Shamir-secret-sharing-store NPM

shamir-secret-sharing-store

TypeScript library to generate metadata-rich Shamir's Secret Share stores for data transfer, based on Privy’s implementation of Shamir's Secret Sharing algorithm.

Only supported in browser environments.

Usage

We can splitWithPasswordAsStore a secret into shares with a password, and later decryptAndCombineWithPassword the shares to reconstruct the secret. Unlike the shamir-secret-sharing original package, this package includes metadata of both the secret and encrypted share to facilitate the management and storage of the shamir secrets.

import {splitWithPasswordAsStore, decryptAndCombineWithPassword} from 'shamir-secret-sharing-store';

const encryptedShares = await splitWithPasswordAsStore("my secret","password",3,2);
const combinedSecret = await decryptAndCombineWithPassword("password",encryptedShares);

Example of a generated secret share:

{
    version: 1,
    id: '47beb1f7-7c1c-4b4c-be76-fca27e5f2cd7',
    share: {
        total: 3,
        threshold: 2,
        encrypted: true,
        contents: '42e3997cf776e75840bbac7b51107b6e117009f4c9ebe3',
        share_sha512: '44631f1fd6b9d0aa824e9a0342210466fc73ad569d562a2266f7bb57d1f731fd16b98a308bf6131b8bd3574a5c23d935c3079baeab95c030bfe2087454829bb1',
        secret_sha512: 'bdbcba12c7745e080d984546d23c29f0a8bf9f95968958a39e77062c93ef9a1fd7d318e5d3fb9d41d358b8678dd5b75070ab21aecaab88c563c3b8189e2d1c74'
    },
    crypto: {
        ciphertext: '42e3997cf776e75840bbac7b51107b6e117009f4c9ebe3',
        cipherparams: [Object],
        kdf: 'PBKDF2',
        kdfparams: [Object]
    },
    algorithm: 'shamir-secret-sharing'
}

API

This package exposes two functions: splitWithPasswordAsStore and decryptAndCombineWithPassword.

splitWithPasswordAsStore

/**
 * Splits a `secret` string into encrypted shares using a `password` for encryption. It first splits the secret and then encrypts each share with the given password.
 * 
 * @param secret The secret string to be split and encrypted into shares.
 * @param password The password used for encrypting the shares.
 * @param total The total number of shares to split `secret` into. Must be a positive integer.
 * @param threshold The minimum number of shares required to reconstruct the original `secret`. Must be a positive integer.
 * @returns A list of encrypted shares.
 */
declare function splitWithPasswordAsStore(
  secret: string,
  password: string,
  total: number,
  threshold: number,
): Promise<Share[]>;

decryptAndCombineWithPassword

/**
 * Decrypts a list of shares using a given `password` and then combines them to reconstruct the original secret.
 * 
 * @param password The password used for decrypting the shares.
 * @param shares An array of encrypted shares.
 * @returns The decrypted and combined secret as a string.
 */
declare function decryptAndCombineWithPassword(
  password: string,
  shares: Share[],
): Promise<string>;

License

Apache-2.0. See the license file.

shamir secret sharing threshold cryptography crypto keys mnemonic typescript node browser web3

shamir-secret-sharing

@everything-registry/sub-chunk-2745

0.0.3

7 months ago

0.0.2

7 months ago

0.0.1

7 months ago