be transferred. Your funds donāt stay on one device, if one device gets lost or stolen your funds are still intact. Eg: For a 2 of 3 multisig setup, if one of your device gets lost or stolen, you can still use the other two to create transactions.This is not valid when n=m, your funds would be lost in that case, Eg: if one of your devices gets lost in a 2 of 2 setup, your funds are lostĀ forever.
2) Supported by protocol itself so no issue of a buggy implementation
Multi-sig is a transaction type that is supported by the blockchain protocol itself, so there is no risk of a buggy implementation developed by a third party that can put your funds atĀ risk.
3) Vast ecosystem of companies provide multi-sig based solutions
Since many companies provide multi-sig wallets, you have an option to switch your wallet provider for a better oneĀ anytime.
ConsĀ :
1) Need signatures from multiple devices for every transaction
For doing a multi-sig transaction you require signature from multiple devices. Security of a multi-sig based approach is achieved when all the devices holding the private keys are kept at different geographic locations as a thief would need to steal devices from multiple locations to steal your funds. Such a setup with devices kept at multiple geographies is highly secure but very inconvenient especially for doing multiple transactions in a day and for normal day to dayĀ usage.
2) Supported only by Blockchains that have in built multi-sig support likeĀ bitcoin
Multi-sig transactions are not supported by all blockchains. Even Ethereum doesnāt support multi-sig transactions in the protocol, people use smart contract wallets that allow you to do a multi-sig transaction. Since they are not supported by the protocol itself, there are chances the smart contract implementation might contain bugs, this was observed with the Parity smart contract wallet hack that led to a loss of $300M worth of Ether at the time.In general, Bitcoin forks support multi-sig transactions but most of the other cryptocurrencies donāt support multi-sig transactions. Even Coinbase uses Shamir secret sharing instead of multi-sig for securing their crypto assets as SSSS allows one to secure multiple cryptocurrencies.
Let me know what you think about my analysis. For a working SSSS implementation that you can use to secure your crypto assets checkout Coinsafe app on Android &Ā iOS.
Shamir Secret Sharing vs Multi-sig was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.