In 2019, GNU Taler and pretty Easy privacy (pEp) determined that they had to offer a usable key backup solution for their privacy-enhancing technologies. Anastasis SARL was created drawing contributors from both communities which, together with experts from the Bern University of Applied Sciences, produced an innovative protocol and reference implementation.
Our goal is to offer key backup and recovery for a broad range of applications, combining both key management as a service as well as support for integration. Anastasis has already caught the interest of additional Free Software privacy projects with similar needs such as the Re:claimID identity management system and the NymTech cryptocurrency.
Users of electronic wallets need a way to backup their secret keys. Anastasis enables them to split up key data and send it to different providers, thus minimizing the need for trust towards all involved parties. Our solution implements privacy by design and ensures that we learn as little as possible and as late as possible about our users. Anastasis works close with other Free Software privacy projects such as GNU Taler and pretty Easy privacy (pEp).
Privacy is our primary objective. We do not collect any personal data. The authentication data remains encrypted and inaccessible until it is needed during key recovery.
2. Free Software
Anastasis is Free Software and only uses components which are also Free Software. Our documentation is also fully available and unencumbered.
3. Be usable
Our focus is on delivering a practical solution that is usable for ordinary users and not just for experts.
4. Flexible trust model
Anastasis must not rely on the trustworthiness of individual providers. It must be possible to use Anastasis safely, even if a subset of the providers is malicious.
5. The user is in control
Anastasis must put the user in control: They get to decide which providers to use and which combinations of authentication steps will be required to restore their core secret. The core secret always remains exclusively under the user’s control, even during recovery.