Recovery on the website

Open chela.html in your browser, offline if you can, and choose to recover. You will enter your shares one at a time - each share's short code, then its words - until you reach the threshold, and the page rebuilds the secret locally. To create shares in the first place, see splitting on the website.

You can also try the live app (demonstration only).

1. Enter the first share's code

Each share starts with a short CHELA-... code. Type the first share's code; it tells chela which set this share belongs to, its coordinate, and how many words to expect.

The recovery screen with an empty field for the first share's CHELA code. — Start with the first share's code.

The recovery screen with the first share's CHELA code typed in. — The code identifies the set and the share.

2. Type the first share's words

Enter that share's word list. As with splitting, every word is checked against the wordlist as you type, and the share's own checksum is verified - a single mistyped word is caught here, not silently absorbed into a wrong secret.

A grid of empty word inputs for the first share. — Type the share's words.

The first share's word grid filled in with a valid word list. — First share complete and checksum-verified.

3. Add the next share

Repeat for the next share: its code, then its words. chela confirms each new share belongs to the same set as the first - shares from a different split are refused. Keep going until you have entered the threshold number of shares.

The recovery screen prompting for the second share's code. — The second share's code.

The second share's code typed in, matching the same set as the first. — Same set, confirmed.

An empty word grid for the second share. — Type the second share's words.

The second share's word grid filled in and verified. — Threshold reached: two of three shares entered.

4. Reveal the secret

Once you reach the threshold, chela rebuilds the secret - but keeps it hidden behind a Reveal button. Nothing is shown until you ask, so the secret is not sitting on screen while you are still typing or if someone is watching.

The recovered secret is hidden behind a Reveal button, with a note that it stays hidden until clicked. — Recovered, but hidden. Reveal only when no one can see your screen.

Reveal puts the secret on screen in the clear. A browser extension or injected script with access to the page can read it, and so can anyone looking. Reveal only on a machine and in a moment you trust. The threat model covers the browser's limits.

The recovered secret shown in full after clicking Reveal. — Revealed. This is the original secret, rebuilt locally from the shares.

Next steps

The same recovery works in the terminal wizard and on the command line. To understand how a handful of word lists rebuilds an exact secret, read the share format.