KeyShield: Leakage-and-Loss-Resilient Private Key Protection for Web3

Effective management of private keys is crucial to ensure the security and ownership of users’ data and digital assets in the Web3 environment. However, existing solutions often fail to adequately address private key management from the user’s perspective. Private key leakage and loss incidents occur frequently, resulting in significant losses of digital assets. Moreover, the conventional approach of revoking both the private and public keys after a leakage or loss accident is inconvenient in Web3, where the public key serves as the user’s wallet address or digital identity. To tackle the issue of user-side private key management in Web3, this paper presents KeyShield which is a leakage-and-loss-resilient private key protection scheme. KeyShield divides the user’s private key into three shares, securely stored across a primary device and a secondary device owned by the user, and a third storage module owned by the user or a semi-trusted service provider. For daily use of the private key, the user only needs to connect.