This is a research demonstration of a 2-of-4 threshold wallet using Shamir Secret Sharing. It is a fully static web application — there is no backend server that receives, stores, or processes your data. All cryptographic operations happen exclusively in your browser.
sub) and email address —
obtained from Google Sign-In. Used exclusively as a local storage key to associate
your browser's Share B with your Google account across sessions.
This data is never sent to any server operated by this application.
share-a.json.
The AppData folder is private: it is invisible in the Google Drive user interface
and is accessible only to this application. Share A alone cannot reconstruct your wallet.
localStorage to identify your passkey on future visits.
No biometric data is ever stored or transmitted — biometric verification is handled
entirely by your operating system and device hardware.
This application requests the drive.appdata scope, which grants read and write
access exclusively to the application's private AppData folder in your Google Drive.
This folder is not visible in the Google Drive UI and cannot contain files created by
other applications. The application uses this access solely to store and retrieve
share-a.json — a single file containing one Shamir share fragment.
You can revoke this access at any time via Google Account → Security → Third-party apps .
Click the Reset / clear all button in the wallet to delete Share A from Google Drive and clear Share B from your browser's IndexedDB. To remove the biometric credential, your operating system's credential manager (e.g. macOS Keychain, Windows Hello, iOS Face ID settings) controls passkey deletion.
This application loads the Google Identity Services library from
accounts.google.com to enable Google Sign-In and Drive access.
Google's privacy policy governs their services.
This policy may be updated without notice. Given the research nature of this application, no guarantee is made that the service will remain available.