Ledger Recover isn't new to the seed recovery game. Although different in their ways, the crypto space already has a few solutions that offer funds recovery in case of mishaps.
Cryptocurrencies are trustless by design, meaning they don't require users to trust a central authority to maintain the integrity of the blockchains they operate on or keep their assets secure.
But this comes with a major challenge — cryptocurrency users need to secure their own assets to truly leverage their unique benefits. This self-sovereignty ensures no third party has access to their funds, enabling true financial autonomy and freedom.
Practically, this means users need to securely generate and store their seed phrases and/or private keys so that they can be retrieved in the event of an emergency.
To help reduce this burden, Ledger recently announced an opt-in social recovery feature, which allows Ledger hardware wallet owners to split their seed and store each shard with a different trusted entity. By providing proof of identity and undergoing other checks, the user could retrieve their key shards from the custodians to recover their assets.
This feature was met with stark criticism among crypto natives, who argue that it opens the door to surveillance, potential collusion and even forcible seizure — since a government could force Ledger to reveal the key shard holders.
In response to the pushback, Ledger postponed the release of the new feature. Fortunately, those in need of a seed recovery system have several open-source options to choose from — most of which are resistant to censorship and collusion by design.
Here, we take a look at some of the most secure options.
Join us in showcasing the cryptocurrency revolution, one newsletter at a time. Subscribe now to get daily news and market updates right to your inbox, along with our millions of other subscribers (that’s right, millions love us!) — what are you waiting for?
Use a Multi-Signature Wallet
As the name suggests, multi-signature wallets require signatures from multiple private keys to authorize a transaction. This ensures a single key cannot control the funds contained in the wallet. These wallets are typically used to distribute transaction signing responsibilities over multiple parties — helping to maximize consistency, increase security and improve regulatory compliance.
Though multi-signature setups are typically leveraged by businesses and other organizations, they can also be used by individuals to bolster their security and improve recoverability should they lose access to their private keys or seed.
Multi-signature wallets allow you to retain access to your funds even if you lose one (or potentially more) of your signing keys. If you create a 2-of-3 wallet, you can easily recover your funds if you lose 1 key, whereas a 4-of-7 wallet allows you to lose 3 keys without compromising your funds.
Related reading: Learn about Account Abstraction.
By creating a multi-signature wallet and storing the private keys in secure locations, you can easily access your funds even if a key is lost. You can then transfer your funds to a new multi-signature wallet and repeat the secure storage process to maintain your protection.
Today, many popular cryptocurrency wallets feature native multi-signature support. This includes Electrum and Specter (Bitcoin wallets) as well as Casa (Ethereum wallet). Some also offer an additional layer of security, thanks to hardware wallet support.
Some wallets, known as collaborative multi-signature wallets, also offer secure key custody solutions, requiring you to trust a third party with the security of your key(s). These generally require you to complete KYC and potentially pay a fee — your identity can then be used to recover your private key(s) if needed. This is somewhat similar to Ledger’s proposed Recover service.
Shamir's Secret Sharing Method
One of the simplest seed phrase splitting and recovery methods, Shamir's Secret Sharing (SSS) allows you to securely split a seed phrase into several shares, which you can then distribute to multiple independent people or entities.
Should you ever need to reconstruct your seed phrase, you then need to obtain enough shares from your trusted chunk holders. These chunks then be combined to form the secret. This process is known as social recovery.
The purpose of SSS is to distribute data among a group, such that no single individual can glean any information about the nature of the secret. If a single share is compromised, the attacker would not be able to reconstruct the secret. The attacker would need to access at least the minimum quorum number of shares to reconstruct the secret.
Shamir's Secret Sharing is used to divide a secret into n number of shares, such that any k number of shares can be used to reconstruct the secret. For example, you might divide a secret into n = 7 shares, requiring at least k = 4 shares to reconstruct the secret.
The system accomplishes this by using polynomial interpolation, whereby a secret is represented as a point on a polynomial curve, and shares are also points on that curve. By defining a threshold, you determine how many shares are required to reconstruct the polynomial and the associated secret.
This setup can be used to distribute your seed (as shares) to reliable individuals or entities since they will be unable to deduce any information about the nature of the secret without obtaining at least k number of shares.
Several well-known hardware wallets now support Shamir backups, including the Trezor Model T and Keystone Wallet.
Because of the risks of collusion or malware, it is necessary to take steps to securely generate and recombine the seed if using SSS — multiparty computation is one such way to achieve this.
Consider Multiparty Computation
Multiparty Computation, or MPC, is a cryptographic concept used to aggregate computational inputs from multiple parties, helping to increase redundancy and security.
The system allows users to cooperate with each other to perform computations without revealing anything about their individual inputs, allowing users to remotely collaborate securely and privately to perform potentially complex operations. This is particularly useful when transacting large sums or splitting up authorization to engage with smart contracts.
Multiparty computation can be combined with Shamir's Secret Sharing technique to enable the trustless recovery of cryptocurrency seeds or private keys. Here’s how it would work:
- Secret Splitting: Use SSS to split the seed phrase or private key into 'n' shares in such a way that any 'k' out of these 'n' shares are needed to reconstruct the original secret (where k <= n). This is known as (k, n)-threshold secret sharing.
- Share Distribution: These shares should be distributed to trusted friends, family members, or other trustworthy individuals. It is important that these can be easily contacted or reached but are not known to each other to prevent collusion.
- Recovery: When you need to recover your seed phrase or private key, you will then need to contact at least “k” members of your secret sharing network and have them participate in the reconstruction process.
- Reconstruction: You can then use MPC software to combine the 'k' shares and reconstruct the original secret. This can be done in such a way that the individual shares are never revealed to any single party, including the owner. Through MPC, the shares can be used to perform the necessary computations to reconstruct the secret without the shares themselves being reconstructed.
Some institutional cryptocurrency custody solutions are known to leverage multi-party computation — Fireblocks being one prominent example.
Redundant Backups
One particularly simple but often overlooked way to protect your seed phrase and maximize recoverability is to keep backups stored in multiple geographic locations.
This will give you enough redundancy to protect your assets even in the worst-case scenarios — such as a natural disaster or war.
Today, there are a large number of robust seed and private key metal wallet storage solutions that can be combined with redundant geographic storage to provide robust protection against most potential calamities.
For an additional layer of protection, consider encrypting your seed phrase or private keys prior to inscribing it/them on a metal wallet using a cipher. You can then memorize the cipher decryption key to ensure only you can unlock your funds should your metal wallet backup ever be discovered by an unauthorized person.
Click here to learn more about securing your seed phrase.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap. CoinMarketCap is not responsible for the success or authenticity of any project, we aim to act as a neutral informational resource for end-users.
