Disclaimer: this article includes links to products for sale on our store.
- Shamir Backup vs Multisig vs Splitting Seed Phrase
- Is the Shamir Backup For You? Examples of Setups.
- Setting Up Shamir Backup: What You Need
- How to Create a Shamir Backup (Step by Step)
In this post we are going to cover:
Plus more... Read on to learn everything you need to know about How to complete a Shamir Backup on your Trezor T.
The Shamir Backup is a private key security system that Trezor introduced in August 2019. It’s based on the Shamir Secret Sharing cryptographic algorithm, which Satoshi Labs adapted for Bitcoin in SLIP 39 . Thus, the Trezor Model T is the world’s first hardware wallet to support this standard.
Info: In simple terms, the Shamir Backup is the middle ground between a basic seed phrase and a multisig setup. It retains the best of both worlds and puts them together in a simple setup. Thanks to the Trezor UI, it shouldn't take longer than 15 minutes to complete the entire process.
But before you do a Shamir Backup on your Trezor Model T, you should first understand how it works. All hardware wallets use the BIP 39 standard to generate a series of 12 or 24 seed words. But if this basic security is not enough for your threat model, you need something more advanced.
Shamir Backup vs Multisig vs Splitting Seed Phrase
Multisigs (also pioneered by Trezor) are popular for their extra complexity. To spend the funds in a wallet, you’re going to need a pre-determined number of signatures. This enables multi-stakeholder approaches and complex security mechanisms.
Advice: If you're an individual coin holder, you most likely don't need to have multisig. Unless you're very technical, you can lose your funds by getting tangled up in complexity. So it's better to use setups that you can understand and can replicate at any given time.
It’s also a terrible idea to split the 12 or 24 words in many parts, then spread them around. Not only that you can lose them or scramble them yourself, but hackers can also brute force attack a few words. So if someone knows 9 of your 12 words, it’s easy to guess the remaining 3. The BIP 39 dictionary has 2048 words, so a simple script can try all the possibilities within minutes.
The Shamir Backup exists as a middle ground between these security solutions . It retains the ease of seed phrases and also benefits from the multiplicity of multisigs. But as opposed to multisigs, you need to gather the shares of the private key in one place. You can’t have stakeholders remotely sign transactions.
In a nutshell, on your Trezor Model T you can create up to 16 shares for your private key. And depending on your preference, you can choose how many you will need to make the funds spendable.
Also, the Shamir Backup is compatible with the passphrase . So even if someone steals the required shares to spend your coins, they’ll still need one last word.
Is the Shamir Backup For You? Examples of Setups.
Example 1: A family of four can each have a share, but need three of them to generate the private key. This means that one or two members can’t spend the coins by themselves. Also, if one member loses their share, the funds can still get recovered. And if shares get lost, it’s recommended to use the remaining ones to create a new Shamir Backup.
Example 2: You’re single and live alone. You complete a 4 of 6 shares Shamir Backup. You keep two shares in your house, then entrust the other four to your lawyer, bank safe, and two good friends. If your house gets robbed, you can access to your coins with the remaining 4 shares.
And unless your lawyer and friends know what kind of setup you’ve created, they can’t steal your money. If you make coordination impossible, you’re safe. But spending will also become more difficult for yourself, as you need to get two shares.
These are only two examples of how you can set up the Shamir Backup. The possibilities are endless and the Trezor Model T allows you to generate as many as 16 shares.
Advice: It's up to you to find the middle ground between security and convenience. Remember to keep it simple enough for yourself to use and hard enough for others to rob you.
Setting Up Shamir Backup: What You Need
To set up a Shamir Backup, you’re going to need a Trezor Model T and a computer with an internet connection. As of August 2019, the security standard doesn’t work on the Trezor One or any other hardware wallets.
Also, you need to install the Mozilla Firefox browser or Chrome. Trezor Bridge will not work with Opera, Safari, or Edge/Internet Explorer.
Advice: For a greater connection privacy, you can use the Brave browser or Tor which requires a minor setup. It's recommended to take this route if you don't want to share your IP address with Trezor. But for this privacy protection purpose, you can also run a VPN and use Chrome or Firefox.
