Author here, happy to answer any questions!<p>TL;DR we're sharing an open-source encryption key recovery protocol that provides high security coupled with a user-friendly design, to make encryption further accessible to larger numbers of people. What we've built leverages programmable HSMs, distributed cryptography, and a user-friendly PIN-based recovery process to simplify key recovery without compromising security.
One of my first blog posts was about a similar system, though much simpler/naive and based on trusting an email address to distribute shards.<p>Its failure point boiled down to letting the user save the other shard. Maybe a 3-shard scheme could help redundancy and loss tolerance.<p><a href="https://francoisbest.com/posts/2020/password-reset-for-e2ee-apps" rel="nofollow">https://francoisbest.com/posts/2020/password-reset-for-e2ee-...</a>
It looks like an interesting approach but it seems conceptually complex and difficult for general users to consume. Can you explain how this differs from Gridlock which is an app that allows any level user create a network of storage devices using threshold cryptography?
It's a shame key escrow has become a tainted concept, mired in "government has my keys" because a mechanism to store offline a cold copy of keying material and recover it is a good thing to have available.