Shamir Secret Sharing CLI Reference Guide

The Shamir Secret Sharing CLI provides a secure way to split secrets into shares and reconstruct them when needed.

Installation

pip install shamir_ss

Basic Commands

shamir_ss split - Split a secret into shares

shamir_ss combine - Reconstruct a secret from shares

shamir_ss help - Show detailed usage examples

Split Command

Usage

shamir_ss split [OPTIONS]

Options

Option	Description
`-s, --secret TEXT`	The secret text to split (prompted if not provided)
`-t, --threshold INTEGER`	Minimum shares required to reconstruct (required)
`-n, --shares INTEGER`	Total number of shares to generate (required)
`-o, --output PATH`	Directory to save shares (prints to console if not provided)
`--verify/--no-verify`	Verify shares by reconstructing (default: true)

Examples

# Split with interactive secret input
shamir_ss split -t 3 -n 5

# Split with secret from command line
shamir_ss split -s "My secret" -t 3 -n 5 -o shares

# Split without verification
shamir_ss split -t 3 -n 5 --no-verify

Note: When not providing --secret, the CLI will prompt for input with hidden typing.

Combine Command

Usage

shamir_ss combine [SHARE_FILES]... [OPTIONS]

Options

Option	Description
`-i, --input-dir PATH`	Directory containing share files
`-o, --output FILE`	File to save reconstructed secret
`-t, --text`	Enter shares as text input
`-h, --hash TEXT`	Original secret hash for verification

Examples

# Combine from files
shamir_ss combine share1.txt share2.txt share3.txt

# Combine from directory
shamir_ss combine -i shares

# Combine with hash verification
shamir_ss combine -i shares -h "a591a6d40bf420..."

# Interactive text input
shamir_ss combine --text

Security Tip: When reconstructing, providing the original hash (-h) allows verification that the reconstructed secret matches the original.

Share Formats

Shares can be stored in multiple formats:

Single File Format

Hash: a591a6d40bf420...
1:gAAAAABmQ8VKZQ9...
2:gAAAAABmQ8VKZQ9...
3:gAAAAABmQ8VKZQ9...
4:gAAAAABmQ8VKZQ9...
5:gAAAAABmQ8VKZQ9...

Individual Share Files

Each share can be stored in a separate file containing just the share data.

Security Considerations

Secrets are never stored on disk (only shares)
Interactive input hides typing
SHA-256 hash verification ensures secret integrity
Uses cryptographically secure random number generation

Troubleshooting

Common Errors

Error	Solution
"Threshold must be ≤ shares"	Ensure threshold is less than or equal to total shares
"No valid shares found"	Check share files for corruption
"Hash verification failed"	Shares may be corrupted or insufficient