Secret Sharing
Introduction
Using Shamir's Secret Sharing (SSS in short) a private key is divided into multiple pieces, giving each participant its own shared piece. To combine the original key, a minimum number of pieces is required which is typically less than the total number of pieces. For example any 2 out 3 shared pieces will reproduce the key.
In the context of Ardor we use SSS for account passphrase protection. There are two main scenarios where SSS can be used to improve security, "Secure Passphrase Backup" and "Remote Node Management".
Secure Passphrase Backup
When making a backup of your passphrase you can increase security by splitting it to several redundant pieces, 2 out of 3 or 3 out of 5 for example, then storing the pieces in different hot or cold storage locations. Only combine back the passphrase when you are ready to submit a transaction and even then only in the memory of the wallet.
There are several options to split and combine a passphrase:
- Using the APIs - split the passphrase into pieces using the splitSecret API. Combine it back to a full passphrase using the combineSecret API. Both APIs are available out of the box with any Ardor node installation, even on an offline machine, and do not require a copy of the blockchain or internet connection.
- Using the wallet - generate a paper wallet when creating a new account or when you login with remembered passphrase. The paper wallet in addition to the account address and passphrase will include the selected number of pieces representing the passphrase.
The shared pieces generated using the API are compatible with the pieces generated by the wallet and vice versa as long as all pieces used when combining a secret where generated in the same batch.
Scenario 1 - Sign Transactions
Generate a paper wallet
1. Login with remembered passphrase and open the account details dialog by clicking the upper left dashboard title, then click the "Create" button for the paper wallet.
2. In the following dialog and the total number of pieces for the passphrase and the number of pieces required to reproduce it.
3. Print or save the generated paper wallet.
Combine the passphrase instead of entering the full passphrase
Login to the wallet using your account id or without remembering the passphrase. In any transaction dialog check the "Shared Secret" checkbox then enter or scan the required number of pieces needed to reproduce your passphrase. Then click combine.
If all is well you will see the combined passphrase entered and masked. You can now submit the transaction normally.
Using this approach you never need to enter your passphrase in full, this protects you against key loggers and similar threats. You can split the entry of your shared pieces, for example copy/paste one from a password manager and scan the other one from the paper wallet QR code. If multiple parties are involved each one can provide its own copy of a different piece.
Scenario 2 - Remote Node Management
Split your passphrase into 2 out 3 parts for example, keep one piece as a backup, store one on your remote node and use the 3rd part when performing an action such as forging, bundling, booting a contract runner etc. This way you never need to type your full passphrase in the wallet and never send the full passphrase over the internet to a remote node.
See refer to this medium article for more information.
To setup shared secret on your node, follow this procedure for each account passphrase:
1. Split the passphrase into 2/3 parts using the splitSecret API or by printing a paper wallet.
2. Backup one of the parts in a cold storage.
3. Add one of the parts to nxt.properties as follows:
nxt.secretPhrasePieces.[RS account]=[passphrase piece without parenthesis]
or multiple pieces separated by a semicolon.
For example:
The following 5 secrets represent the passphrase for account ARDOR-XK4R-7VJU-6EQG-7R335 any 3 of them can reproduce the secret.
Shared Secret 1 - 1:1506959019:5:3:0:1:20b94dc1f7eb7bfb3088bba9be9a2d9c1
Shared Secret 2 - 1:1506959019:5:3:0:2:4ddfef5225256b0903b739956dd55cd23
Shared Secret 3 - 1:1506959019:5:3:0:3:9578375108639dd8e8da380a7d59b22d1
Shared Secret 4 - 1:1506959019:5:3:0:4:f78225bea1a6146adff1b708ed272dacb
Shared Secret 5 - 1:1506959019:5:3:0:5:173fdba9af0eccebee8fdb690bd3dcf511
You can setup your node to recognize two of the secrets, for example the 2nd and 5th:
nxt.secretPhrasePieces.ARDOR-XK4R-7VJU-6EQG-7R335=1:1506959019:5:3:0:2:4ddfef5225256b0903b739956dd55cd23;1:1506959019:5:3:0:5:173fdba9af0eccebee8fdb690bd3dcf511
Then submit one or more of the other pieces using the "sharedPiece" parameter(s) of any API which accepts a "secretPhrase" parameter. You will also need to submit the account id ARDOR-XK4R-7VJU-6EQG-7R335 as the value of the "sharedPieceAccount" parameter.
As a result the account passphrase will be combined in the node memory to form the complete passphrase which will be then used by the API.
Note: the Ardor wallet does not currently support submitting shared pieces to the remote node. You can only use this configuration when working directly with the APIs, contracts or transaction caller objects.
When connecting to a remote node for forging, bundling, contract running, shuffling etc, it is more secure to use secret sharing than submitting your full passphrase to the remote node or specifying the full passphrase in the node configuration when applicable.