A simple backup scheme for wallet accounts

In the discussion of secure fund recovery mechanisms, there’s a nuanced debate on the balance between accessibility and privacy. On one hand, the convenience of having a time-locked recovery partner with the capability to decrypt a backup with a single extended public key (xpub) is acknowledged. This setup ensures that funds can be retrieved if the primary spending path becomes inaccessible, which is a critical safety net for asset protection.

However, concerns are raised regarding the implications for privacy when allowing any recovery key to have standalone decryption capabilities. The argument pivots around the preference for more restrictive access conditions to enhance security and privacy. For instance, introducing a policy where decryption requires a cooperative effort among multiple parties adds an extra layer of security. By using a specific example, a policy named "Liana" is described where decryption is only possible under certain conditions: either by the initiator (A) or through the combined authorization of at least two out of three designated heirs (B, C, D), potentially in conjunction with a timelock or an additional third party such as a lawyer. This model emphasizes the importance of collaborative consent, underscoring a method to limit access to backups, thereby enhancing privacy and security.

The conversation also touches upon the utility and placement of Secret Sharing Schemes (SSS) or similar mechanisms that enforce a threshold for decryption. These are seen as potentially beneficial but not universally applicable or necessary for all scenarios. Instead, their use is considered more appropriate as an optional feature or an alternative format/version rather than a standard requirement. This perspective suggests a flexible approach to security protocols, advocating for customizable solutions tailored to individual needs and concerns over privacy and accessibility.