Oddbean

▲ ▼

 What if the company owner could split his key that he generated on the phone into 3 shards and give each shard to a different cloud service providers and they would collectively perform musig2 and sign stuff on his behalf using NIP-46 without ever being able to recover their key unless they all collude?

And they also offer fine-grained access control for interns and employees and so on.

@waxwing is this ok?

▲ ▼

 #asknostr 
nostr:nevent1qqs04nnajz8yh24alhfzrwtsnj8mmpv28lcfrcq8ku7d5zz45n7s97qpzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtczyqalp33lewf5vdq847t6te0wvnags0gs0mu72kz8938tn24wlfze6qcyqqqqqqgc3ymlq

▲ ▼

 https://conduition.io/cryptography/frost-byok/

Close

▲ ▼

 As a first pass, I'd model it like DNSSEC. The delegator (parent) has a DS record (event) having the delegatee (child) pubkey. Additional tags could be added for specific delegations.

▲ ▼

 Basically Shamir's splitting right?

▲ ▼

 IIUC somewhat similar but with musig you don't have to reconstruct the secret to sign a message, so with musig there will never be an assembled secret in one place you could steal. Every participant has their own secret and then they agree on a message and share partitial signatures that can be assembled to the complete signature.

With sss you first assemble the shared secret, then you could sign a message with it, but the assembled secret could be stolen and then your complete security is gone.

▲ ▼

 Ah didn't consider the idea that the participants in this concept have secrets that are first split up from a single company secret.

▲ ▼

 nostr:nevent1qqsre84xe6qpagf2w2xjtjwc95j4dd5ccue68gxl8grkd6t6hjhaj5qzyqalp33lewf5vdq847t6te0wvnags0gs0mu72kz8938tn24wlfze6t8t7ak

▲ ▼

 Sound like a horcrux, I don’t like black magic