Content
@
0 reply
0 recast
0 reaction
Stephan
@stephancill
Where is the private key for warpcast wallet stored? cc @horsefacts.eth @v
10 replies
5 recasts
46 reactions
Tony D’Addeo
@deodad
private key is shamir sharded on your device into 3 shards, any 2 of which can reconstruct the PK 1 shard remains on the device 1 shard is encrypted by a key that warpcast holds (recovery shard) 1 shard is encrypted by a key that Privy holds (auth shard) all encryption also happens on your client effectively the recovery and auth shards are both accessible by your custody address but via authing with two separate service providers it’d take two separate breaches of warpcast and privy to compromise key material the reasons for doing this instead of simple EOA are 1) users won’t lose access to their funds bc it inherits the Farcaster recovery system since 2/3 can be accessed via SIWF (all without needing the user to backup anything themselves) 2) users can seamlessly access their wallet on any device (i.e. web) without needing to manually move a seed phase around in a reasonably secure way
7 replies
6 recasts
50 reactions
df
@df
interesting... is this considered custodial given the 2/3 shards on backends can reconstruct the key?
1 reply
0 recast
1 reaction
Tony D’Addeo
@deodad
yes, not like there's some official term but Privy even considers their basic setup self-custodial since the system is designed such that neither applications or Privy can access the key material. ofc there are a ton of assumptions that come along with this system that make it very different than an EOA that is only kept on devices vs being sharded and synced, but even then you are still making assumptions like 1) they aren't malicious and just sending your PK material to their servers , 2) the client code isn't compromised so system risk is never 0 in our setup it's stronger since two parties would need a breach, whether of security or trust, from two different entities to compromise at some point we'll likely add an option for users to store their recovery shard themselves, which strengthens the self-custodial even more
0 reply
0 recast
1 reaction
