Description:
In the Python implementation of Shamir SSS, restoration does not enforce the configured threshold.
In pybtc/functions/shamir.py, _interpolation() only requires a minimum of 2 points:
if k < 2:
raise Exception("Minimum 2 points required")
combine_mnemonic() in pybtc/functions/bip39_mnemonic.py calls restore_secret() without verifying that the number of shares meets the original threshold.
Additionally, split_secret() does not validate that threshold <= total.
As a result:
- Reconstruction is possible with fewer shares than required (e.g., 2 shares in a 3-of-5 scheme).
- A mnemonic is returned without error.
- Incorrect share configurations (e.g., threshold > total) are not rejected.
Impact:
This may create a false impression of successful recovery and can lead to irreversible fund loss if the reconstructed mnemonic is incorrect.
Request:
Please verify whether, in the 3-of-5 challenge setup:
- Reconstruction with only 2 shares returns a mnemonic without error.
- Adding the correct 3rd share does change the mnemonic (i.e., 2-share output is not presented as a valid recovery).
- threshold > total is properly rejected in your production environment.
Version tested: current pybtc Python implementation.
Description:
In the Python implementation of Shamir SSS, restoration does not enforce the configured threshold.
In pybtc/functions/shamir.py, _interpolation() only requires a minimum of 2 points:
combine_mnemonic() in pybtc/functions/bip39_mnemonic.py calls restore_secret() without verifying that the number of shares meets the original threshold.
Additionally, split_secret() does not validate that threshold <= total.
As a result:
Impact:
This may create a false impression of successful recovery and can lead to irreversible fund loss if the reconstructed mnemonic is incorrect.
Request:
Please verify whether, in the 3-of-5 challenge setup:
Version tested: current pybtc Python implementation.