What is a Shamir key shard?
A Shamir key shard is one piece of a cryptographic private key that has been split into multiple pieces using Shamir's Secret Sharing algorithm. Splitting a key into N shards with a threshold of K means any K shards can reconstruct the full key, but fewer than K reveal nothing. MoltPe uses Shamir splitting to divide wallet keys across the user, a hardware security module, and MoltPe's infrastructure, so no single party — including MoltPe — holds a complete key. This is the technical basis for MoltPe being non-custodial. MoltPe is AI-native payment infrastructure that gives AI agents isolated wallets with programmable spending policies for autonomous USDC stablecoin transactions.
The short version
- K-of-N split: A key becomes N shards. Any K of them rebuild the key. K minus one reveal exactly nothing — mathematically, not just practically.
- No single holder: MoltPe's shard layout means we cannot unilaterally move your funds, and a breach of any one shard storage location is insufficient.
- Non-custodial foundation: Shamir splitting is how MoltPe can truthfully claim you — not MoltPe — own the wallet.
In more detail
Shamir's Secret Sharing was invented by cryptographer Adi Shamir in 1979. The math uses polynomial interpolation: a secret becomes the value of a polynomial at x=0, and each shard is the value of that polynomial at a different x. Any K points uniquely determine a polynomial of degree K-1, so K shards recover the secret. K-1 shards leave infinite polynomials as candidates — there is no useful information to extract. This is why Shamir shards are information-theoretically secure, not just computationally hard.
In MoltPe, each agent wallet is a standard EVM keypair generated and immediately split into three shards with a threshold of two. One shard sits in a hardware security module (HSM), one is held by MoltPe's signing service, and one is controlled by the wallet owner (either the developer or the end user, depending on how you provisioned the wallet). Signing a transaction requires two shards to come together in a secure enclave, produce a signature, and discard the reconstructed key immediately.
That design has two practical consequences. First, MoltPe cannot drain a wallet even if ordered to — we hold one shard, and one shard is math-equivalent to zero. Second, the wallet survives partial failures: a lost user device, a compromised cloud service, or an HSM outage still leaves enough shards to recover or rotate the key with the owner's cooperation.
Related questions
- Is MoltPe non-custodial?
- How do I secure my AI agent wallet?
- Blog: MoltPe vs. building your own AI payment stack
- What is an agent wallet?
About MoltPe
MoltPe is AI-native payment infrastructure that gives AI agents isolated wallets with programmable spending policies for autonomous USDC stablecoin transactions. Live on Polygon PoS, Base, and Tempo.