Shamir's Secret Sharing based Wallet - Cypherock X1

SFR10

legendary

Activity: 2968

Merit: 3406

Crypto Swap Exchange

Quote from: rohanagarwal7 on April 23, 2024, 06:42:20 AM

We just announced Cypherock Cover, a non-custodial & non-KYC inheritance-style recovery service for all your Crypto - https://twitter.com/rohanagarwal94/status/1782504675620655176

Would you mind sharing the rough estimates of the costs for both of the plans?

Quote from: https://www.cypherock.com/blogs/cypherock-cover

Nominee #2 receives the encrypted message 3 months after nominee #1 receives it, which allows nominee #1 to take precedence in estate recovery but still ensures recovery in case nominee #1 is also deceased.

Am I correct in assuming that there aren't any inactivity checks for nominee #1?
^{- Not sure if I'm just being pessimistic, but I do have mixed feelings about the second nominee option.}

Quote from: https://www.cypherock.com/blogs/cypherock-cover

Additionally, the user can also define an executor as part of the setup who does not have any financial stake but can be assigned as a helper by the user in the estate recovery process for the nominee.

Does the executor have a similar set of requirements to the nominees?

satscraper

hero member

Activity: 714

Merit: 1298

Cashback 15%

Quote from: rohanagarwal7 on April 23, 2024, 06:42:20 AM

We just announced Cypherock Cover, a non-custodial & non-KYC inheritance-style recovery service for all your Crypto - https://twitter.com/rohanagarwal94/status/1782504675620655176

Cypherock Cover,the scheme that makes the simple stuff unfeasibly large and bulky.

Speaking of inheritance itself. Split SEED phrase into SSS blobs using 2 of 3 scheme. Encrypt each blob with your hardware based pgp key (How the setup such keys is described here). Give one of the encrypted blobs and HW security key to your nominee. Include one of the remaining encrypted blobs into you legal will with assigned nominee as the lawful beneficiary under will. Instruct lawyer to hand over this will to nominee after your passing.As simple as that. A simple and reliable inheritance plan that doesn't require Cypherock Cover.

DaveF

legendary

Activity: 3458

Merit: 6231

Crypto Swap Exchange

From: https://www.cypherock.com/blogs/cypherock-cover

Quote

As discussed, most people buy a hardware wallet to hold Crypto assets for the long term

Do people really use hardware wallets for long term? Most of the people I know use them for more security in their hot storage and use other methods for long term cold storage.

Admittedly Dave and the people he discusses crypto with is a very small sample size. Has there been any real research done into what / how people are using hardware wallets for.
Long term? Short term? Both?

-Dave

rohanagarwal7

jr. member

Activity: 52

Merit: 28

We just announced Cypherock Cover, a non-custodial & non-KYC inheritance-style recovery service for all your Crypto - https://twitter.com/rohanagarwal94/status/1782504675620655176

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Quote

No offence to you or your product since I have never had the chance to try one or read much about it, but I wouldn't trust CoinBureu to be a neutral source of information. I have seen many of his videos and have no complaints regarding the quality, but many of his content is sponsored and even paid-for-promotion.

I completely understand your concern and we know a lot of wallets that paid them for a review. However as written in the review itself, we did not pay them anything upfront at all. All we gave them are a couple of devices and an affiliate commission for every sale which is standard for every reviewer.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: rohanagarwal7 on January 12, 2024, 10:33:24 AM

Cypherock X1 became the highest rated hardware wallet by Coinbureau - https://www.coinbureau.com/review/cypherock-review

No offence to you or your product since I have never had the chance to try one or read much about it, but I wouldn't trust CoinBureu to be a neutral source of information. I have seen many of his videos and have no complaints regarding the quality, but many of his content is sponsored and even paid-for-promotion.

