Author

Topic: [req] Shamir plugin (Read 216 times)

legendary
Activity: 2688
Merit: 3983
November 30, 2019, 04:58:25 AM
#13
@OP you could make a feature request on github. there are some similar requests there: https://github.com/spesmilo/electrum/issues/5419 & https://github.com/spesmilo/electrum/issues/5418
The biggest winner of this plugin is altcoins so Electrum is not the best place to suggest it (feature request.) Multi-sigs win when we compare them to Shamir’s Secret Sharing (SSS,) but multi-party computation (MPC) can make a difference (does not require the parts to be reassembled on a single device.)
You still need to make a signature using multiple signatures, so MPC can be used to enhance the security of multiple signatures keys.
legendary
Activity: 3472
Merit: 10611
November 29, 2019, 12:56:40 AM
#12
The downside of multisig over SSS is that it costs more in transaction fees than SSS since multisig transactions tend to be larger than single sig ones.

not for long though!
as soon as we get Schnorr signatures and the accompanying MuSig which is basically taking advantage of the signature aggregation feature of Schnorr algorithm, the cost of transactions that require multiple signatures will reduce (ie. become smaller than a tx with single signature)!
how? by being a SegWit transaction (probably version 2 address) and also getting rid of the stupid DER encoding for signatures that makes them smaller and obviously only having 1 aggregated sig!
legendary
Activity: 3682
Merit: 1580
November 28, 2019, 06:47:40 AM
#11
There's already a way to split the backups between multiple locations, people and/or devices. It's called a multisig wallet and electrum has supported it for years but few users take advantage of it. In some ways it's safer than using SSS because you don't have to reconstitute all the keys on the same device at any point in time. They can remain on different devices and you simply pass around partially signed transactions for signing.

The downside of multisig over SSS is that it costs more in transaction fees than SSS since multisig transactions tend to be larger than single sig ones.
legendary
Activity: 3472
Merit: 10611
November 28, 2019, 12:36:29 AM
#10
One could probably argue that the security of the backup is increased... as without the minimum number of pieces, you can't access the seed mnemonic and restore the wallet. (assuming the pieces are stored separately in safe and secure locations etc)

if increasing the "security of the backup" is the goal then a better solution is to use an encryption technique* that is also already available in Electrum's code so there is no need for any new code being added. meaning they should just expose a GUI option for user to get the seed that is encrypted using AES256 that Electrum uses for seeds and wallet files already.

* Shamir algorithm is mainly for "sharing" secrets whereas encryption is for increasing security of what you store which is what most users would be looking for.
HCP
legendary
Activity: 2086
Merit: 4361
November 28, 2019, 12:12:01 AM
#9
One could probably argue that the security of the backup is increased... as without the minimum number of pieces, you can't access the seed mnemonic and restore the wallet. (assuming the pieces are stored separately in safe and secure locations etc)

However, I would agree that the overall security of the wallet is essentially the same if it was all done (wallet creation + shamir split) on an online machine.
legendary
Activity: 3472
Merit: 10611
November 27, 2019, 11:56:55 PM
#8
Having a plugin to generate Shamir shares isn't likely to change that... and would not be doing anything or encouraging any behaviour that Electrum doesn't already.

it could give users a false sense of security that if they use Shamir's "secret" sharing algorithm and split their hot wallet's secrets their security is increased whereas it really isn't.
of course if it is added as a plugin which is more like opt-in features that you have to explicitly enable and use, then it could mitigate that to some extent.
HCP
legendary
Activity: 2086
Merit: 4361
November 27, 2019, 03:24:32 PM
#7
Because at some point after splitting your seed in to a number of secrets, those secrets either have to be displayed on screen for you to copy by hand or saved in a file(s) for you to distribute/print, both of which could be accessed by malware and transmitted to a third party if the computer has an internet connection. When generating a paper wallet, it should be done on an airgapped computer in case malware accesses your seed. When generating a secret, it should be done on an airgapped computer in case malware access your seed or secret.
I think the point that Abdussamad is making is that when initially creating your Electrum wallet... the Electrum seed is displayed on the screen... AND you have to then type it back into the computer to complete the process.

