Open-source cold storage for long-term secrets - mathematical approach

Submitted ⁨⁨6⁩ ⁨days⁩ ago⁩ by ⁨bot@lemmit.online [bot]⁩ to ⁨opensource@lemmit.online⁩

https://old.reddit.com/r/opensource/comments/1linx49/opensource_cold_storage_for_longterm_secrets/

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/opensource by /u/cyrbevos on 2025-06-23 18:11:42+00:00.

The problem: You have critical secrets that need to survive years or decades, but storing them in one place creates a single point of failure. What happens if your hardware wallet breaks, your house burns down, or you simply forget where you hid your backup?

What we built - Fractum:

A tool that uses Shamir’s Secret Sharing (the same math Trezor uses) to split your most critical secrets into pieces. You can store shares with family, friends, bank deposit boxes - anywhere. Need 3 out of 5 pieces to recover, but having only 2 pieces tells an attacker absolutely nothing.

Links:

GitHub: github.com/katvio/fractum
Security docs: fractum.katvio.com/security-architecture/

Real-world use cases for individuals:

Cryptocurrency seeds: Split your hardware wallet backup across trusted family members
Password manager exports: Your LastPass/Bitwarden master vault backup
Important documents: Encrypted scans of wills, insurance papers, tax records
Photo/video archives: Family memories encrypted on external drives
Personal encryption keys: SSH keys, PGP keys you can’t afford to lose

Why we went open source:

When your life savings or precious memories depend on a tool, you can’t trust it to stay supported forever. Companies disappear, but math doesn’t. Open source means:

No vendor can hold your secrets hostage
Community can maintain it even if we disappear
You can audit every line of cryptographic code
Works completely offline
Each share is self-contained with the full recovery app

How it protects you:

🔥 House fire: Shares stored elsewhere remain safe

🚌 Bus factor: Family can pool shares to recover your assets

🏠 Theft/coercion: Attacker needs multiple people in different locations

🤔 Forgotten hiding spots: Only need threshold number of shares

📱 Lost devices: Hardware wallet breaks, but shares let you recover to any new wallet

The math: Built on Adi Shamir’s 1979 algorithm - information-theoretic security that’s literally impossible to break below the threshold, not just “really hard.”

Full disclosure: We built this after almost losing our own critical keys. Figured other people face the same “how do I safely store this forever?” problem.

For the community: Looking for feedback on the crypto implementation or additional personal use cases. Goal is something anyone can rely on for decades of secret security, regardless of what happens to vendors or maintainers.

source

Comments

Sort:hotnew top