recoverable wallet - what happens if I lose / disclose my private key?

[dckc]

Are there ocap patterns that address risks around key management?

If the answer to 'what happens if I lose my keys?' is 'crumple the car,' you're doing it wrong. -- @benadida (I think; I'm struggling to confirm.)

The recoverable wallet in chialisp looks promising, though I have just started studying it in detail. I wonder if there's an analog using ocaps rather than crypto.

cc @erights @warner @michaelfig @chrishibbert @katelynsills LMK if/when I should move this to an Agoric repo.

[katelynsills]

My understanding is that you'll need cryptography at the edges no matter what, so I think there can't be an ocap solution here.

[dckc]

Right; good point... so perhaps a better question is: how to integrate such a recoverable wallet with ocaps?

Is it straightforward to layer on top of Agoric's design for message passing to/from cosmos, or is something else needed? I gather cosmos has multi-sig support; does that work for this case? Or is there something irreducible about the way chialisp uses BLSSignature?

[dckc]

The link to https://github.com/Chia-Network/wallets/blob/master/docs/recoverable_wallet.md has gone 404.

https://github.com/nondejus/wallets/blob/master/docs/recoverable_wallet.md seems to be another copy: Latest commit 18dcb1e on Dec 4, 2019

abstract:

A Chia recoverable wallet is a wallet whose funds can be recovered in the event that the wallet is lost by providing a recovery string to another wallet. In contrast to a BIP 39 backup seed, a Chia recovery string is a low security piece of information. A thief who finds the string can't use it to steal funds from a wallet they don't own. This is accomplished by the recovery process locking up the funds in escrow along with some mandatory staking funds. If the recovery process was initiated by an attacker, the attacker will lose the staking funds as the original wallet has the ability to clawback the escrow coins during the escrow period. If the recovery process was legitimate however, the owner can retrieve their funds from escrow at the end of the escrow period, along with the staking funds. In this demonstration the staking amount is 10% and the escrow period is 3 blocks.

I forked it as https://github.com/dckc/chialisp-wallets ; I'm not sure that makes it substantially more available, but it should make it easier to find.

[dckc]

related work:

• Cryptology ePrint Archive: Report 2021/289 - Reactive Key-Loss Protection in Blockchains

  We achieve this by a 3-phase Commit() -> Reveal() -> Claim() - or - Challenge() smart contract that enables accessing funds of addresses for which the spending key is not available.

[dckc]

https://me.hashkey.com/en

In theory, it's a wallet that supports recovery via advanced crypto threshold signatures (TSS) and multiparty computation (MPC). Android app has ~0 users, though, and I couldn't find tech details.

[dckc]

Sunny's talk at osmocon included a slide on "Flexible Key Management" including "Social Recovery Systems"

[dckc]

Wallets & Custody

Seed phrase wallets move out of style in favor of more user-friendly custody solutions leveraging MPC and account abstraction -- The 2023 Interchain Thesis: Exploring the biggest trends and opportunities in Cosmos | Interop by Sebastien Couture Feb 2

[dckc]

wow... https://github.com/ZenGo-X/cosmos-thresh-wallet

[dckc]

https://github.com/ZenGo-X/thresh-sig-js 37f0faa on Jan 19, 2021 Git stats

[dckc]

https://www.joinfountain.xyz/ crossed my radar... doesn't use an ocap approach, but it would be interesting to know more about what policies are in demand.

[dckc]

Hedera and Algorand partner to develop decentralized wallet recovery system