Wealth Security Protocol
Go to Casa Home
Search…
Overview
💜Casa vs. Alternatives
Introduction
Option #1: Do-it-yourself
Option #2: Custodial Storage
Option #3: Commercial Systems
🔑System Design Principles
Introduction
Minimal Knowledge
High Security
Usability is Security
Expert Support
Redundancy
Sovereignty
Incentive Alignment
Bitcoin First
🚨Threat Overview
Introduction
Data and Credential Loss
Phishing
SIM Hijacking
Network Attacks
Malware
Supply Chain Attack
Physical Coercion
Child/Pet Attack
Internal Service Provider Attack
Platform / Hosting Provider Attack
Code Dependency Attack
Official Seizure
Inheritance Failure
🔐Chosen Features
Introduction
Hardware Wallet Signing
Multi-signature
Multi-location
Heterogeneous Hardware and Software
Seedless Hardware Wallets
Emergency Recovery Key
PIN or Biometrics for Mobile Key only
PIN for every device
Sovereign Recovery Instructions
Emergency Lockdown Button
Health Check
Identity Verification for Account Recovery
✅Chosen Key Schemes
3-of-5 Key Shield
2-of-3 Basic Multisig
Single-Key Wallet
❌Rejected Key Schemes
Key Sharding (Shamir’s Secret Sharing)
2-of-2
1-of-2
❌Rejected Features
Biometrics General Usage
Seed Phrase Backups
Financial Products and Services Integration
Brain Wallet -- Memory Based Solutions
Web-Based Key Management
Hardened Addresses
🔧Remaining Attack Vectors
Address Spoofing
Malicious Insider Key Theft
Extreme disaster scenarios
Extortion
👨‍🚀Future Improvements
Taproot/MAST
Schnorr Signatures
Powered By GitBook
Key Sharding (Shamir’s Secret Sharing)
Key sharding can function as an alternative to multisig, but after testing we rejected the use of key sharding because it exposes clients to higher security risks.
Key sharding is achieved by splitting a single key into multiple pieces and copies of those pieces, such that some subset of the pieces can be recombined to recover and use the key for a signature and transaction. This key splitting or sharding can be used to provide a similar experience to true multisig.
However, key sharding has many drawbacks that caused us to reject it in favor of multisig.

Drawbacks:

  • Single point of failure - The single private key exists on a single device at creation and it is reconstructed onto a single device in order to sign transactions. If the key is compromised either at creation or during reconstruction, a user’s funds can be stolen.
  • No key invalidation - With multisig, the user can invalidate a single lost key and replace it. The other keys can be kept and used with the new key to construct a new multisig setup and set of addresses. With key sharding, all the shards must be replaced whenever one is compromised. This makes rapid recovery from an attack or even just a simple system update difficult. All shards/pieces must be replaced each time there is a change to the setup, where with multisig a client can replace just a single key.
  • No standard implementation - There is no standard for key sharding. This means that shards made with one piece of software might not be usable with a different piece of software. This locks users into one vendor and compromises user sovereignty. It increases the risk of loss due to user error. It is an obstacle to the use of heterogeneous hardware and software.
  • Poor auditability - If a key is reconstituted from secret shares, it’s not possible to tell which secret shares were used to recreate the key. Whereas with on-chain multisig, the “identity” of each signing key is stored on the blockchain and can be useful for forensic analysis in the case of compromised keys.
✅Chosen Key Schemes - Previous
Single-Key Wallet
Next - ❌Rejected Key Schemes
2-of-2
Last modified 2yr ago
Copy link
Contents
Drawbacks: