Key resharing in MPC is a process similar to secret rotation in software, allowing key shares to be refreshed without changing the underlying private key. This enhances security by periodically rotating key shares while ensuring that the cryptographic identity remains unchanged.
In Threshold Signature Schemes (TSS), key resharing involves generating a new set of key shares among participants while keeping the original private key consistent. This process ensures that even if some key shares were previously compromised, they become obsolete after resharing, mitigating long-term exposure risks.
Importantly, Palisade performs key resharing in a fully distributed manner—the system never reconstructs the private key at any point during the resharing process.
This process is also commonly referred to as:
- Key share rotation
- Proactive secret sharing
- Key refresh
Regardless of the terminology, the goal remains the same: to enhance breach resilience, adapt to changes in an organisation's quorum structure, and refresh cryptographic material over time.
Key resharing provides several important security benefits:
| Benefit | Description |
|---|---|
| Breach mitigation | Previously compromised key shares become obsolete |
| Long-term security | Reduces risk from persistent threats |
| Key continuity | Private key remains unchanged—no wallet disruption |
| Compliance | Supports key rotation requirements |
When you perform key resharing, the system refreshes each participant's key share into a new share. The mathematical relationship between shares changes, but the underlying private key remains the same.
Consider a 2-of-3 quorum with the following devices and shards:
Before resharing:
- CloudSign 1 holding shard
Sa1 - CloudSign 2 holding shard
Sa2 - CloudSign 3 holding shard
Sa3
After resharing:
- CloudSign 1 now holds shard
Sb1 - CloudSign 2 now holds shard
Sb2 - CloudSign 3 now holds shard
Sb3
The old shards (Sa1, Sa2, Sa3) are no longer valid and cannot be used to sign transactions. Only the new shards (Sb1, Sb2, Sb3) can participate in signing.
Consider performing key resharing in these scenarios:
- Regular security hygiene – Periodic rotation as part of security policy
- After a suspected compromise – Invalidate potentially exposed shares
- Personnel changes – When users with device access leave the organisation
- Compliance requirements – Meeting regulatory key rotation mandates
- After security incidents – As part of incident response procedures
To perform key resharing:
- Navigate to the Controls section in the Palisade console
- Select the MPC Quorums tab
- Select the quorum you want to refresh
- Click Reshare keys
- The system notifies all quorum devices to participate
- Once the threshold number of devices approve, the system generates new key shares
- The system automatically invalidates old key shares
All devices in the quorum should be available during the resharing process. If a device is unavailable, the resharing may fail or require manual intervention.
Care should be taken when using key resharing alongside key share backups.
Restoring a key share from an older backup—created before the most recent resharing operation—on a single MPC node will cause a mismatch between key shares across the quorum, rendering the key unusable.
To prevent this:
- Option 1: Avoid using local key share backups with resharing
- Option 2: Ensure a new backup is taken immediately after each resharing event
Failure to follow these guidelines can result in permanent loss of access to funds.
If you use key share backups:
- Document resharing events – Keep a log of when resharing occurs
- Invalidate old backups – Mark pre-resharing backups as obsolete
- Create new backups immediately – After each resharing, create fresh backups
- Verify backup compatibility – Before restoring, confirm the backup was created after the last resharing
- Consider backup-free approach – For maximum safety, rely on quorum redundancy instead of backups
- Key restructuring – Change quorum participants while preserving the key
- MPC quorums – Create and manage quorums
- Understanding MPC-TSS – How MPC-TSS works
- MPC terminology – Key terms and definitions