David Sharp

Shamir Secret Sharing and Horcruxes

While learning about SLIP-0039 and contributing some feedback and bug fixes, I couldn't help but notice that Shamir's Secret Sharing bears an alarming resemblance to Horcruxes.

A horcrux is a fragment of a human soul that has been broken apart by dark magic. A Shamir secret fragment is a piece of a secret that can be combined to form a whole secret.

Precious to the owner

  • Shamir Secret
    • A master secret is very precious to the owner.
    • If the secret is lost or damaged it could result in lost access to funds or other systems.
  • Horcrux
    • A soul is very precious to the owner.
    • If a horcrux is lost or damaged it could result in the death of the owner or at least a reduction in their immortality.

Must be divided up

  • Shamir Secret
    • A master secret is split up into various shares in order to protect the secret.
  • Horcrux
    • Horcruxes are created by splitting up the creator's soul in order to provide immortality.

Must be kept secret and safe

  • Shamir Secret
    • A secret share is trusted to a person, device, or is secretly hidden. The trustee or location is known only to the creator.
  • Horcrux
    • A horcrux is hidden within a trusted object, animal, or person known only to the creator or to those trusted to guard the dark object.

Information-theoretic security

  • Shamir Secret
    • Each secret share found offers no clue about the other secret shares. Neither the content nor the total number of other shares can be determined.
    • No information about the master secret is leaked until N shares are provided.
  • Horcrux
    • Each horcrux found offers no clue about the other horcruxes. The total number of horcruxes cannot be deduced.
    • The original soul is indestructible until all horcruxes have been located and destroyed.

Fault tolerant

  • Shamir Secret
    • As long as N > K, then one or more shares can be lost or destroyed while still being able to recover the master secret. Lost or destroyed shares may not be known by the master secret owner.
  • Horcrux
    • The original soul continues to function normally until all horcruxes have been destroyed. Lost or destroyed horcruxes may not be known by the soul's owner.

Advantages of SSS over Horcruxes

With SLIP-0039's two-level scheme, SSS begins to show clear advantages over horcruxes. While all created horcruxes represent an equal part of a human soul, it is unclear if any wizard has attempted to create horcruxes from horcruxes. Such dark magic however is possible with Satoshi Labs' new improvement protocol which allows for multi-level secret sharing, where some secrets carry more weight than others. This is useful if perhaps one wanted to create shares in such a way as to give more trust to family members than friends.