Shamir’s Secret-Sharing as a backup option of your entity at SSI
At any full SSI product, there is a question of where and how to store your seed (identity) 🔑. There are several knowns and widely used backup approaches: e.g. use mnemonic (or seed phrase), where you present and store your seed at the paper 📜 like 12 or so words, or store it at some custodial or guardian storage.
The mnemonic approach does not really make things easier rather than just write your seed on the paper as a hex or any other presentation, so not really solving the problem.
Custodial storage makes your product not fully SSI anymore.
Guardian storage partially solving the problem, but still, if that storage will be shut down you will lose your backup completely.
But the Guardian storage approach has one good idea, let's define what the Guardian storage really is on the simple use case: (you probably saw the next example at some Hollywood movie):
Smart guy putting super important documents 📄 to luggage storage box 📦 at the airport or train station and sending the key from that box to important for movie person. From this time important person playing guarding storage role, so he has a key from the box, but since he does not know the name of the train station and the number of the box could not use it. Also, our hero could say the name of the train station and number for the box to another friend, and this friend also will not be able to use it, cause he does not have a key for the box. Important note that the owner of the key and friend who knows now the number of the box should NOT know each other. So right now our hero could even forget number of the box, and when it will be required he can go to his friends, get back the key and number of the box, and then get that documents back.
In this case, you splitting information into 2 pieces, and the owner only of one piece could not get anything from it.
But what will happen if one owner will loos his part, OR these 2 owners will know each other?
Extension for this concept is mostly what Shamir’s Secret-Sharing does.
It allows you to split your secret into the N number of pieces/shares and set that T is the required minimum number of pieces/threshold that will be required to restore your secret ( N > = T).
How its works in 2 words:
- Define T (required number of pieces to restore secret) — it will be our polynomial size ( T-1 - the number of coefficients required to calculate the point at the curve Y for any given X)
- Create a polynomial with defined size (coefficients should be chosen randomly), e.g. for the T = 4 its will looks like f(x) = A0 + A1x + A2x² + A3x³, where A0 is our secret, and A1, A2, A3 coefficients which chosen randomly
- Define N (the number of pieces on which you want to break your secret) this will be a number of points at your polynomial curve (defined in the previous step) which you will need to calculate
- Calculate that points (these points will be pieces of your secret)
- Put pieces calculated from the previous step into different places
- Restore polynomial/curve (and secret as part of that) from T points (pieces of secret)