VIDEO TRANSCRIPTION
Blockstream
Shamir’s Secret Sharing vs Multisignature—Which Is Best?
Description generated by Skrybot
No description has been generated for this video.
Transcription generated by Skrybot
When you're storing back of the data, your secret sharing gives you a way to distribute that backup in a more nuanced way. And I should say a little bit about how this compares to multi signatures, because people use multi-sig in Bitcoin to much the same effect, right? Because the coins in Bitcoin are not necessarily held by a single key, they can be held by as many keys as you want. So rather than having a single key that's split in three or five, maybe I want a multi signature where I have five keys and any three of them can sign.
And I would say that if you have a choice between those two mechanisms, you always want to use multi-sigs, right? Like multi-sigs are just like universally better. And the reason is that with a multi-signature, you don't need to bring the pieces together to produce a signature, right? With Shamir secret sharing, you've got all these shards. And then when you want the original secret, you have to bring the shards together, reassemble them, put them into a Bitcoin wallet and spend your coins. With multi-sig, you don't. You can produce part of your signature with one wallet, part of your signature with another wallet, part of your signature with another wallet.
And they don't ever need to, you never need to bring secret data onto one place. It's a little bit more complicated to use, which is the reason that you wouldn't use it. The reason that is better from a security perspective, you don't have all your secrets in one place. If you're using a multi-signature, rather than you personally producing part of a signature in one place and part in another, you might just call a friend of yours who's holding the other key and ask them to do the signature kind of part. The idea here is that you can add additional access control. With Shamir secret sharing, in order to use it, you need to reconstruct the whole secret.
So at the time of use, the benefit of sharding goes away. That's the trade-off that you're making. Whereas with a multi-signature, everything stays sharded, always at the same time. So maybe a good way to think about this, which I think we wrote in the book, is that you can use a multi-signature to define a signing policy. To say, well, I have these five different custodians and I want any three of them to be able to move the coins. That's a multi-signature. Whereas Shamir secret sharing, you would use just as a backup management. So I've got some seed that I want to keep at rest for many years or many decades or something.
And when I want to actually use a seed, I'm going to have to un-shard and undo my security book. As long as they're going to be at rest for a long period of time and I don't really want to think about them, then Shamir secret sharing lets me do that. .
S K R Y B O T
Skrybot. 2023, Video transcriptions from YouTube
By visiting or using our website, you agree that our website or the websites of our partners may use cookies to store information for the purpose of delivering better, faster, and more secure services, as well as for marketing purposes.