Guardian Recovery Flow and Chain Calls

[n13]

1 - Open app - tap "I lost my key" small link somewhere

2 - On "I lost my key" - screen prompting user to enter their username

3 - Wallet creates new keypair and encodes the public key as firebase link - or just direct wallet link. It stores the private key.

4 - Screen prompts user to contact his guardians, and send each of them the recovery link via messenger or another messaging app 5 - App goes inot "recovery mode"- waiting for 3 signatures, displaying the link for copy/paste purposes.

Guardian 1

• Taps link gets screen explaining it's very serious and they must be sure they got this link from their friend - ideally make a phone all or message the friend back to verify.
• Button "Recover" -> This sends the public key in the link to the guardian contract
• An emergency notification is sent to the original account - in case they are still logged in somewhere, they can cancel the recovery and mark it scammy.

Guardian 2 - same thing

Guardian 3 - same thing plus the app notices that the signatures are complete, and fires off the multisig request to change the account key with 24h wait. Emergency message sent to original account

Original account still logged in

• Received emergency message, can stop recovery with button click - call into guardian contract to cancel recovery.

Chain Calls

• Set guardians as signers on account (accept guardians)
• How many signatures does this need? -> 3, 5
• How many have signed -> [0..5]
• Sign request to reset key
• Execute request (when it has enough signatures)

[n13]

@gguijarro-c-chwy @7flash @gguij004 @Rieki7 Please review

Let me know if this makes sense for the recovery flow, considering the following

• The private key must remain on the recovery users device - otherwise there are many exploits possible

• the handoff of the public key is another attack point - someone could swap the key for something else

• copy pasting keys around is not user friendly -> replace this with tapping on a link

• The recovery must be initiated by a guardian

• We must guard against the fact anybody could start a recovery process for any account - even a random person downloading the app

• Social engineering attacks against guardians to steal an account

[Rieki7]

Ya, I think this makes a lot of sense. Loving the idea of a link to send to your guardians (initially I thought it would all happen in wallet - where they get a notification, but this seems cleaner and extra secure as they would have to remember and know who is their guardians to send it to (opposed to the app doing it).

I'm not entirely sure about the exploit potential since it is msig and 3/5 (or whatever) wouldn't they hvae to simultaneously exploit 3 in order to have an effect? I think this sounds pretty secure...

The attacks are interesting (since the msig is stored on-chain) but they woudn't know what their phone numbers are to send them a link...

I think we could get more sophisticated down the line - but honestly think this is pretty great. Since you can just do the account and it's up to you to send the link...

One way we could evolve this (to reduce exploit attempts) that could be great... Is that you have to send Seeds (or get someone else to sends Seeds) into a recovery contract that are burned if the recovery process isn't executed within 96 hours... So, that way spam attempts cost Seeds (and when I try to recover I just ask my firend to send some Seeds to this recovery contract and they get them back after my account is active)... Food for thought.

[gguijarro-c-chwy]

I think this is good. Would be helpful to note who starts the chain calls here.

Set guardians as signers on account (accept guardians) - Main Account Owner How many signatures does this need? -> 3, 5 - ? How many have signed -> [0..5] - ? Sign request to reset key - Guardian Execute request (when it has enough signatures) - ?

[7flash]

User has to initiate the process and then share secret link to his guardians, - that secret link allows guardians to sign transaction to smart contract, - when all guardians submitted transaction to agree with change of private key to the same another one, - it should execute permission change