# Key resharing

**Key resharing** in MPC is a process similar to secret rotation in software, allowing key shares to be refreshed without changing the underlying private key. This enhances security by periodically rotating key shares while ensuring that the cryptographic identity remains unchanged.

## Overview

In Threshold Signature Schemes (TSS), key resharing involves generating **a new set of key shares** among participants while keeping the original private key consistent. This process ensures that even if some key shares were previously compromised, they become obsolete after resharing, **mitigating long-term exposure risks**.

Importantly, Palisade performs key resharing in a fully distributed manner—the system **never reconstructs the private key** at any point during the resharing process.

This process is also commonly referred to as:

- Key share rotation
- Proactive secret sharing
- Key refresh


Regardless of the terminology, the goal remains the same: to **enhance breach resilience, adapt to changes in an organisation's quorum structure, and refresh cryptographic material** over time.

## Security benefits

Key resharing provides several important security benefits:

| Benefit | Description |
|  --- | --- |
| **Breach mitigation** | Previously compromised key shares become obsolete |
| **Long-term security** | Reduces risk from persistent threats |
| **Key continuity** | Private key remains unchanged—no wallet disruption |
| **Compliance** | Supports key rotation requirements |


## How key resharing works

When you perform key resharing, the system refreshes each participant's key share into a new share. The mathematical relationship between shares changes, but the underlying private key remains the same.

### Example: 2-of-3 quorum

Consider a 2-of-3 quorum with the following devices and shards:

**Before resharing:**

1. CloudSign 1 holding shard `Sa1`
2. CloudSign 2 holding shard `Sa2`
3. CloudSign 3 holding shard `Sa3`


**After resharing:**

1. CloudSign 1 now holds shard `Sb1`
2. CloudSign 2 now holds shard `Sb2`
3. CloudSign 3 now holds shard `Sb3`


![Key resharing diagram](/assets/key-refreshing.84c552b69c6e7eb3213fc38c3022d96d1c41e4dfa78b2d1cbe9236e844d1380c.0ba50ef8.svg)

The old shards (`Sa1`, `Sa2`, `Sa3`) are no longer valid and cannot be used to sign transactions. Only the new shards (`Sb1`, `Sb2`, `Sb3`) can participate in signing.

## When to use key resharing

Consider performing key resharing in these scenarios:

- **Regular security hygiene** – Periodic rotation as part of security policy
- **After a suspected compromise** – Invalidate potentially exposed shares
- **Personnel changes** – When users with device access leave the organisation
- **Compliance requirements** – Meeting regulatory key rotation mandates
- **After security incidents** – As part of incident response procedures


## Performing key resharing

To perform key resharing:

1. Navigate to the **Controls** section in the Palisade console
2. Select the **MPC Quorums** tab
3. Select the quorum you want to refresh
4. Click **Reshare keys**
5. The system notifies all quorum devices to participate
6. Once the threshold number of devices approve, the system generates new key shares
7. The system automatically invalidates old key shares


Device availability
All devices in the quorum should be available during the resharing process. If a device is unavailable, the resharing may fail or require manual intervention.

## Critical warning: Backup compatibility

IMPORTANT: Backup compatibility
Care should be taken when using **key resharing** alongside **key share backups**.

**Restoring a key share from an older backup**—created before the most recent resharing operation—on a single MPC node will cause a **mismatch between key shares** across the quorum, **rendering the key unusable**.

To prevent this:

- **Option 1:** Avoid using local key share backups with resharing
- **Option 2:** Ensure a new backup is taken **immediately after each resharing event**


Failure to follow these guidelines can result in **permanent loss of access to funds**.

### Backup best practices with key resharing

If you use key share backups:

1. **Document resharing events** – Keep a log of when resharing occurs
2. **Invalidate old backups** – Mark pre-resharing backups as obsolete
3. **Create new backups immediately** – After each resharing, create fresh backups
4. **Verify backup compatibility** – Before restoring, confirm the backup was created after the last resharing
5. **Consider backup-free approach** – For maximum safety, rely on quorum redundancy instead of backups


## Related topics

- [Key restructuring](/products/wallet/user-interface/security-controls/key-restructuring) – Change quorum participants while preserving the key
- [MPC quorums](/products/wallet/user-interface/security-controls/mpc-quorums) – Create and manage quorums
- [Understanding MPC-TSS](/products/wallet/introduction/understanding-mpc-tss) – How MPC-TSS works
- [MPC terminology](/products/wallet/introduction/mpc-terminology) – Key terms and definitions