EigenSecret: Using Secret Sharing for Social Recovery

Introduction

In the cryptocurrency world, the private key is everything. It means that losing a private key can be disastrous.

“Lost Wallet Mnemonics! How to recover? Help!”

“Guys help! I have 1,000 coins in my Ethereum wallet but forgot where to put my mnemonic words. How to withdraw?!”

“Damn it, the phone that saved the key screenshot is lost.”

Such cases are common, and I bet that many of you guys who are “lucky ones” have personally experienced the tragic story of losing your keys.

In the age of the “Internet”, each service provider runs its own server. Whether locally or in the cloud, all account information is saved in the centralized server. Therefore, although the user’s password is lost, the centralized server can also help the user retrieve the password or directly reset the password after authentication. In blockchain, the story is very different. The centralized server has disappeared, or in other words, the server has become a network connected by miners all over the world. Each user can create countless addresses. You and only you know your password throughout the solar system!

In short, the transformation can be described as the evolution from “key escrow” to “key self-storage”, which definitely improves the security of users’ accounts. But the problem is obvious: if the key were lost, Billionaires would become beggars overnight!

So, what can be done to solve it? First, let’s take a look at the current mnemonic preservation schemes and recovery schemes on the market.

Cold Storage

A key is essentially a string of characters. Compared with digital information security, we are more familiar with physical storage. A very effective way to save the private key is to convert them into physical forms, such as printing on paper or etching into metal coins, etc. Saving the secret key offline is called cold storage, which is one of the most effective security technologies.

Cold storage system generates keys on an offline system (a system that has never been connected to the Internet) and stores them offline in electronic media such as paper or USB flash disks. Similar to mnemonic boxes such as imkey. For large hoarders, who prefer long-term holding the coins, it is a really safe method. But similarly, it may be lost or stolen.

Multi-sig

A multisignature wallet is an account that can be controlled by multi signatures. It reduces the risk of losing assets, because only when the attacker acquired all the signatures could he control the asset. For instance, Gnosis Safe is a sufficiently powerful multisignature wallet running on Ethereum.

However, the multisignature wallet is not user-friendly. Every transaction should be confirmed by other “partners”. This causes many troublesome issues and inconveniences. The researcher @hasufl once Tweeted: both multisignature wallet and social recovery wallets can be used for smart contract wallets, but the former is more suitable for organizations and the latter is more suitable for individuals.

A multisignature wallet is an account that can be controlled by multi signatures. It reduces the risk of losing assets, because only when the attacker acquired all the signatures could he control the asset. For instance, Gnosis Safe is a sufficiently powerful multisignature wallet running on Ethereum.

However, the multisignature wallet is not user-friendly. Every transaction should be confirmed by other “partners”. This causes many troublesome issues and inconveniences. The researcher @hasufl once Tweeted: both multisignature wallet and social recovery wallets can be used for smart contract wallets, but the former is more suitable for organizations and the latter is more suitable for individuals.

Social Recovery

At the end of September this year, Vitalik Buterin published an article entitled “ERC 4337: account abstraction without Ethereum protocol changes” to elaborate the ERC4337 proposal. The article pointed out that the function of account abstraction will give the wallet more innovative functionalities, including multi-sig and social recovery.

EigenSecret will realize the social recovery functionality to guarantee security. In this case, the users will not worry about losing your secret key. This process is really user-friendly, and I believe that some of you may have had similar experiences before.

When creating or importing your previous account, EigenSecret will encrypt and slide your private keys and save them in the Trusted Execution Environment (TEE) for EigenNetwork. You can fully trust the safety features of TEE. Later, two verifications are required. Each verification functions like a lock to your “vault”. One thing to emphasize, this process requires you to bind an account to your frequently-used devices. In case you lose your key in the future, you can verify your identity by entering a two-step verification code. After completing the above two steps, here comes the key backup step. As we all know, the key is related to the security of account assets and is really significant to the account on the chain. EigenSecret requires to complete the following two steps:

1.Local Backup: same as traditional operation process;

2.Encrypted Slicing Backup: Your keys will be encrypted by the Eigen Privacy-preserving Computing Network and divided into N slides, which will be stored separately in your private mailbox, EigenNetwork, and your friends(who will be your guardians and play a key role in the key recovery process). Of course, you are free to choose any one or ones of the above, as long as you like.

When you lose your key, you can enter the recovery process. After you have authenticated your identity, you can initiate a request for help from the key guardian. Once you have collected a certain number of feedback and confirmations, you can successfully recover the key and retrieve your account.

How can I counteract malicious account recovery?

First, there are only two scenarios to apply for malicious key recovery: 1) the user changes the login environment, the original environment cannot be logged on, and forgets the key (common in remote login); 2) the user does not change the login environment, but also forgets the password and key (common in device loss).

1.Before the key is recovered, we will verify your identity in two ways. You can choose the two most convenient ways from the following three ways.

1.Social media account: you need to log in to the social media account you previously bound, such as Google Mail.

2.Two step verification: enter the correct Google dynamic captcha

3.Invite guardian to verify: notify your key guardian to assist you in recovery

2.After recovery, your account will be locked and cannot withdraw money within 24 hours (or any time you previously set). If your account is maliciously recovered, you can also change your password or withdraw assets during this time period.

Finally

So far, we have seen many solutions to solve this tricky issue. These solutions try to include multiple functionalities in their wallet, but the functionalities of the wallet are not complete. So the effect and functionalities are not satisfying. At the same time, the demand for “multi-network interaction” is becoming stronger and stronger, but the current architecture can not meet this demand.

In the future, we believe that the wallet must be more convenient and user-friendly. On-click login will be supported, so you can sign in with your Google Mail or Twitter. After that, you will finish the settings to all the dApps, private key storage, and Internet transformation. After authorization, the wallet will start tracking all these accounts for you and remember your preferences so that it can tell when and which private key to use based on your behavior.

These descriptions seem to be the same as the achievable scenarios in Web2, but in a decentralized world, every progress is subversion.Witness every subversion with eigen!

We are honored that you have read here.

If you like the content of this article, please share this article and smash the like button for us.

About Eigen Network

Official WebsiteTwitterGithubDiscord

If you liked this article and care about Privacy, smash that clap button, then tweet everyone

--

--

--

Where make transaction secure and private for Web3.0

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

MY CMSMS: 1 | Vulnhub Walkthrough

What is Nulink

How to Fix “Can’t move the items. The item could not be moved” Error in Outlook PST files

How to Fix “Can’t move the items. The item could not be moved” Error in Outlook PST files

How to Stake, Withdraw and Claim Rewards on PancakeSwap | Step-By-Step Guide

5 Tips to Overcome the Cybersecurity Challenges of Remote Work

Genaro Network: What are the Advantages of Distributed Storage?

ChainX 2.0 Asset Management Dapps Guide

We Are All Citizens Of The Internet — Which Of These 5 Types Are You?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Eigen Network

Eigen Network

Where make transaction secure and private for Web3.0

More from Medium

Nolensville Downtown Feed | Leipers Fork Nashville City Photography — Nashville

Theater is Once Again Maskless: UVM Actors Return to the Stage Post-Pandemic

One DAO to rule them all..

How to Bridge from BSC to Fantom