Fun side project for the weekend, Keyxn.
Easily create N cryptographically secure shares of a secret, with only K parts required to recover the secret (K <= N).
This can be a fun way to share a secret among N people and allow any K of them to recover the secret. Or perhaps allow your family to recover your crypto-wallet if an untimely demise should befall you.
import keyxn
# Create a secret
let secret: ShamirSecret = initSecret("super secret")
# Split into 4 parts and require 2 to recover
let shares: seq[ShamirShare] = secret.split(k=2, parts=4)
# Recover secret with 2 parts
let recovered = shares[0..1].recover()
assert secret == recovered
There's already sss but a pure Nim is always nice.
Awesome, would be great if you could take the split shares and encrypt them via AES. PGP Desktop does this but gpg does not.
If interested look at split-key and join-key.
Awesome, would be great if you could take the split shares and encrypt them via AES. PGP Desktop does this but gpg does not.
That'd be a fun CLI tool! Though are there any pure Nim crypto libraries to use? I try and avoid PGP/GPG as their CLI's give me a headache.
Originally the SSS port's came from a credit card storage vault prototype that could be sealed/unsealed similar to Hashicorp's Vault. To test that I'd used a simple JOSE rest call that'd re-encrypt your share with the server's key. The pain point was lack of a good CLI interface, and I didn't know of Nim back then.
Also I though it could be fun to use an ARM "secure" MCU and make a "family vault" or something. Perhaps, a game where you have to find N usb drives with various shares to unlock it. ;)