Why are we moving away from Shamir Secret Sharing?

The feature that we spent a lot of time building

We have been building on top of bitcoin for a few years now. And are amazed that there is so much to learn every day. Thanks to thousands of users who love what we have built and want us to do better.

So what is this blog post about?

Bitcoin wallet Hexa, our most popular product, is changing how the wallet backup works. From sharded recovery keys, cloud backup, and PDF recovery to a simple 12 words based backup. Here we want to explain why we are moving away from SSS (Shamir Secret Sharing) and what lies ahead for the product and its users. It should also help fellow builders take note of some peculiar aspects of building in this space that we have learned in our journey.

The SSS backup scheme

We have worked with this scheme for a while now and understand its benefits. We even implemented a multi-device multi-sig account to go along with it so that there is no single point of failure for most of the funds in the wallet. Our implementation also avoided the mistakes of the previous applications of SSS in the bitcoin space. The code has been open for years w/o any issue raised with security or how it was implemented. You can read more about the complete backup scheme and why we chose it here.

So why move away from it?

Let me jump straight into the why

1. Trust (or not needing it): This is the most important lesson we have learned. We, bitcoiners, trust a solution more if we do not have to trust the solution provider. In other words, we should be able to verify the solution w/o having to rely on or trust some company. At Hexa, the team believed that making the code open source would do this. However, that is not true; most users do not go to GitHub and verify the code. A bitcoin solution is more credulous if the user can see their funds across wallet solutions w/o having to trust any one of them. With the seedless scheme, that was not possible.
2. Freedom (to choose): Having to stick to a walled garden, no matter how beautiful it is, rubs us bitcoiners the wrong way. We want our freedom and the ability to use the products we want, like signers needed for a MultiSig account. With the SSS scheme, it was not possible to use external signers (aka hardware wallets) the way they were supposed to be used.
3. One size does not fit all: Hexa started with the ambition of being the only wallet every bitcoiner will ever need. It turns out that we were wrong. The first reason is that different bitcoiners have varying needs. And second, there is so much happening in the bitcoin access space (wallets et al.) that a multi-wallet world is inevitable. We do not have one social app or account for all our financial needs, so why do we expect that in the bitcoin space? (However, this does not mean they cannot talk to each other — more on that to come). Taking out SSS helps us focus on a specific type of user and their needs. And do an incredible job of it.
4. Reduced complexity (KISS): SSS clubbed with multisig, a social layer with multiple accounts and lightning, was a very sophisticated piece of code, to say the least. Taking out some features improves the user experience and reduces the attack surface of the product. It also removes the need for components like Cloud Backup and PDF recovery keys introduced to support SSS.
5. Education (and standards): All the bitcoin builders understand the importance of user education. That is how the users trust bitcoin products and make the most of it. This is where standards kick in. Seed words, for better or worse, have been the standard for a long time. A whole ecosystem of products and projects has developed around it, which adds to the common knowledge about them.

The evolution of bitcoin-related technologies, like BIP 85, MuSig and NFC/ QR/Bluetooth-enabled signers, makes moving away from SSS easier.

What does it mean for the users?

• For new users, the backup will only be with 12 seed words. No cloud backup or levels of backup are available.
• Using contacts for storing recovery keys is unavailable in the new app.
• Features like multi-sig Savings Account and Donation Account have been moved out of Hexa to simplify the user experience (They need more attention and an app of their own — more to come).
• For existing users, we will continue to support the legacy backup scheme and the features mentioned but will encourage them to move to the new backup scheme.

Roadmap

The technology built with the SSS module will be very useful and may be deployed in the custom enterprise space. Hexa has provided much value to the users with its F&F (Friends and Family) and Gifting features. A lot more can be done in that space alone, which will be the app’s focus going forward.

Want to try out the app or update the one you have? Download the latest from here: http://hexawallet.io/store