| Hey HN, I’m excited to share MnemonicSafe, a JavaScript library that securely splits and encrypts BIP-39 mnemonics using Shamir’s Secret Sharing (SSS) and AES-256-GCM encryption. This project is inspired by SLIP-39 (SatoshiLabs’ Shamir Backup), but it is an independent, experimental approach that offers flexibility for custom security models. How It Works
• Split a BIP-39 mnemonic into N shares using Shamir’s Secret Sharing.
• Threshold-based recovery: Only T of N shares are needed to reconstruct the mnemonic.
• Encrypt each share using AES-256-GCM with unique passwords for added security.
• Supports reconstruction of the mnemonic only when the correct threshold of decrypted shares is provided. Why Use This?
• More secure than storing a single mnemonic.
• Resistant to loss: As long as the threshold number of shares exists, the mnemonic can be recovered.
• Better than just encrypting the mnemonic: A single compromised key won’t reveal the full secret.
• Customizable & extensible: Can be adapted for advanced use cases like expiration metadata, threshold encryption, or HSM integration. What This Is Not
• This is not an official SLIP-39 implementation. It is inspired by SLIP-39 but uses password-based encryption for added flexibility. GitHub: https://github.com/hackable/mnemonicsafe Would love to hear thoughts from HN! Any feedback, suggestions, or security critiques are welcome. |