Update: First post on read.cash describing the mechanics of the scheme... https://read.cash/@tibanne/split-seed-mechanics-39d15b5d

The scheme has undergone multiple revisions and only mildly resembles the initial setup... the new setup can be seen here with some discussions about what has changed... https://read.cash/@tibanne/split-seed-revised-34419659


You're a regular Joe. You create an account on a crypto service with a non-custodial client side wallet. The service asks you to immediately back up your X word seed and recommends that this is done offline by writing down your seed words. You don't have time for this! You continue to use the service without taking this initial backup. Worse, you might copy and paste the seed and save it locally or snap a screenshot.

Time passes and something happens to make you forget the password you were using. Maybe you're not using a password manager yet and you didn't want to use the same password you've used in multiple other places because Chrome has started to tell you that you've been pwned through the lax security of others. Maybe you've upgraded to using a password manager but you forgot your master password. You can't log in and now your funds are irretrievable.

What it does

SplitSeed is an attempt at solving this problem by creating a 24 word seed by combing two 12 word parts. The first part is derived from a combination of your email address and password and is never sent to the server. The second is generated randomly on the server during account creation and sent to the client to be combined with the first part whenever you log in.

On account creation, you're asked to stash the first part of the seed somewhere. It doesn't really matter how exposed it is, as without your password to login to the service, an attacker cannot take anything.

Now, if you forget your password, you can use a the very familiar email based password reset mechanism to change your password. During reset if you can supply the first part of the seed that you saved on account creation, the full seed that was constructed using your forgotten password can be reconstructed briefly and your funds can be moved to the location specified by the new password you provide.

Users can still opt to and should be recommended to save their full seed somewhere very safe.

The plan

I will be taking this concept through to a production implementation inside sharetip.me for the CoinParty hackathon. The registration and login part has been implemented already but the scheme has not been properly documented and vetted and the reset logic and UX has not been started. I'm hoping that the experienced panel of mentors at the hackathon will try to break the idea. If it still stands up at the end, then SplitSeed could provide a reasonable middle ground for lay people in the UX/security trade off.

Bitcoin Cash Address: bitcoincash:qquqtxcd6jdkk8dp7cha2cryuur6vqt6tgu4v7afdv

Bitcoin Cash QR

SLP Address: simpleledger:qquqtxcd6jdkk8dp7cha2cryuur6vqt6tgsw89gfnj


Built With

  • async-bch
  • bcryptjs
  • bitbox-sdk
  • bitcore-lib-cash
Share this project: