Decentralized Secret Key Storage

30 May, 2022

This is part of a series where I try to figure out what I want to do with my life. I'll be exploring ideas, technical, non-technical, and just straight up silly. Here I researched an idea one of my friends gave me. Based around a better way to handle secret keys. Enjoy!

Blockchains require secret keys associated with a wallet to use them. The idea is to keep that information on a decentralized ledger in a privacy preserving manor.

Business Case

User Story: As a privacy conscious user, I want a way to manage my password on a decentralized network, so that I can easily access my password without relying on a central authority.

Example Customers Might Be:

• Crypto individuals who want to store their secret keys, but don’t trust centralized authorities
• High Net Worth Individuals who don’t trust a centralized alternative

Such an idea suffers from several drawbacks.

1. In order to access the stored secret key, you need a password. Generally people make bad passwords, or, if it’s a good password, it’s likely just as hard as a secret key. This makes the public information of the encrypted secret key vulnerable to rainbow attacks, and overall makes the network much less safe.
2. While the information can be private, people can still see that you have a vault with passwords in it. This then becomes an obvious exploit target.
3. Writes to blockchains require money. This means every created password costs money to add.
4. People don’t like putting very sensitive information in a public setting, even if it’s secret.

It also suffers from “good enough” competition. Either:

• Hot Wallets like MetaMask
• Cold Wallets like Ledger

Technical Implementation

Let’s ignore the whole secret key aspect of this. The core idea in actuality is to just store private information on a blockchain. An example implementation is here, where an individual made a password manager on the blockchain. They simply encrypted the information using cryptojs, and then stored it in a vault. A vault is generally used for storage of money off of a wallet, but here it is used for storage of secret keys. One would likely need to create a specific blockchain for this, since it would require user passwords for interfacing. A network like cosmos or polkadot might be a good pick.

Conclusion

It honestly sounds like just creating a more integrated cold wallet solution would be better here. A heavily integrated cold wallet, an identity blockchain that can be used for other chains, or simply a decentralized password manager a la the implementation example are all likely better avenues for this. Storing secret keys in this manner doesn’t particularly sound useful nor secure. Another more interesting area might be private blockchains like hyperledger fabric, though those use cases as well as decentralization are suspect. Overall, I don’t see much merit to this.