This repository contains the Shamir Secret Sharing for Mnemonic Phrases (SSSMP) specification and the corresponding reference implementation. SSSMP is a secret sharing scheme with a particular focus on the use case of sharing random mnemonic phrases, as for example used within hierarchical deterministic wallets in context of cryptocurrencies. With this focus in mind, this specification is designed to be fully compatible with existing encodings of mnemonic phrases, in particular BIP39. It can, for example, be used to split a given (already existing) BIP39 mnemonic phrase of 12, 15, 18, 21, or 24 words, into up to n = 255 shares, such that any configurable subset of shares of size t ≤ n can be used to recover the original mnemonic phrase from the shares. However, this specification is not limited to the use of BIP39 for encoding and decoding of mnemonic phrases, but rather specifies the secret sharing on the level of byte sequences. Alternative encodings such as, e.g., bytewords, may be used instead of BIP39. The design is intentionally kept as simple as possible, and only adds minor modifications, in particular an integrated checksum mechanism, to the original secret sharing approach described by Shamir (1979).

For better readability of the mathematical notation used within the specification, we recommend viewing the HTML export of the specification. The specification itself is maintained in the Specification.md markdown file within the ./docs directory of this repository.

The reference implementation as well as a set of test vectors can be found in the ./src directory of this repository.

This work is licensed under the Creative Commons Attribution 4.0 International License.

Contributions are very welcome, please contact us directly, generate a pull request or create an issue.