Skip to content

forgesworn/shamir-core

Repository files navigation

@forgesworn/shamir-core

GitHub Sponsors

GF(256) Shamir's Secret Sharing for TypeScript. Split a secret into threshold-of-n shares and reconstruct from any threshold-sized subset.

Zero runtime dependencies. Pure TypeScript, Web Crypto only.

Install

npm install @forgesworn/shamir-core

Quick Start

import { splitSecret, reconstructSecret } from '@forgesworn/shamir-core';

// Split a 32-byte key into 5 shares, any 3 can reconstruct
const secret = crypto.getRandomValues(new Uint8Array(32));
const shares = splitSecret(secret, 3, 5);

// Reconstruct from any 3 shares
const recovered = reconstructSecret([shares[0], shares[2], shares[4]], 3);
// recovered is identical to secret

API

splitSecret(secret, threshold, shares)

Split a secret into Shamir shares.

Parameter Type Description
secret Uint8Array The secret bytes to split (any length)
threshold number Minimum shares needed to reconstruct (2--255)
shares number Total shares to create (threshold--255)

Returns ShamirShare[]. Each share has { id, threshold, data }.

reconstructSecret(shares, threshold)

Reconstruct a secret from shares using Lagrange interpolation.

Parameter Type Description
shares ShamirShare[] At least threshold shares
threshold number The threshold used during splitting

Returns Uint8Array (the reconstructed secret).

Only the first threshold shares are used. Extra shares are ignored.

ShamirShare

interface ShamirShare {
  id: number;        // 1--255 (GF(256) evaluation point)
  threshold: number; // 2--255 (minimum shares to reconstruct)
  data: Uint8Array;  // Share data (same length as original secret)
}

Error Classes

  • ShamirError -- base class
  • ShamirValidationError -- invalid parameters
  • ShamirCryptoError -- internal crypto errors

Why This Library

  • Zero dependencies. No transitive supply chain. Only Web Crypto (crypto.getRandomValues).
  • GF(256) log/exp table lookup. O(1) field multiplication, same polynomial as AES (0x11b).
  • Memory zeroing. Polynomial coefficients are zeroed after use (defence-in-depth).
  • Strict validation. Duplicate share IDs, threshold mismatches, and malformed inputs are caught with typed errors.
  • No secret length limit. Split any size secret. The maths has no ceiling.
  • TypeScript-first. Strict mode, noUncheckedIndexedAccess, full type declarations.

Ecosystem

Package Purpose
@forgesworn/shamir-words BIP-39 word encoding for shares (depends on this package)
dominion-protocol Epoch-based encrypted access control (depends on this package)

Part of the ForgeSworn Toolkit

ForgeSworn builds open-source cryptographic identity, payments, and coordination tools for Nostr.

Library What it does
nsec-tree Deterministic sub-identity derivation
ring-sig SAG/LSAG ring signatures on secp256k1
range-proof Pedersen commitment range proofs
canary-kit Coercion-resistant spoken verification
spoken-token Human-speakable verification tokens
toll-booth L402 payment middleware
geohash-kit Geohash toolkit with polygon coverage
nostr-attestations NIP-VA verifiable attestations
dominion Epoch-based encrypted access control
nostr-veil Privacy-preserving Web of Trust

Licence

MIT

About

GF(256) Shamir's Secret Sharing — split and reconstruct secrets with threshold schemes

Topics

Resources

License

Contributing

Security policy

Stars

Watchers

Forks

Packages

 
 
 

Contributors