Social recovery wallets on Bitcoin

Getting your Trinity Audio player ready...

This post was first published on Medium.

Introduction to Social Recovery

A significant obstacle in making Bitcoin applications user-friendly is ensuring security to prevent the loss or theft of users’ keys. Incidents of losses and thefts can have severe consequences, resulting in significant financial losses for innocent users, sometimes even causing them to lose a substantial portion of their entire net worth.

Social recovery refers to a method of wallet recovery that does not require a seed phrase, while also ensuring that the recovery process remains fully non-custodial. Normally, a user only needs a single private key to move funds, more convenient than a multisig wallet. In case of key loss, she can regain access to their wallet without relying on a seed phrase and without their assets being held by a third party.

How to implement Social Recovery

We can implement a social recovery wallet using smart contracts. A user locks her bitcoins in a smart contract that allows her to recover access to her wallet by leveraging the help of trusted parties called guardians, if she loses her private key. Typical guardians can be her other devices (e.g., desktop and hardware wallets), friends, family members, or businesses.

Usually, she uses her signing key to send bitcoins like a regular wallet. If she loses the signing key, she can contract the guardians. If m-of-n of them sign, she can change to a new signing key she controls and regains access to her funds. This can provide an additional layer of security and peace of mind for users, as it reduces the risk of losing access to their accounts due to lost or stolen keys.

Implementation

In a concrete sCrypt implementation, the user creates a smart contract that contains the following:

•     The users signing public key (could also be an address)
•     The public keys of the guardians
•     Two public methods:

1. 1. unlock: Can be unlocked like a regular transaction by signing with the user’s private key.
   2. updateSigningPubKey: Takes in signatures of guardians and the new public key of the user. If a certain threshold is reached (i.e., 3/5),  the old user’s public key is updated to the new one. From this point on, the contract can only be unlocked with signatures derived using the new key.

It is a stateful contract, whose state is the user’s signing public key that can be updated. The full code, along with tests, is available on GitHub.

Conclusion

In conclusion, social recovery smart contracts on Bitcoin can provide an additional layer of security and peace of mind for its users. By leveraging the help of trusted guardians, users can reduce the risk of permanently losing access to their funds due to lost or stolen keys. As the Bitcoin ecosystem continues to evolve and mature, we can expect social recovery to become an increasingly popular and widely adopted mechanism for protecting and recovering assets.

Watch: Digital Asset Recovery on Bitcoin Explained