How to Create a Shamir Backup (Step by Step)
First of all, you’re going to have to connect your Trezor Model T to your computer. Plug the USB-C to USB-A cable to power it up and go to https://trezor.io/start . In the visual menu, click on the Trezor Model T picture on your right.
In the next screen, you will have to pick between creating a new wallet and recovering an existing wallet. Click on “Create Wallet”.
The Trezor Model T allows you to create two types of wallets. The first one is the Single Backup Wallet, while the second one is the Shamir Backup Wallet. To continue with this advanced setup, click on “Create with Shamir Backup”.
After this step, the action moves to your device. As prompted on your browser’s screen, you should focus your attention on the Trezor Model T.
At first, Trezor will make you confirm that you want to create a new wallet with the Shamir Backup. This part also makes you agree with the company’s terms of service .
In the next screen, you will have to choose the number of shares. Please make up your mind about the ideal setup before you proceed. If your recovery plan is too complicated or too simple, your funds are at risk. You can pick any number of shares between 1 and 16.
After picking the model of shares which fits your threat model, you also have to set the threshold. In a nutshell, this is how many parts you’re going to need to recover your wallet and spend the coins. Likewise, you can pick any number between 1 and 16 (but it can’t be greater than the number of shares).
This next section includes the actual backup and features two important tips. First of all, you should write down all the words using a pen and a piece of paper. Then, you should never make a digital copy or type your words on a computer that’s connected to the internet. Don’t take pictures either, they are easy to steal.
These are some basic security practices that help you avoid malicious attacks.
By default, each Shamir Backup share has 20 words. For extra entropy, you can also opt for 33-word shares.
During this phase, you will notice that all shares start with the same 3 words. This is no coincidence, as the first two words serve as identifiers. The third identical word helps with encoding for Super Shamir Backups .
To scroll from one group of words to the next, you will have to use the Trezor Model T’s touchscreen. This is very much akin to using your smartphone, so you should find it intuitive.
To make sure that you’re writing the correct words, between shares you will have to pick the order of 3 random words. The format resembles a multiple choice test, where only one answer is correct. For example, the Trezor will ask you to pick the correct words for positions 3, 9, and 17. A wrong answer will take you back to the list of words in the share, so you can double check and correct.
Also, writing all the shares on the same piece of paper defeats the purpose. You should keep them separated, so you can later store them in different places. A Shamir backup whose shares are all in one place is just a fancy seed phrase. So to benefit from the security advantages, you must separate the shares. Use different pieces of paper and metal plates.
If you get everything right, the message “Your backup is done” will greet you. Congratulations, you have successfully set up your Shamir Backup!
After this, check the computer screen to see your Trezor wallet interface. For greater security, you should also set a PIN and a passphrase on your Trezor device.
Advice: If your Shamir Backup is holding a significant amount of value, consider replacing paper with a Billfodl. It will grant your shares the durability of steel and make them weightier. If you're going to entrust a nocoiner friend or family member with one of your shares, it's probably not a good idea to hand them a piece of paper anyway.
The Billfodl lets you add up to 24 words per piece, so your 20-word Shamir Backup shares will fit very well. We also offer a bundle which includes a Billfodl and a Trezor Model T device. And if you’d like to find out more about why Trezor is the king of hardware wallets, read this article .
What is Shamir backup?
Shamir Backup is a method of splitting the 12 or 24 seed words into multiple parts. A specified number of parts has to be used to recover the wallet.
Why is this feature named Shamir?
It got it’s name from Adi Shamir, the author of Shamir’s Secret Sharing algorithm.
What does Multisig mean?
Multisig (multisignitures) divides up responsibility for possession of bitcoins among multiple people.
What is the best advantage of Shamir Secret Sharing Scheme?
SSSS (Shamir Secret Sharing Scheme) helps you split a secret in as many parts as you want.
What is secret sharing in cryptography?
Secret Sharing means that you can distribute a secret to a group of participants, each of them sharing a piece of that secret.