Perhaps my biggest problems with the @Ledger Recover program as it’s currently conceived are that it’s not open and it’s not independent. Users will be locked into decisions that Ledger made, for its own business reasons. [1/12]
The Gordian Principles from @BlockchainComns suggest that digital assets should be held in a way that’s independent, private, resilient, and open. Ledger Recover increases resilience, but that’s it. [2/12] github.com/BlockchainComm…
From what we’re heard, the Recover share holders will actually be requiring KYC checks. That doesn’t just go across our Principles, but also the general ethos of Bitcoin! [3/12]
But the core issue here isn’t necessarily those decisions, but the fact that Ledger is locking *you* into them. And maybe encourage other wallet developers like @spiralbtc to lock you into their own different choices. [4/12]
The @BlockchainComns Collaborative Seed Recovery (CSR) system has some similar ideas to Ledger Recover, but it’s founded on the principle that the asset holder gets to decide exactly how their key is protected. [5/12] github.com/BlockchainComm…
You want to back up some of your shares on a metal plate, such as the innovative QR plates using SSKR shards from @SeedHammer? That’s OK! Your assets, your choice. [6/112]
There are even some wallet companies talking about backing up shards from other wallet companies! Our open source Collaborative Seed Recovery architecture offers many ways for us to cooperate to benefit us all. [7/12]
You decide your personal privacy needs. You can shard and store all the shares yourself. Based on your personal risk profile, you decide if you want help from with third-parties or to get help from family or close friends. Or pay a high-end service you trust. *You* decide. [8/11]
We’ve worked with @Ledger before. They were one of our original sponsors for @Blockchaincomn’s #SmartCustody program. We’d love to work with them again, so that the community can work through some of the problems with Ledger Recover. [9/12]
For instance, a community member took our open source SSKR code to create a Ledger app that can shard your seed *without* needing a firmware upgrade that risks adding new attack surface: [10/12]
Are you a wallet developer? We have a Gordian Developers meeting the first Wednesday of every month as the center of our collaboration. Feel free to join us! [11/12] blockchaincommons.com/subscribe.html…
Support our community efforts to give you a choice. Become a patron of Blockchain Commons! [12/12] github.com/sponsors/Block…
A thread on Shamir vs multisig, and why the open source work toward Collaborative Seed Recovery (aka CSR) by the wallet devs that are part of the Gordian Wallet Community is important:
At @BlockchainComns we believe that multisig offers superior #SmartCustody over using Shamir's Secret Sharing (which was recently implemented as part of @Ledger Recover). Unfortunately, there are few practical alternatives to sharding a seed, and multisig is complex. 🧵… [1/13]
The first obstacle to multisig is that our experience is that they are too complex for normal usage. We know that even professionals using one of our well-tested secure scenarios find the hour it takes is too long. [2/13] github.com/BlockchainComm…
The second obstacle is that true multisig really is available only for Bitcoin. There are multi-account smart contracts that resemble cryptographic multisig, but they don't offer the same level of hardware security, and each transaction costs gas. [3/13] shivanisb10.medium.com/multisig-contr…
One of my concerns with the new @Ledger Recover service is that they appears to be sharding via Shamir’s Secret Sharing, but doing so in a proprietary way and possibly in a naive fashion. We don’t know, as it is not open source. [1/11]
Obviously, Shamir’s Secret Sharing has a long history and is widely used, but it also has real drawbacks. As we’ve written at @BlockchainComns, one of the biggest dangers comes in reconstruction. [2/11] github.com/BlockchainComm…
Eavesdropping, trojan-horsing, or just faking authentication for the seed holder can all lead to a stolen seed! The process of restoring the shares, reconstruction device is a serious single point of compromise. And then there are concerns with how you distribute shares! [3/11]
There's been a lot of controversy over @Ledger's new recovery service, which will shard your seed out to third-parties for storage. Why? In large part because we didn't expect seeds to ever leave the Ledger device. [1/11]
As it turns out (as all hardware wallet designers already know), all it requires is a signed firmware update, and seeds can go wherever they want. Why?… [2/11]
Ledger's hardware *is* based on a Secure Enclave (aka "SE"). That's is what generates and stores your private keys. [3/11] ledger.com/academy/securi…
The problem is that prosecutors & lawyers are asking courts to demand private keys as part of pre-trial discovery. This is wrong on so many levels! [2/10]
The most frustrating thing is that a private key is that they are the wrong tool for discovery. If there was a legitimate need for discovery, a public key could do the job. Private keys are about the authority to control, not information. [3/10]
SSKR stands for Sharded Secret Key Reconstruction. It's a way for users to easily shard a cryptographic secret, giving you some options for seed reconstructions & and improved resilience against theft or loss. [1/15]
Why? Because loss of a seed or private key is the easiest way to lose your Bitcoin or other cryptocurrency. SSKR safely backs up your seed by breaking it into shares which are only useful if combined back together. For details see our overview doc: [2/15] github.com/BlockchainComm…
Our Gordian Seed Tool app for iOS and macOS offers a reference demonstration of this sharding functionality, but we expect wallet manufacturers to soon be incorporating SSKRs as well. [3/15] apps.apple.com/us/app/gordian…
Puzzling through if NFTs can be used to help fund trustless self-sovereign identity efforts, and open infrastructure tools & services. First experiment: opensea.io/assets/0x495f9…
I'll try an auction tonight when the gas fees are lower, with the auction scheduled to end next week.
If you are an artist that wants to support my efforts toward trustless forms of Self-Sovereign Identity (aka #SSI), we welcome a donation of original artwork to try out this experimental funding method for open development.