Trait SparkSignerShamir

pub trait SparkSignerShamir {
    // Required methods
    fn split_with_verifiable_secret_sharing(
        &self,
        message: Vec<u8>,
        threshold: usize,
        num_shares: usize,
    ) -> Result<Vec<VerifiableSecretShare>, SparkSdkError>;
    fn split_from_public_key_with_verifiable_secret_sharing(
        &self,
        public_key: &PublicKey,
        threshold: usize,
        num_shares: usize,
    ) -> Result<Vec<VerifiableSecretShare>, SparkSdkError>;
}

Trait for Shamir’s Secret Sharing operations in the Spark wallet.

This trait provides methods for splitting secrets (such as private keys or other sensitive data) into multiple shares using Shamir’s Secret Sharing scheme. The implementation uses a verifiable variant that allows share holders to validate their shares without revealing the underlying secret.

Key features of this implementation:

• Threshold-based reconstruction (requires t-of-n shares)
• Verifiability of shares (participants can verify their shares are valid)
• Compatible with secp256k1 keys used in the Bitcoin network

Use cases in Spark include:

• Creating backup shares for wallet recovery
• Establishing multi-custodial arrangements
• Distributing sensitive material across multiple secure storage locations

Required Methods

fn split_with_verifiable_secret_sharing( &self, message: Vec<u8>, threshold: usize, num_shares: usize, ) -> Result<Vec<VerifiableSecretShare>, SparkSdkError>

Splits a secret message into verifiable shares using Shamir’s Secret Sharing.

This method takes an arbitrary message (typically a secret key or other sensitive information) and splits it into num_shares shares, such that any threshold number of shares can reconstruct the original secret.

Arguments

• message - The secret message to split into shares
• threshold - The minimum number of shares required to reconstruct the secret
• num_shares - The total number of shares to generate

Returns

• Ok(Vec<VerifiableSecretShare>) - A vector of verifiable secret shares
• Err(SparkSdkError) - If share generation fails

Security Considerations

• Ensure threshold is sufficiently high to maintain security
• The shares should be distributed to separate, trusted entities
• Each share should be protected with appropriate access controls

Example

    // Split a secret into 5 shares, requiring 3 to reconstruct
    let secret = vec![1, 2, 3, 4, 5]; // Example secret
    let shares = signer.split_with_verifiable_secret_sharing(secret, 3, 5)?;

fn split_from_public_key_with_verifiable_secret_sharing( &self, public_key: &PublicKey, threshold: usize, num_shares: usize, ) -> Result<Vec<VerifiableSecretShare>, SparkSdkError>

Splits a secret key identified by its public key into verifiable shares.

This method finds the private key corresponding to the provided public key in the signer’s storage, then splits it into shares using Shamir’s Secret Sharing scheme. This is particularly useful for creating backups of specific keys within the wallet.

Arguments

• public_key - The public key corresponding to the secret key that should be split
• threshold - The minimum number of shares required to reconstruct the secret key
• num_shares - The total number of shares to generate

Returns

• Ok(Vec<VerifiableSecretShare>) - A vector of verifiable secret shares
• Err(SparkSdkError) - If the key cannot be found or share generation fails

Security Considerations

• Ensure the private key exists in the signer’s storage
• Use appropriate threshold values (typically at least 2/3 of num_shares)
• The resulting shares contain sensitive key material and must be protected

Example

    // Split the private key for a specific public key into 3 shares, requiring 2 to reconstruct
    let shares = signer.split_from_public_key_with_verifiable_secret_sharing(pubkey, 2, 3)?;
    // Distribute shares to trusted parties or secure storage locations

Implementors

impl SparkSignerShamir for DefaultSigner