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Cypherock X1 became the highest rated hardware wallet by Coinbureau - https://www.coinbureau.com/review/cypherock-review

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Cypherock X1 now ships with a Hard Case - https://twitter.com/CypherockWallet/status/1719697106984972728

Comes FREE as part of the packaging
Is a Faraday Cage to protect against unintended EM waves
Use it to keep other hardware wallets along with your Cypherock X1 safe against scratches
It is Dust & Water Resistant

rohanagarwal7

jr. member

Activity: 52

Merit: 28

We got reviewed by Athena Alpha - https://www.athena-alpha.com/cypherock-x1-review/

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Quote

OK, got it. The positive thing is that users have an option to view their seed phrases and could make offline backups of them if they wanted. If I forget the PIN to my cards, is there a way to reset it? Or, will I have to order a brand new set of cards?

There is no way to reset it. Instead of deleting the wallet which could be more catastrophic if the user forgets the PIN, we decided to implement a time exponential function instead. After 3 wrong attempts, the timer to enter a new PIN attempt increases exponentially upto 100 years. You can as you mentioned can order new cards.

For people who think they can forget the PIN, we advise the user to backup the PIN somewhere which is still exponentially more secure than backing up a seed phrase. We will as mentioned also launch a no-KYC inheritance service soon that will allow users to recover the forgotten PIN also apart from passing on the assets to their loved ones.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: rohanagarwal7 on June 29, 2023, 02:36:21 PM

It is actually the same. There are still only 4 cards. The thing you are getting confused is that one of the shards is also stored on the device. Hence you need 1 device + 1 card or 2 cards (along with PIN if set) to view the seed phrase or make a transaction.

OK, got it. The positive thing is that users have an option to view their seed phrases and could make offline backups of them if they wanted. If I forget the PIN to my cards, is there a way to reset it? Or, will I have to order a brand new set of cards?

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Quote

Their website mentions two different pieces of information. You can read "Five shards protect your Crypto, but you only need two to spend it" on https://www.cypherock.com/how-it-works. But their main page says "To make a Crypto transaction, just fetch and tap any 1 out of the 4 cards on the X1 wallet." (https://www.cypherock.com/)

@rohanagarwal7 How many are needed? One or two cards for spending and/or recovery?

It is actually the same. There are still only 4 cards. The thing you are getting confused is that one of the shards is also stored on the device. Hence you need 1 device + 1 card or 2 cards (along with PIN if set) to view the seed phrase or make a transaction.

Quote

Again, which one is it?

Apologies on this. The older set of cards were EAL 5+. We have shifted to EAL 6+ certified Javacards for the current batch. We will update the website soon to reflect the same.

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Quote

Hmmm I have read this article and it seems to have more details https://cypherock.gitbook.io/cypherock/design-decisions/cypherock-is-bip39-compliant

ENT> Mnemonics> BIP39 Seed> Master Node> Purpose Node> Coin Node> Account Nodeء> Change Node> Address Index Node.
all you will get is data stored inside each X1 Card and it is impossible to extract the private key from those cards right? That is, if a problem occurred and I was unable to obtain the X1 Card, are there no other solutions to access the private key?

I have read that I only need 2 cards out of 5 X1 Card. Is this option static or dynamic so that I can change the number to 3 or add more than 5 X1 Card.

On a high level, the card stores one of the Shamir shares of the ENT. The card have 4-8 alphanumeric PIN based brute force protection to protect the share. As long as you have device + 1 card or 2 cards working, your assets are fine. If you think, you still require to backup the seed phrase separately, you can always do that as well.

There are 4 X1 cards having the 4 Shamir shares. The 5th share is in the device. So you need the device + any 1 card to operate. It is currently static to make it easy for most users. We will offer customizations in the future.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: Yamane_Keto on June 29, 2023, 07:42:01 AM

I have read that I only need 2 cards out of 5 X1 Card. Is this option static or dynamic so that I can change the number to 3 or add more than 5 X1 Card.

