Private key management

In Tomo Wallet, your private key is generated whenever you activate your account. However, you don't need to remember your Mnemonic phrase like most other wallets. Tomo wallet helps you manage your keys smartly and securely:

  1. Storage: Tomo wallet uses SSS to divide the user's private key into three shares with a threshold. One share is held by your device logged into your Tomo account, Tomo's secure backend server preserves the second, and the last share is held by a secure cloud vault service accessible only by the user. The user can use Tomo's free cloud vault based on AWS cloud HSM or a personal cloud account (e.g., Google Drive, Dropbox).

  2. Usage: To use the private key for transactions, the user device retrieves the share from Tomo's backend server and reconstructs the private key with the user's local share. This temporary reconstruction of the private key allows the user to authorize transactions securely.

  3. Recovery: If the user changes or resets the device, the user can fetch the cloud-stored share and re-share the reconstructed key between the backend, cloud, and the new device. The recovery mechanism allows the user to recover the private key with backup shares, and this recovery procedure will make the old share in your old device useless; thus, the user doesn't need to worry about the lost share in your lost device.

Shamir's Secret Sharing & Multi-Party Computation

Tomo Wallet employs privacy-preserving Multi-Party Computation (MPC) technology to protect user data by encrypting the seed phrase and storing it in shards across multiple locations. Tomo Wallet uses Shamir's Secret Sharing (SSS), an MPC method that mathematically splits a secret (private key) into multiple shares. By leveraging SSS and MPC, Tomo Wallet ensures both high security and reliability for key management.

How Shamir's Secret Sharing Works:

  1. Secret Representation: Consider your 256-bit secret as an element in a field.

  2. Polynomial Construction: SSS samples random elements to construct a polynomial of degree, with the secret as the constant term.

  3. Share Distribution: SSS randomly picks a distinct value for each shareholder, and each share is computed using the polynomial.

  4. Secret Reconstruction: The secret owner can use shares to reconstruct the polynomial through polynomial interpolation (Lagrange interpolation). The secret is recovered as the constant term of the polynomial.

Key Features of Shamir's Secret Sharing:

  1. Statistical Security:

    • SSS is statistically secure, with security bits equal to the bit length of your secret.

    • Access to shares provides no information to an attacker about the secret.

    • This feature prevents unauthorized parties from stealing the key by hacking the devices of shareholders.

  2. Redundancy and Recovery:

    • Even if some shares are lost, the secret can still be recovered from the remaining shares.

    • This provides security redundancy, allowing users to recover their keys after a disaster or loss.


  • Privacy and Security: SSS ensures that the secret is secure even if some shares are compromised.

  • Redundancy: Users can recover their keys even if some shares are lost.

Last updated