How to build your Metal wallet - Keytala


Home > Shamir Backup

Shamir Backup

Shamir Backup is the method to split your “recovery seed” into multiple parts, it is also called Key Sharding. For example, you can decide to generate five sentences usually of 20 or 33 words encoded according to SLIP39 and then decide that only three sentences will be enough to restore your wallet.

When you create a wallet with Shamir Backup, you can decide how many sentences to generate. You can do 2 to 16 sentences , after that you just have to decide the threshold limit to set.

esempio di shamir backup

As it appears in the next picture, generating 5 sentences, you set the minimum threshold to 3 out of 5 phrases to be able to restore your wallet, so if you lose 2 out of 5 phrases you can still restore your wallet without any problems.

For example with the Trezor T wallet if we decide to create three sentences will look like this:

gesture necklace academic acid deadline width armed render filter bundle failure priest injury endorse volume terminal lunch drift diploma rainbow
gesture necklace academic agency alpha ecology visitor raisin yelp says findings bulge rapids paper branch spelling cubic tactics formal disease
gesture necklace academic always disaster move yoga airline lunar provide desire safari very modern educate decision loyalty silver prune physics

As you can see the three initial words are the same, this is used to identify that the sentences are all for the same wallet.


A very important aspect of Shamir Backup is the threshold concept, the threshold identifies the minimum number of phrases needed to recover a wallet. For example three out of five as illustrated in the example above. It is not important the order of sentences and the threshold minimum is always two sentences.

To restore the wallet you don’t have to insert all phrases at once but you can insert one and then disconnect the hardware wallet, move to another device and enter the second sentence, This is useful in case you have hidden phrases in very distant places.

Safety implications

Shamir Backup is considerably safer than normal recovery seed, an attacker must have all the phrases according to the minimum setting you have chosen, for example if you have set 3 divisions out of 5, The attacker must have at least 3 sentences and it is almost impossible to recover even one of these seeds, there are 2128 combinations.

In addition to Shamir Backup, at the same time you can use the Passphrase to further protect your hardware wallet, get familiar with this methodology because it is enough difficult to use and if you do not want to lose your currencies be careful.

A good hardware wallet that uses Shamir Backup is the Trezor T.