Skip to content

Introduction

Overview

One of the most notable challenges in security is ensuring that a user—and only that user—has continued access to a secret, regardless of device loss, app reinstallation, or other life events.

Traditional approaches often burden the user with managing backups of their secret keys. These keys are long, complex, and difficult to store securely. This complexity often leads users to choose less secure alternatives rather than navigating the secure platform, especially when migrating to a new device.

Various solutions have attempted to address this:

  • Seed phrases: Easier than random characters but still difficult to remember and secure.
  • Passkeys: Eliminate the need for memory but can be tricky to transfer between devices and raise backup concerns.
  • Password-based encryption: Vulnerable to brute-force attacks if the password is weak.
  • HSMs (Hardware Security Modules): Used by companies like Apple, WhatsApp, and Signal. They protect PINs from brute-force attacks but rely on the hardware's security and can be expensive and inflexible.

Introducing OpenSigner

OpenSigner is designed to solve these problems by enabling:

  • Users to:

    • Securely store cryptographic keys by splitting them into shares stored in separate locations.
    • Sign data using an ephemeral reconstruction of their private key, used only for a specific operation.

  • Organizations and Developers to:

    • Easily manage their users' cryptographic keys.
    • Abstract the key recovery process via automatic recovery or empower users with password recovery or passkey recovery.

Architecture

Component overview

OpenSigner consists of three main components:

  1. iFrame: Performs user operations, handles key splitting, and reconstructs keys.
  2. Key Share Storage: Keys are split into three shares, stored in different locations:
    • User device: Stored within the iframe on the user's device.
    • Hot storage: External storage for frequently accessed shares.
    • Cold storage: External storage for shares accessed only when a local or hot share is missing.
  3. Authentication Service: Verifies user access to shares by issuing access tokens to the iframe and exposing validation endpoints to the storages.

How it works

Splitting

OpenSigner uses Shamir's Secret Sharing to split private keys into three shares. This ensures the key is never stored in a single location, reducing the risk of compromise.

Splitting overview

Reconstruction

The original key can be reconstructed using any two of the three shares. The iframe component reconstructs the private key only when needed and discards it immediately after use.

SVG frame 0SVG frame 1SVG frame 2
Presented By
Openfort Logo