The future of key management: a POC and thought experiment

With key management still being an unsolved problem in the space, I thought it would be a good idea to build a POC tool designed to allow anyone to backup their keys across multiple cloud providers (like drive and dropbox) in a way that prevents any one provider from gaining access to the user’s funds.

This POC is built solely as a thought exercise and I felt compelled to build it because I believe the future of key management will be done with shared secrets that are held by cloud providers rather than individuals. I believe this because the idea that you would distribute parts of your keys to other individuals is complex and error prone. You also run the risk that they collude and steal your funds.

In reality, most of us would prefer a trust-less solution that allows us to recover our keys seamlessly.

This POC tool uses Shamir's secret sharing and is based off Ian Coleman's tool. You basically back up your keys by creating shares that can only be reconstructed if a threshold is met e.g. 2 out of 3 shares. You can then upload one part to one cloud provider (e.g. Dropbox) and another part to another cloud provider (e.g. Google Drive).

If an attacker gains access to an account or the cloud provider is compromised, they would not be able to gain access to your funds as they would need at least one other share that is stored elsewhere.

Obviously this tool assumes that the user has secured all their accounts, has different passwords and uses 2FA. This is obviously not the case in many instances.

Please take a look and let me know what you think. Obviously this tool is only experimental and should not be used for keys that hold any real value.

Website: https://james-sangalli.github.io/shamir-wallet-backup/

Source code: https://github.com/James-Sangalli/shamir-wallet-backup