public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: "'Rama Gan' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
To: "bitcoindev@googlegroups.com" <bitcoindev@googlegroups.com>
Subject: [bitcoindev] Penlock, a paper-computer for secret-splitting BIP39 seed phrases
Date: Sun, 12 May 2024 18:04:09 +0000	[thread overview]
Message-ID: <9bt6npqSdpuYOcaDySZDvBOwXVq_v70FBnIseMT6AXNZ4V9HylyubEaGU0S8K5TMckXTcUqQIv-FN-QLIZjj8hJbzfB9ja9S8gxKTaQ2FfM=@proton.me> (raw)

I am excited to introduce Penlock, a printable paper-computer that guides users
through secret-splitting their BIP39 seed phrase without an electronic device. A
beta release is now available for peer-reviewing and early testing:
https://beta.penlock.io.

There are a growing number of people storing a significant portion of their
savings on the blockchain. Most people use a BIP39 seed phrase to back up their
wallet, but this method has disadvantages. If the seed phrase is lost or stolen,
then the funds are at risk of being irremediably lost. Additionally, planning
for inheritance would require entrusting the phrase to a third party, something
that is not advisable.

Secret splitting is a straightforward cryptographic concept that solves these
issues. A 2-of-3 split produces 3 "shares"; Any 2 of these shares can be used to
recover the seed phrase. Each share can be stored in a separate location and no
single share can be used to reveal information about the seed phrase.
Trust-minized inheritance is then possible, as one share can be given directly
to an heir, and another left in the will.

Unfortunately, despite commendable efforts with SLIP39, we still lack a
wallet-agnostic secret splitting standard. Moreover, users who already produced
their BIP39 seed phrase might be legitimately reluctant to enter it into an
electronic device for the purpose of secret splitting.

This is were Penlock enters the scene! Secret-splitting BIP39 seed phrases
guarantees compatibility with all existing wallets. Using the analog
implementation, one can run the algorithm without exposing the seed phrase to an
additional electronic device. You only need a printer, a craft knife, some
scissors, a pencil and paper, and a few hours of free time.

Penlock was inspired by Codex32, a similar project from A. Poelstra and R.
O'Connor. From there, I tried to map the design space by exploring different
trade-offs, producing prototypes, benchmarking their execution speed, their ease
of use, etc. While there is always room for improvement, I believe that the
design of Penlock is now close enough to optimal and deserves to be released.

Penlock is an open-source project that will always remain free to use.
Cryptographers, developers and enthusiasts are very welcome to test and
peer-review Penlock until its public release date, which is currently planned
for Q3 2024. Please share any feedback or comments you may have! :)


Rama Gan

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/9bt6npqSdpuYOcaDySZDvBOwXVq_v70FBnIseMT6AXNZ4V9HylyubEaGU0S8K5TMckXTcUqQIv-FN-QLIZjj8hJbzfB9ja9S8gxKTaQ2FfM%3D%40proton.me.


             reply	other threads:[~2024-05-12 18:08 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-12 18:04 'Rama Gan' via Bitcoin Development Mailing List [this message]
2024-05-13 13:40 ` [bitcoindev] Penlock, a paper-computer for secret-splitting BIP39 seed phrases Andrew Poelstra
2024-05-14 12:03   ` 'Rama Gan' via Bitcoin Development Mailing List
2024-05-14 13:42     ` Andrew Poelstra
2024-05-16  7:43       ` 'Rama Gan' via Bitcoin Development Mailing List
2024-05-16 13:27         ` Andrew Poelstra
2024-05-16 17:24           ` Andrew Poelstra
2024-05-24 10:39             ` 'Rama Gan' via Bitcoin Development Mailing List
2024-05-24 14:14               ` Andrew Poelstra
2024-05-24 15:02                 ` 'Rama Gan' via Bitcoin Development Mailing List
2024-05-14 12:43 ` 'Rama Gan' via Bitcoin Development Mailing List

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='9bt6npqSdpuYOcaDySZDvBOwXVq_v70FBnIseMT6AXNZ4V9HylyubEaGU0S8K5TMckXTcUqQIv-FN-QLIZjj8hJbzfB9ja9S8gxKTaQ2FfM=@proton.me' \
    --to=bitcoindev@googlegroups.com \
    --cc=ganrama@proton.me \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox