Amulet Shamir Shared Split

offline encrypted wallet keeper
checking…

Split a vault. Or reassemble shares back into one.

Take a vault and cut its master key into T-of-N Shamir shares, so any T people (or any T copies) can put the vault back together without the master password. The page works fully offline. Nothing ever leaves this tab.

✂️

SPLIT a vault into Shamir shares

Pick where the vault lives. After it's unlocked, you choose how to write the shares: Amulet self-contained files (no extra file needed at reassembly), SLIP-0039 mnemonic words (Trezor-compatible), or hex shares in the secrets.js / iancoleman.io format.

🧩

REASSEMBLE shares back into a vault

Bring me T or more shares in any of the three formats. Amulet self-contained share files carry everything inside them. SLIP-0039 mnemonic words and secrets.js hex shares carry only the master key, so you also bring a vault .zip backup.

🗄 Manage a vault (open, create, restore, inspect)
Don't trust, verify this file
SHA‑256 drop the HTML file to compute its SHA-256
Drag amulet_vault.html here ·
Compare the result against the hash published on the project's release page. Different hash → don't enter a real seed. How to verify →
Self sanity check
The vault runs published test vectors against your browser's Web Crypto API, the bundled Argon2id WASM module, and the embedded EFF wordlist. If any row fails, that part of the stack is broken and you shouldn't trust it with real seeds. Every input is reproducible with openssl, Python's hashlib, or argon2-cffi.
Network sentinel: 0 blocked
Every outbound network API (fetch, XMLHttpRequest, sendBeacon, WebSocket, EventSource, dynamic <img>/<script>/<link>/<iframe>, service workers) is patched at startup. Same-origin reads and data:/blob: URLs are allowed; everything else is blocked and logged here.