In crypto you use a cryptographic key where you, as the wallet holder, have a public key that represents your address. Much like an email address. This is called a public key since there is no risk in someone accessing the funds in your wallet if you share it publicly. Though, as the wallet holder you need a way to access the funds in your wallet or account → in order to do this we have a secret key, or mnemonic phrase that represents this secret key. It’s like a password that’s really strong and you can never change it (unless you get a completely new wallet). This is explained very well in this thread by the Solana Spaces.
This is a very valid method, but the age old problem is where do we store this secret key? It’s a large bunch of random words or letters, good luck remembering them all by heart!
If you take a photo, someone could access your phone or cloud account and use it → They will have full control over your crypto.
What if you write it down? That’s super secure, but then if you lose that piece of paper you will not be able to access that wallet again and your funds are lost. There are estimates that more than 20% of Bitcoin’s total supply has been lost due to seed phrases being lost.
Generally speaking, there is a strong tradeoff between safety and convenience of use.
Decaf uses a well known cryptographic method to split secrets into parts using a threshold scheme based on Shamir’s secret sharing. That’s a lot of complex words yet it’s a fairly simple but extremely powerful method of splitting up the key into multiple parts. If you’re interested, check out the paper on Shamir’s Sharing. For a simple explanation check out the technical deep-dive below.
When creating a new wallet in Decaf, we take the secret key and split it into 3 parts. You will need 2 of these parts to access your wallet. We store one, you get 2. What this means is if you ever lose one of your shares, we can assist you in accessing your wallet. But Decaf will never be able to access your wallet alone.
Great. But where do these shares go?