Skip to content
Safeparts Safeparts Help

How it works

Safeparts is built around three simple goals:

  1. Split a secret so no single share reveals it.
  2. Reconstruct only when enough shares show up.
  3. Fail loudly when inputs are wrong (wrong shares, typos, wrong passphrase).

Threshold sharing (k-of-n)

Section titled “Threshold sharing (k-of-n)”

You choose a threshold (k of n):

  • With fewer than k shares, reconstruction is impossible.
  • With any k shares, reconstruction succeeds.

Under the hood, this is Shamir-style secret sharing over a finite field (GF(256)), applied byte-wise.

What a share is

Section titled “What a share is”

Conceptually, each share is one point on a polynomial of degree k-1. With k points you can reconstruct the polynomial, and therefore the original secret. With fewer than k points, you learn nothing useful about the secret.

Why GF(256)

Section titled “Why GF(256)”

Safeparts works on bytes. GF(256) lets the math happen on 8-bit values, so secret sharing applies cleanly to arbitrary binary data.

Integrity

Section titled “Integrity”

Secret sharing gives you confidentiality (until k shares), but by itself it does not reliably catch user mistakes. Safeparts adds an integrity tag so combine can detect incorrect inputs.

  • If shares are corrupted or from different sets, combine fails.
  • If you typed a share wrong, combine fails.

There are also extra checks at the encoding layer:

  • Base58Check includes a checksum.
  • Mnemonic shares include CRC16 to catch many transcription mistakes.

Optional passphrase protection

Section titled “Optional passphrase protection”

Safeparts can encrypt the secret before splitting it.

High level:

  • Derive a key from the passphrase (Argon2id).
  • Encrypt the secret (ChaCha20-Poly1305).
  • Split the encrypted bytes into shares.

This means an attacker needs both k shares and the passphrase.

Encodings

Section titled “Encodings”

Shares can be encoded for different workflows:

  • machine-friendly (copy/paste): base64url, base58check
  • human-friendly (transcription): mnemonic formats

See Encodings.

Packet metadata (why shares must match)

Section titled “Packet metadata (why shares must match)”

Shares are not just chunks. Each share carries enough metadata to prove it belongs to the same set:

  • threshold (k) and share count (n)
  • set identity / versioning
  • integrity data

That is why mixing shares from different splits should fail loudly.

What Safeparts does not do

Section titled “What Safeparts does not do”
  • It does not keep shares safe for you. Storage choices are the security boundary.
  • It does not protect you from someone who legitimately holds k shares.