Hacker News new | past | comments | ask | show | jobs | submit login

How does it work that they have the ability to help you recover your funds, but they can't do that "recovery" unilaterally?



Bitcoin has a scripting language that allows more complex requirements to unlock funds, rather than simply sending an amount from one key to another:

https://en.bitcoin.it/wiki/Script

Multisignature requires a quorum k-of-n signatures to unlock funds, for example 3 of 5 keys (or 2-of-3, 2-of-2, etc):

https://en.bitcoin.it/wiki/Multi-signature

So you can have a wallet that requires 2 signatures to move funds, where you control 2 signing devices (mobile app + hardware wallet) and the third-party holds the 3rd key. Normally you manage all transfers without involvement of the third party, but if one of your keys becomes inaccessible they can help you sweep your funds to a new set of keys.

Additional resiliency and security is gained by increasing the quorum to 3-of-5. You control a mobile app plus 3 hardware signing devices, which are ideally distributed geographically. This increases reliability in case something happens at your primary site (like your house) and increases security by requiring an attacker to physically visit multiple locations. The 5th key is held by the recovery service.

tl;dr: https://keys.casa/how-it-works


https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing


Shamir’s Secret Sharing is a general solution for splitting secrets. Bitcoin multisig is superior for for its specific applications though. The biggest reasons are:

1. There is never one single key with full control. This is a huge vulnerability with SSS.

2. More flexibility, by allowing differing k-of-n subsets in combination with timelocks and other Bitcoin script features.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: