From: "'Rama Gan' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
To: Andrew Poelstra <apoelstra@wpsoftware.net>
Cc: "bitcoindev@googlegroups.com" <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] Penlock, a paper-computer for secret-splitting BIP39 seed phrases
Date: Fri, 24 May 2024 15:02:39 +0000 [thread overview]
Message-ID: <x8ORFhCMjZL-ViYGSXl9ek_bfU231h6sOnG97aMj6tOT3cmKKRDS8PJsfFbvfRrzGTbZLuHzSOCwmc7mGwBSxBHGAfLUyydX-OZNPYHvfrQ=@proton.me> (raw)
In-Reply-To: <ZlCg2C4kZSGUN3Qx@camus>
> Are you sure? It seems that if two shares have the same value in a given
> position, the line through them should be constant, meaning that every
> other share will have the same constant value.
For the 2-of-M split, the secret is encoded as the difference between two
consecutive shares instead of being a point at a given index. If both the secret
and share A have a header `HEAD`, then share B will start with `====` (zeros)
and share C will be the additive inverse of `HEAD`.
The secret is the "slope" of the line; for the shares headers to be constant,
the solution would be to fill the corresponding spots with zeros on the secret.
So yes it _is_ possible, but then the 2-of-M and the K-of-M cases will behave
differently which could be a source of confusion. I guess it is the
cons of going for a composite scheme.
-- Rama Gan
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/x8ORFhCMjZL-ViYGSXl9ek_bfU231h6sOnG97aMj6tOT3cmKKRDS8PJsfFbvfRrzGTbZLuHzSOCwmc7mGwBSxBHGAfLUyydX-OZNPYHvfrQ%3D%40proton.me.
next prev parent reply other threads:[~2024-05-24 15:08 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-12 18:04 [bitcoindev] Penlock, a paper-computer for secret-splitting BIP39 seed phrases 'Rama Gan' via Bitcoin Development Mailing List
2024-05-13 13:40 ` Andrew Poelstra
2024-05-14 12:03 ` 'Rama Gan' via Bitcoin Development Mailing List
2024-05-14 13:42 ` Andrew Poelstra
2024-05-16 7:43 ` 'Rama Gan' via Bitcoin Development Mailing List
2024-05-16 13:27 ` Andrew Poelstra
2024-05-16 17:24 ` Andrew Poelstra
2024-05-24 10:39 ` 'Rama Gan' via Bitcoin Development Mailing List
2024-05-24 14:14 ` Andrew Poelstra
2024-05-24 15:02 ` 'Rama Gan' via Bitcoin Development Mailing List [this message]
2024-05-14 12:43 ` 'Rama Gan' via Bitcoin Development Mailing List
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='x8ORFhCMjZL-ViYGSXl9ek_bfU231h6sOnG97aMj6tOT3cmKKRDS8PJsfFbvfRrzGTbZLuHzSOCwmc7mGwBSxBHGAfLUyydX-OZNPYHvfrQ=@proton.me' \
--to=bitcoindev@googlegroups.com \
--cc=apoelstra@wpsoftware.net \
--cc=ganrama@proton.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox