Why Cypherock has a default 2/5 threshold scheme

Cypherock X1 uses a cryptographic threshold scheme called Shamir's Secret Sharing to reconstruct the private key during runtime to sign a transaction that is deleted from the temporary memory as soon as the transaction is digitally signed. Cypherock X1 currently implements 2 of 5 Shamir's Secret Sharing. Hence a user today requires either 1 X1 Card and the X1 Vault, or 2 X1 Cards to reconstruct the Crypto private keys. An average user ideally keeps 2 of the cryptographic parts at home (both in separate rooms) and the remaining 3 parts away from home.

While considering all of the schemes, here are some insights that led us to finalize the 2/5 threshold design:

There needs to be enough redundancy to avoid loss while protecting the user enough against the potential theft of private keys. This is where the current single-signature wallets fail and m/n threshold schemes help achieve this optimally. Human error tends to be the most prevalent reason for the loss of funds. Therefore, the 2/5 scheme created enough redundancy that the user can afford to lose cryptographic parts and still be assured that the Crypto assets are accessible. At the same time, it avoids a single point of failure for potential theft.
A threshold scheme of above 2/5, say, 3/5 would optimize for security but will come with a significant compromise on the wallet user experience. The 2/5 scheme avoids a single point of failure and provides exponentially more security than 1/5 and more convenience than 3/5 and above. With a 2/5 threshold scheme, the user still has the choice to keep the X1 Card and X1 Vault in the same place giving him a similar UX to current single signature hardware wallets, or keeping them as far away as possible to optimize for security.
It is important there isn't any single point of failure for storing the Cryptographic parts which are going to be inactive and kept as backup. In 2/5 scheme, the remaining 3 are the inactive parts. With 2/5 scheme, users have the ability to mitigate single points of failure where the user can choose to keep 1 X1 Card in a bank locker, 1 X1 Card with a family member, and 1 X1 Card with a friend. These 3 personas have 3 different risk profiles for a user and hence mitigate the risks of a single point of failure even with inactive part storage.
While inheriting the assets through Cypherock inheritance service (launching soon), it is important for the user to avoid a single point of failure in nominee selection. The user should be able to give two different cards to at least 2 different nominees so that even if one nominee is unavailable, the other one should be able to manage the recovery. At the bare minimum, then the average user needs to have 2 Cryptographic parts accessible to him at all times, 2 parts given to 2 different nominees and 1 additional part not easily accessible to the user and not given to any nominee as well.

At present, Cypherock is not considering offering a custom threshold scheme, but that may change in the future.

PreviousHow is Shamir Secret Sharing implemented within Cypherock X1 NextRejected Key Schemes

Last updated 1 year ago

Was this helpful?

Why Cypherock has a default 2/5 threshold scheme

While considering all of the schemes, here are some insights that led us to finalize the 2/5 threshold design:

There needs to be enough redundancy to avoid loss while protecting the user enough against the potential theft of private keys. This is where the current single-signature wallets fail and m/n threshold schemes help achieve this optimally. Human error tends to be the most prevalent reason for the loss of funds. Therefore, the 2/5 scheme created enough redundancy that the user can afford to lose cryptographic parts and still be assured that the Crypto assets are accessible. At the same time, it avoids a single point of failure for potential theft.
A threshold scheme of above 2/5, say, 3/5 would optimize for security but will come with a significant compromise on the wallet user experience. The 2/5 scheme avoids a single point of failure and provides exponentially more security than 1/5 and more convenience than 3/5 and above. With a 2/5 threshold scheme, the user still has the choice to keep the X1 Card and X1 Vault in the same place giving him a similar UX to current single signature hardware wallets, or keeping them as far away as possible to optimize for security.
It is important there isn't any single point of failure for storing the Cryptographic parts which are going to be inactive and kept as backup. In 2/5 scheme, the remaining 3 are the inactive parts. With 2/5 scheme, users have the ability to mitigate single points of failure where the user can choose to keep 1 X1 Card in a bank locker, 1 X1 Card with a family member, and 1 X1 Card with a friend. These 3 personas have 3 different risk profiles for a user and hence mitigate the risks of a single point of failure even with inactive part storage.
While inheriting the assets through Cypherock inheritance service (launching soon), it is important for the user to avoid a single point of failure in nominee selection. The user should be able to give two different cards to at least 2 different nominees so that even if one nominee is unavailable, the other one should be able to manage the recovery. At the bare minimum, then the average user needs to have 2 Cryptographic parts accessible to him at all times, 2 parts given to 2 different nominees and 1 additional part not easily accessible to the user and not given to any nominee as well.

At present, Cypherock is not considering offering a custom threshold scheme, but that may change in the future.

PreviousHow is Shamir Secret Sharing implemented within Cypherock X1 NextRejected Key Schemes

Last updated 1 year ago

Was this helpful?