V God: Why we need widespread adoption of social recovery wallets

Original title: "V God: Why we need widespread adoption of social recovery wallets"

Original source: Hu Tao

On January 11, Ethereum founder Vitalik Buterin published an article on his blog stating that the current cryptocurrency wallets have far fewer anti-theft and anti-loss protection features than are actually needed, and are sometimes clumsy and difficult to use, resulting in extremely low usage. Therefore, Vitalik pointed out that a better alternative has recently emerged in the industry: a new type of smart contract wallet called social recovery wallets.

V God said that hardware wallets are still at risk of supply chain attacks and single point failures. Although mnemonic phrases can help prevent loss, they have no effect on theft and the experience is not friendly enough. Therefore, users need a wallet design that meets three key conditions:

First, there is no single point of failure; second, low psychological burden. As far as possible, users should not be required to learn unfamiliar new habits or make mental efforts to always remember and follow certain behavioral patterns; third, maximum transaction convenience. Most normal activities should not require much more energy than regular wallets (such as Metamask).

From this, the article introduces the social recovery wallet, which works in two main parts. First, there is only one signing key that can be used to approve transactions, and second, there are at least 3 (or more) guardians, a majority of whom can cooperate to change the signing key of an account.

Users can add a guardian by entering their ENS name or ETH address, and after the latter signs the transaction on the recovery webpage to agree to the addition, the user can successfully add a guardian for their account address.

Under all normal circumstances, users can simply use their social recovery wallet like a normal wallet and sign messages with their signing key, allowing each signed transaction to be completed quickly with a single confirmation click.

If a user loses their signing key, then social recovery kicks in. The user can contact the guardian directly and ask them to sign a special transaction to change the signing public key registered in the wallet contract to a new one.

After this, the guardian can simply go to a webpage such as security.loopring.io, log in, view the recovery request, and sign it. For each guardian, this is as easy as making a Uniswap transaction.

Common guardian options can include other devices owned by the wallet holder themselves (or paper mnemonics); friends and family; and institutions that sign a recovery message after receiving confirmation from the user’s phone number or email, or in high-value cases, verify identity through a video call.

However, in order to reduce the risk of attacks on guardians and collusion, Vitalik recommends that users do not need to publicly know the identity of their guardians, and it is recommended to choose a variety of guardians from different social circles (preferably an institutional guardian).

In the event of a user’s death or permanent incapacity, it would be a socially accepted standard protocol for guardians to publicly announce themselves so that in such an event, they can find each other and recover the user’s funds.

Currently, the two main wallets that have implemented social recovery functions are Argent Wallet and Loopring Wallet. Currently, they both have two major problems, namely, reliance on relayers to resolve transactions and high transaction fees, but they can be solved by moving the ecosystem to layer 2 protocols, such as ZK rollups.

V God also said that the plan might be seen as a betrayal of the values ​​of the blockchain and cryptocurrency industry, but such criticism stems from a fundamental misunderstanding of encryption technology.

“To me, the goal of cryptocurrency has never been to eliminate the need for all trust. Rather, the goal of crypto has been to enable access to cryptographic and economic building blocks that give people more choice in who they trust and allow people to have more constrained forms of trust: Giving someone the power to do something on your behalf doesn’t give them the power to do anything.”

“In this way, multi-signature and social recovery systems are a perfect expression of this principle: each participant has some ability to influence the acceptance or rejection of a transaction, but no one can unilaterally move funds. This more complex logic can make the setup much more secure than a situation where funds must be unilaterally controlled by one person or key,” said Vitalik.