Their website mentions two different pieces of information. You can read "Five shards protect your Crypto, but you only need two to spend it" on https://www.cypherock.com/how-it-works. But their main page says "To make a Crypto transaction, just fetch and tap any 1 out of the 4 cards on the X1 wallet." (https://www.cypherock.com/)

@rohanagarwal7 How many are needed? One or two cards for spending and/or recovery?

Quote from: rohanagarwal7 on June 28, 2023, 04:04:53 PM

It does actually. The cards are EAL 6+ certified secure elements.

That's another point I noticed that doesn't match with what your website mentions.

I quote:

Quote

X1 Cards are NFC-based smartcards with EAL 5+ secure elements.

https://www.cypherock.com/

Again, which one is it?

Yamane_Keto

sr. member

Activity: 406

Merit: 443

Quote from: rohanagarwal7 on June 28, 2023, 04:04:53 PM

Not really. There is no emergency wallet transactions service. The same seed phrase backup product also doubles up as a hardware wallet. So, you can use the cySync desktop app along with X1 Vault + 1 X1 card to make transactions incase your Coldcard/Trezor/Ledger or any other BIP39 wallet is not available. You can read more here - https://www.cypherock.com/how-it-works

Hmmm I have read this article and it seems to have more details https://cypherock.gitbook.io/cypherock/design-decisions/cypherock-is-bip39-compliant

ENT> Mnemonics> BIP39 Seed> Master Node> Purpose Node> Coin Node> Account Nodeء> Change Node> Address Index Node.
all you will get is data stored inside each X1 Card and it is impossible to extract the private key from those cards right? That is, if a problem occurred and I was unable to obtain the X1 Card, are there no other solutions to access the private key?

I have read that I only need 2 cards out of 5 X1 Card. Is this option static or dynamic so that I can change the number to 3 or add more than 5 X1 Card.

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Quote from: Yamane_Keto on June 28, 2023, 08:20:53 AM

I thought they would use SSS alongside multisig the user could distribute his wallet seed, for example, to 5 places, and the possibility of recovery from 3 places, with multisig in the background, where it could be 3-of-5, and thus a good distribution of seeds to ensure that there are no single points of failure. the current idea is currently promoting Many risks, such as knowing your seed after the first signature, because seed will be exposed, or the existence of better alternatives such as multisig, or your need to trust the third party.

You can use SSS alongside multisig if you want. It is on the roadmap to support Multisig scripts soon. I am not sure how does the user know the seed after first signature. The seed is not even exposed during the wallet creation nor during transaction signing. Although there is an option on the device to generate the seed phrase back from X1 Vault and the X1 card + PIN again if you want to view it and still back it up somewhere.

Quote

I don't trust that an NFC-enabled card will enhance the security of my coins.

It does actually. The cards are EAL 6+ certified secure elements. Hence, they have brute force protection through a time exponential function enforced through a 4-8 character alphanumeric PIN. Hence, even if a hacker gets hold of 2 of the 4 cards, they still have to find a way to hack the card individually and bypass the PIN protection to be able to compromise your assets which is extremely improbable.

Quote

I searched and did not find information about this emergency wallet transactions service, is it similar to Ledger Recovery?

Not really. There is no emergency wallet transactions service. The same seed phrase backup product also doubles up as a hardware wallet. So, you can use the cySync desktop app along with X1 Vault + 1 X1 card to make transactions incase your Coldcard/Trezor/Ledger or any other BIP39 wallet is not available. You can read more here - https://www.cypherock.com/how-it-works

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Quote from: Pmalek on June 28, 2023, 03:00:04 AM

Shamir's Secret Sharing scheme is more secure than an ordinary seed backup that could be exposed if discovered, but it's not better than multisig. SSS introduces a single point of failure because the seed and its shards are constructed on the same device. Therefore, you rely only on the security of that one device. With a multisig, you can have multiple participants on different devices holding their own keys that are required to sign transactions. You don't have one point of failure as with SSS.

