🇺🇦 #NowPlaying on #KEXP's #VarietyMix

Shamir:
🎵 I Love My Friends

#Shamir

https://shamir.bandcamp.com/track/i-love-my-friends

https://open.spotify.com/track/4H1zTMi2xkVrvGuFnmzzjU

🧵 Thread: Building information-theoretic security for personal cold storage

After almost losing access to critical crypto wallets during a team transition, I've been thinking about the cold storage problem differently.

Most people store seeds/keys in single locations: hardware wallets, encrypted files, safety deposit boxes. But what happens when that ONE thing fails, gets stolen, or you forget where you put it?

1/8
🔐 The solution we ended up building uses Shamir's Secret Sharing - the same math that Trezor uses internally, but applied to any secret you need to store long-term.

Split your seed phrase into 5 pieces, need any 3 to recover. The beautiful part: 2 pieces reveal ZERO information. Information-theoretic security, not just "computationally hard."

2/8
💡 Real-world threat models this addresses:
🔥 House fire (shares elsewhere survive)
🚪 Inheritance planning (family can pool shares)
🏠 Forgotten hiding spots (only need threshold)
⚔️ Physical coercion (attacker needs multiple locations)
💾 Hardware failure (recover to any new device)

3/8
🛡️ The crypto nerd in me loves that this is provably secure:

- AES-256-GCM for file encryption
- Shamir's algorithm over GF(256)
- Each share is self-contained with recovery tools
- Air-gapped operation (Docker --network=none)
- No proprietary crypto, everything auditable

4/8
🎯 Use cases beyond crypto:

- Password manager master vault exports
- GPG/SSH keys you can't afford to lose
- Encrypted family photos/documents
- Any "nuclear option" secret that needs decades of survival

The key insight: some secrets are too important for single points of failure.

5/8
🔓 Why we open-sourced it:
When your financial security depends on a tool, you can't trust it to any company's business model. Cryptographic tools for long-term storage need to be:

- Transparent (audit the math)
- Immortal (survive any vendor)
- Community-maintained

6/8
💻 Implementation details for the security-minded:

- Runs completely offline
- Cross-platform (Linux/macOS/Windows)
- Each share includes full recovery application
- FIPS 140-2 compatible algorithms
Reproducible builds

GitHub: https://github.com/katvio/fractum

7/8
Question for #infosec community:

I'm wondering How do you handle long-term storage of critical secrets? Especially curious about approaches that survive both digital and physical threats over decades.
What threat models am I missing for personal cold storage scenarios?

#cryptography #backup #security #shamir
8/8

🇺🇦 #NowPlaying on #BBC6Music's #LoudAndProud

Shamir:
🎵 I Love My Friends

#Shamir

https://shamir.bandcamp.com/track/i-love-my-friends

https://open.spotify.com/track/4H1zTMi2xkVrvGuFnmzzjU

🇺🇦 #NowPlaying on #KEXP's #AfternoonShow

Shamir:
🎵 Head in the Clouds

#Shamir

https://open.spotify.com/track/4PiXipqSBXVRRhRxPs2kv3

🎶 show playlist 👇
https://open.spotify.com/playlist/2Ivj2i9BbyMoJmb0ZucUM2

🎶 KEXP playlist 👇
https://open.spotify.com/playlist/6VNALrOa3gWbk794YuIrwg

Source: https://www.pixiv.net/en/artworks/96432697

#miura_n315 #FireEmblemThreeHouses #Shamir

Source: https://x.com/Echako_00/status/1861747927255056670

#Echako_00 #FireEmblemThreeHouses #Shamir #cosplay

🔊 #NowPlaying on #KEXP's #VarietyMix

Shamir:
🎵 On the Regular

#Shamir

https://open.spotify.com/track/07yXm3rSwpfSFwRu3QpTdA