Decentralized Private Key Backup and Recovery System

Eugene Luzgin
4 min readJul 13, 2020

Ever since I joined new Blockchain revolution I started thinking of a cornerstone problem of all cryptocurrencies — private key management.

The simple truth is that most of us — human beings do not want to deal with managing long cryptographic keys like the followings:


ETH: 0x44b9abf2708d9adeb1722dcc1e61bef14e5611dee710d66f106e356a111bef90

As we have enough trouble remembering our Pa$$w0rds.

And hence the natural inclination of many is to trust their cryptocurrency holdings in the hands of centralized exchanges like Coinbase and others turning the last into effectively new modern banks rather than trading place.

The hardcore Crypto techies may manage their cryptographic keys on hardware wallets or keep multiple encrypted copies on usb sticks and external drives. However they make a small percent of total crypto holders.

Majority may keep it in plain text on their hard drives — I once helped one user find his lost private key by doing global search on his Mac using his public key only to discover both public and private keys in one of his word documents stored in some random folder.

More advanced users may use LastPass for storing all their passwords and private keys, which is still a better option then an earlier one with one caveat — you are trusting a centralized company, which became a bank of secrets and a constant target of hackers with all your secrets.

Even if LastPass is never hacked and they do superb job on data backup, which I am sure they are doing, they can still be taken down by any government agency or court ruling for any reason.

There is another smaller problem with LastPass if you are a World traveller — it may not be accessible from everywhere. I could not for example access my account while in China. It’s solvable by VPN though but again get’s more technical for most users.

And hence the right solution must be as Cryptocurrency itself — fully decentralized using cryptography with minimum information shared.

I have developed a mechanism of double encryption and secret splitting across multiple trusted guardians, which does not rely on any central party or storage for secure private key backup and recovery.

Below is the graphic describing encryption and delegation mechanism:

  1. User private key is encrypted with a user password provided;
  2. Resulted encrypted string is split into two halves;
  3. Each half is double encrypted by separate shared secret key for recipient guardian;
  4. Shared secret is created by combining user FIO private key with guardian FIO public key;
  5. The resulted encrypted content is sent in FIO request to the guardian address;
  6. User submits his email as off-chain communication channel for key recovery protocol;
  7. Guardian is only able to decrypt his half by using shared secret key of combination of his FIO private key with sender FIO public key;
  8. Guardian never has access to user’s entire private key (even in encrypted form).

You can learn more about FIO Request protocol here:

Recovery mechanism:

  1. User contacts each guardian by email or other channels with request to initiate key recovery;
  2. Depending on each guardian recovery policy he may request registered email confirmation and transaction from associated blockchain account, which may serve as recovery fee;
  3. In cases when user selects guardians from his social circles — verification step can be simplified and recovery fees waived;
  4. After confirmation each guardian provides to user decrypted content of FIO Request;
  5. User will need to combine two halves provided by each guardian into one string and decrypt it using password only user knows;
  6. At the end user receives plain text private key he can re-import and use in any wallet.

And while I risk attracting critics by cryptographers for blasphemy of suggesting storing private keys even in encrypted form on Blockchain, I would argue that this solution is not any less secure then brute forcing finding a matching private key for a known public key since the same public key encryption is used to encrypt secret.

Even in a case of both guardians involved deciding to gain access to entrusted private key and combining both halves of encrypted private key — they will still face an obstacle of breaking AES encryption, which with a reasonably long password selected by the user will be highly unlikely.

Hence overall this solution may be more secure than any centralized approach widely used today.

Currently this novel mechanism is implemented and actively used in Tribe Wallet:

Tribe wallet development sponsored by Crypto Tribe POS Validator:



Eugene Luzgin

Software technology leader and problem solver with diverse track record in software industry roles ranging from individual contributor to a startup founder.