I agree. Multisig transactions are generally expensive and the user experience is still a big stretch for most users. I just feel multisig is more suited for an enterprise rather than for most individuals. We wrote a blog comparing SSS to Multisig - https://www.cypherock.com/blogs/post-multi-sig-shamir

Moreover, you will still be able to create a multisig setup using Cypherock X1 also. That multisig setup will be more secure than any other wallet combination out there. Our aim with the Cypherock X1 is to create the best possible infra for securing a single seed.

Yamane_Keto

sr. member

Activity: 406

Merit: 443

Quote from: Pmalek on June 28, 2023, 03:00:04 AM

Shamir's Secret Sharing scheme is more secure than an ordinary seed backup that could be exposed if discovered, but it's not better than multisig.

I thought they would use SSS alongside multisig the user could distribute his wallet seed, for example, to 5 places, and the possibility of recovery from 3 places, with multisig in the background, where it could be 3-of-5, and thus a good distribution of seeds to ensure that there are no single points of failure. the current idea is currently promoting Many risks, such as knowing your seed after the first signature, because seed will be exposed, or the existence of better alternatives such as multisig, or your need to trust the third party.

Quote from: rohanagarwal7 on June 21, 2023, 06:54:19 PM

Use the same Cypherock X1 also to make emergency wallet transactions if needed. Read more - https://cypherock.com

I don't trust that an NFC-enabled card will enhance the security of my coins.
I searched and did not find information about this emergency wallet transactions service, is it similar to Ledger Recovery?

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Shamir's Secret Sharing scheme is more secure than an ordinary seed backup that could be exposed if discovered, but it's not better than multisig. SSS introduces a single point of failure because the seed and its shards are constructed on the same device. Therefore, you rely only on the security of that one device. With a multisig, you can have multiple participants on different devices holding their own keys that are required to sign transactions. You don't have one point of failure as with SSS.

rohanagarwal7

jr. member

Activity: 52

Merit: 28

Cypherock X1 uses Shamir Secret Sharing along with distributed tamper-proof hardware storage used in the banking industry to prevent single point of failure with private key security. X1 has five components- 1 X1 Vault and 4 X1 Cards. Your Crypto seed phrases are distributed in these 5 components, such that you need any 2 out of those 5 to recover or even transact your Crypto assets. You can read more about using Cypherock X1 as seed phrase backup here - https://cypherock.com/wallet-backup

This is the product's 2nd use-case for people who already have a wallet setup for themselves and need a better way to manage their seed phrases, inheritance of their assets (soon) and aggregate their portfolio across the different wallets in one single place. You can learn how it works more here - https://www.cypherock.com/wallet-backup/how-it-works

The 1st use case of the product is a hardware wallet without seed phrase vulnerability. You can read about it more here - https://bitcointalksearch.org/topic/cypherock-x1-shamirs-secret-sharing-based-hardware-wallet-5459720

Product Features:

Allows you to secure 4 seed phrases with different PIN for each in a single product. Hence 1 Cypherock X1 is enough instead of buying 4 metal backups.
Open Source with secure elements both on the X1 Vault and the X1 cards. Source code - https://github.com/cypherock
Security Audit Completed by Keylabs.io without any major vulnerabilities found. Keylabs have found vulnerabilities in Ledger and Trezor before. Read more - https://cypherock.com/keylabs
Extra security over your seed phrases with a PIN protection on top of shamir shares stored on the hardware to protect against collusion
Use the same Cypherock X1 also to make emergency wallet transactions if needed. Read more - https://cypherock.com
It is BIP39 compliant. Hence compatible with the seed phrases of your favorite wallets like Ledger, Trezor, Coldcard, Foundation wallet etc.

I would love to get the community's feedback on the same. Here is a coupon code for 10% off if someone wants to try it out - bitcointalk10

Topic: Shamir's Secret Sharing based Wallet - Cypherock X1 (Read 295 times)