Quote
My issue isn't with Electrum, it's with what happens after Electrum has produced your secret. This should be done in an offline environment, and having a simple button to press that says "Generate a 3-of-5 secret for my seed" or similar will encourage people to do so on an internet enabled computer.
So, in effect... your issue IS with Electrum... as it is already doing what you're saying a plugin should not. And I would suspect that most Electrum users are NOT using it in an offline air-gapped way to generate their seeds. Undecided

Having a plugin to generate Shamir shares isn't likely to change that... and would not be doing anything or encouraging any behaviour that Electrum doesn't already.


NOTE: Don't get me wrong... I agree, people should be creating their Electrum seeds/wallets offline to mitigate risk... but I suspect the majority don't.
legendary
Activity: 2268
Merit: 18711
November 27, 2019, 11:02:57 AM
#6
Because at some point after splitting your seed in to a number of secrets, those secrets either have to be displayed on screen for you to copy by hand or saved in a file(s) for you to distribute/print, both of which could be accessed by malware and transmitted to a third party if the computer has an internet connection. When generating a paper wallet, it should be done on an airgapped computer in case malware accesses your seed. When generating a secret, it should be done on an airgapped computer in case malware access your seed or secret.

My issue isn't with Electrum, it's with what happens after Electrum has produced your secret. This should be done in an offline environment, and having a simple button to press that says "Generate a 3-of-5 secret for my seed" or similar will encourage people to do so on an internet enabled computer.
legendary
Activity: 3682
Merit: 1580
November 27, 2019, 09:49:17 AM
#5
a non-airgapped computer is a networked computer and how can using the features of electrum result in seed compromise? what you said  doesn't make sense.
If there is a plugin which either asks for you to type in your seed or takes your seed from your Electrum wallet, and splits it in to 3 or 5 or whatever parts, and then displays those parts as text or creates a number of files, all while being non-airgapped (i.e. connected to the internet), then you are at risk of losing your seed to malware which could copy or transmit your "secrets" via the internet. This is the exact same reason why we tell people never to generate a paper wallet on an internet enabled device.

My point was that generating your secrets on an internet-connected device is not a smart idea, and I feel an Electrum plugin would encourage that.

Electrum itself generates your seed and electrum plugins have access to everything electrum does. Plugins are included with electrum and they are coded by the same developers that make electrum. You don't download them from third parties. So IDK see what the problem is.

@OP you could make a feature request on github. there are some similar requests there: https://github.com/spesmilo/electrum/issues/5419 & https://github.com/spesmilo/electrum/issues/5418
legendary
Activity: 2268
Merit: 18711
November 27, 2019, 09:06:26 AM
#4
a non-airgapped computer is a networked computer and how can using the features of electrum result in seed compromise? what you said  doesn't make sense.
If there is a plugin which either asks for you to type in your seed or takes your seed from your Electrum wallet, and splits it in to 3 or 5 or whatever parts, and then displays those parts as text or creates a number of files, all while being non-airgapped (i.e. connected to the internet), then you are at risk of losing your seed to malware which could copy or transmit your "secrets" via the internet. This is the exact same reason why we tell people never to generate a paper wallet on an internet enabled device.

My point was that generating your secrets on an internet-connected device is not a smart idea, and I feel an Electrum plugin would encourage that.
legendary
Activity: 3682
Merit: 1580
November 27, 2019, 08:56:46 AM
#3
a non-airgapped computer is a networked computer and how can using the features of electrum result in seed compromise? what you said  doesn't make sense.
legendary
Activity: 2268
Merit: 18711
November 27, 2019, 08:34:41 AM
#2
I'm not sure that's a great idea. As the majority of people who are using Electrum are doing so on a non-airgapped machine, doing this might encourage people to input or otherwise access their seeds on an internet connected computer, which is a big security risk. Similarly, the secrets they generate would then be on an internet connected machine. This is the same risk as generating a paper wallet on a non-airgapped machine.

You can obviously never stop doing people doing this, but we shouldn't be encouraging it. Better to download and run a generator offline, such as https://iancoleman.io/shamir/.
copper member
Activity: 85
Merit: 5
November 27, 2019, 05:51:43 AM
#1
Would be nice if someone try to build a shamir  plugin.
Python source code is on the internet: https://pypi.org/project/shamir/ and only need someone familiar with electrum plugin development to do it.
 
  
Jump to: