Secret Sharing UX

Motivation

Moving away from institutions and big tech, focussing on peers as holders of trust.
Exploring relationships-based security protocols.

Shamir's Secret Sharing (1979)

💳 finance 💳
🏛️ voting 🏛️
✍️ signing ✍️
📱 account recovery 📱
🎞️ archiving 🎞️
…

Existing UX is … well …

Explore & evaluate the UX pattern of secret sharing

What are metaphors or visualizations that help explain the concept?
Where does secret sharing fall short as a security mechanism?
- Is there awareness for verification?
- How do people select their trusted group?

Screenshot 2025-03-07 at 11.29.27

Actual recovery flow was most difficult because it required out-of-band communication
3 testers asked for independent verification, 2 asked for social verification, 2 did not verify at all
Ideal thresholds: 2/2, 2-3/4, 8/10, ?/4, 2/4, 9/10, 3/4

Ranges for thresholds usually went down after the test

Asking for recovery help was easy for most; accepting to help with recovery was scary for some.

Transparency is necessary in case secret holder is unavailable. But transparency can also lead to weaponized friendship.

An account without a username???
(Backchannel doesn't come for free!)

🏕️ Implementations in the wild 🏕️
🥡 Social protocols 🥡
🖇️ Collaborators 🖇️
💰 Funders??? 💰

Micah, C.C. et al.

Testers
C.C., Kii Kang, Lis, Mayowa Tomori, Mike,
Pia Park, Ying Tong

Community Privacy Residency
community-privacy.github.io

💜
@eviewinter.42 (Discord/Signal)