HbarSuite Docs
  • Welcome to HbarSuite
  • HbarSuite Developer Documentation
    • HbarSuite Smart Engine Applications
      • @hsuite/cross-chain-exchange
      • @hsuite/dao
      • @hsuite/exchange
      • @hsuite/launchpad
      • @hsuite/multisig
      • @hsuite/nft-exchange
    • HSuite Libraries
      • @hsuite/api-key
      • @hsuite/auth-types
      • @hsuite/auth
      • @hsuite/client-types
      • @hsuite/client
      • @hsuite/dkg-types
      • @hsuite/hashgraph-types
      • @hsuite/health
      • @hsuite/helpers
      • @hsuite/ipfs
      • @hsuite/smart-config
      • @hsuite/smart-network-types
      • @hsuite/smart-transaction-types
      • @hsuite/smartnode-sdk
      • @hsuite/snapshots
      • @hsuite/subscriptions-types
      • @hsuite/subscriptions
      • @hsuite/throttler-types
      • @hsuite/throttler
      • @hsuite/users-types
      • @hsuite/users
      • @hsuite/validators-types
  • General Documentation
    • Tokenomics
      • Tokenomics v1
      • Tokenomics V2
    • Smart Apps and Interaction
      • Subscription-Based Model
      • Token-Gate Model
    • The Smart Node Network
      • security-layer
        • Security Layer Integration
        • Setting Up Secure Clusters
        • Generating and Sharing Keys Collaboratively
        • Protecting Secrets with Shamir's Method
        • Managing Cluster Membership
        • Handling Node Expulsion and Replacement
        • Automating Responses to Network Changes & Key Rotation
        • Ensuring Continuous Operation and Recovery
      • Understanding Validators in Our System
        • Type of Validators Explained
    • What is a Smart Node?
  • Restful APIs Documentation
Powered by GitBook
On this page
  • Dividing the Secret
  • Reconstruction with Threshold Access
  • Technical Implementation
  1. General Documentation
  2. The Smart Node Network
  3. security-layer

Protecting Secrets with Shamir's Method

PreviousGenerating and Sharing Keys CollaborativelyNextManaging Cluster Membership

Last updated 3 months ago

Dividing the Secret

  • We use a technique called Shamir's Secret Sharing to split the secret key into multiple parts.

  • These parts, known as "shares," are distributed among the nodes in the cluster.

Reconstruction with Threshold Access

  • To reconstruct the original key, a predetermined number of shares must be combined.

  • This means that even if some shares are lost or some nodes become unavailable, the key can still be securely rebuilt as long as enough shares are present.

Technical Implementation

The system implements Shamir's method using:

  1. Polynomial Generation

    • Creates a random polynomial of degree t-1

    • The secret is embedded as the constant term

    • Coefficients are randomly generated

  2. Share Distribution

    • Each node receives a point on the polynomial

    • Requires t shares to reconstruct (threshold)

    • Shares are encrypted during transmission

  3. Key Reconstruction

    • Uses Lagrange interpolation to recover the secret

    • Only possible with threshold number of shares

    • Mathematically secure against fewer shares

Shamir's Secret Sharing