Decentralized Private Key Backup and Recovery System

Ever since I joined new Blockchain revolution I started thinking of a cornerstone problem of all cryptocurrencies — private key management.

The simple truth is that most of us — human beings do not want to deal with managing long cryptographic keys like the followings:

BTC:
5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF

ETH: 0x44b9abf2708d9adeb1722dcc1e61bef14e5611dee710d66f106e356a111bef90

As we have enough trouble remembering our Pa$$w0rds.

And hence the natural inclination of many is to trust their cryptocurrency holdings in the hands of centralized exchanges like Coinbase and others turning the last into effectively new modern banks rather than trading place.

The hardcore Crypto techies may manage their cryptographic keys on hardware wallets or keep multiple encrypted copies on usb sticks and external drives. However they make a small percent of total crypto holders.

Majority may keep it in plain text on their hard drives — I once helped one user find his lost private key by doing global search on his Mac using his public key only to discover both public and private keys in one of his word documents stored in some random folder.

More advanced users may use LastPass for storing all their passwords and private keys, which is still a better option then an earlier one with one caveat — you are trusting a centralized company, which became a bank of secrets and a constant target of hackers with all your secrets.

Even if LastPass is never hacked and they do superb job on data backup, which I am sure they are doing, they can still be taken down by any government agency or court ruling for any reason.

There is another smaller problem with LastPass if you are a World traveller — it may not be accessible from everywhere. I could not for example access my account while in China. It’s solvable by VPN though but again get’s more technical for most users.

And hence the right solution must be as Cryptocurrency itself — fully decentralized using cryptography with minimum information shared.

I have developed a mechanism of double encryption and secret splitting across multiple trusted guardians, which does not rely on any central party or storage for secure private key backup and recovery.

Below is the graphic describing encryption and delegation mechanism:

  1. User private key is encrypted with a user password provided;

You can learn more about FIO Request protocol here: https://fioprotocol.io/

Recovery mechanism:

  1. User contacts each guardian by email or other channels with request to initiate key recovery;

And while I risk attracting critics by cryptographers for blasphemy of suggesting storing private keys even in encrypted form on Blockchain, I would argue that this solution is not any less secure then brute forcing finding a matching private key for a known public key since the same public key encryption is used to encrypt secret.

Even in a case of both guardians involved deciding to gain access to entrusted private key and combining both halves of encrypted private key — they will still face an obstacle of breaking AES encryption, which with a reasonably long password selected by the user will be highly unlikely.

Hence overall this solution may be more secure than any centralized approach widely used today.

Currently this novel mechanism is implemented and actively used in Tribe Wallet: https://www.tribewallet.io/

Tribe wallet development sponsored by Crypto Tribe POS Validator: https://cryptotribe.io/

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Eugene Luzgin

Software technology leader and problem solver with diverse track record in software industry roles ranging from individual contributor to a startup founder.