Open in app

Sign in

Write

Sign in

Smart Wallets & Guardians

Nightly Crypto
NightlyCrypto
Published in
5 min readSep 18, 2020

--

Seed phrases are an anachronism. Writing them out simply doesn’t make sense for what’s supposed to be the next era of your digital life. We’ve been telling people for years to stop writing their passwords on post-it notes and spreadsheets. Crypto shouldn’t be any different.

Yes, there is an alternative — trusting centralised custodians — but that defeats the point of the decentralised web and that adds additional security risks.

We were convinced there must be a better way and now there is — recovering wallets without seed phrases and without centralization/

How? Guardians.

No phone. No seed. No problem.

Banks get a hard time but at least if you lose your card you don’t lose access to your account — forever. You just call, verify yourself, and get sent a new card. But how do you do this in crypto?

The solution — Guardians — is to use the people or devices you already trust. You give them limited permission to help with specific tasks (such as approving a recovery). And these tasks are predefined in a smart contract. You’re always in control and can easily add or remove a Guardian at any time.

With an iOS or Android app, the private key to the wallet is stored secretly on your phone; the funds (ETH and ERC20 tokens) are safe in a smart contract.

The app acts like a remote control to your account. (In technical terms your phone holds an Externally Owned Account that controls a Contract Account on the Ethereum network).

Guardians

Guardians take three forms:

  1. People (e.g. friends or family with the Argent App)
  2. Devices (e.g. hardware wallets of your choice)
  3. Third party services (e.g. a smart contract, using two-factor authentication; or, in the future, a network of third-party KYC providers)

You can have as many Guardians as you want, in whatever combination you want. You can add or remove them at the tap of a button on your app.

Cryptocurrency expert that doesn’t trust anyone? Make hardware wallets your Guardians. Newcomer to the field? Use friends or family you trust.

Guardians in action: how to recover a lost wallet

If you lose your phone or it’s stolen, you could recover your wallet on a new phone by asking your Guardians to approve the recovery.

The process is as simple as:

  1. Downloading the wallet app
  2. Entering your username / password for the application
  3. Contacting your Guardians, who open their app and tap Recover
  4. Done!

For extra security, ownership is only transferred after 36 hours. During those 36 hours you can ask Guardians to cancel the recovery process (for instance if you find your phone).

Guardians — a breakthrough for crypto usability and security

Guardians represent a new era in crypto. You have the freedom to control your own funds while knowing you’re protected by those you trust.

Wait — that explains Guardians… But what about Smart Wallets?

How it Works

Smart Wallets are smart contracts that act as trustless wallets for users. Since these wallets are smart contracts, they have programmable logic, giving them the following characteristics:

  1. Each user has an authorization wallet and a smart wallet.

The authorization wallet has permissions to access the funds kept in the smart wallet

2. Multiple wallets can be connected to one smart wallet

A smart wallet can define the list of authorized wallets that can interact and manage the wallet

3. No funds are kept in the wallet that users generate during registration

These wallets are just authorized interaction wallets. If access is lost funds are still recoverable, as funds are kept in the user’s smart wallet

4. The issuing organization defines the Guardian Wallet that can reset and modify the list of authorized interacting wallets

This allows a user to go through a centralized password reset flow through email. After resetting the password, the smart wallet system generates a new authorized interaction wallet and associate it with the smart wallet while removing the lost wallet

5. Users have trustless, sponsored transactions

Interaction with the smart wallet (making a transaction) requires a signature from the authorized wallet. In the smart wallet system, these signatures can be sent on the chain by any other wallet. This means that all that is needed by the user to interact with the smart wallet is to sign an off-chain message. This message can be triggered by any defined action. Then, the issuing organization can use their own wallet (containing funds) to sponsor the on-chain transaction in a trustless manner.

It is important to separate commands and transactions. The authorization wallet makes a command, the Relayer receives this command, and then the transaction (with the signed command) is executed by the smart wallet

6. Wallets are deployed on demand

Wallets are deployed via on-chain transactions in this system, which is a paid transaction to the blockchain. The smart wallet system deploys the wallets “on demand”, where the underlying blockchain knows the address of the smart wallet before deploying; causing no interruption of service or temporary accounting on the chain. Wallets are not deployed until a proactive action occurs, but each user will still have an address. Users are able to receive funds, but in order to send or claim funds their wallet must be deployed.

7. User registration prompts the generation of an authorized wallet for the user

The authorization wallet is encrypted with the user password and the encrypted version is stored in the database. When the user logs in, the encrypted wallet is served from the database to the client-side application and decrypted via the user wallet password

8. The architecture includes a middleware server called a Relayer

The job of the Relayer is to relay transactions from the user’s authorization wallet to the user’s smart wallet contract. The smart wallet contract checks if the actions have been authorized by the user’s authorization wallet. These checks are based on cryptographic signatures from the authorized wallets (authorization key/private key). This allows the user to control their smart wallet without actually owning any funds in their wallet and the transaction fee is paid by the submitter of the transaction to the blockchain — the Relayer. The blockchain will show that the transaction originated from the Relayer, but the internal transactions will show the commands within the transaction.

9. Two main addresses are written into the user smart wallet contract
First is the authorization address (address of user authorized wallet) for the authorization of submitted transactions within the application. Second is the address of the Guardian. The Guardian can replace the authorization address, which is done during account recovery

10. A lost authorization wallet means a user will no longer be able to authorize commands to be executed by their smart wallet

This requires a user to go through account recovery (through email verification). The Guardian wallet asks the user to generate a new authorization wallet (happens automatically through the password reset flow) and then replaces the old address with the new one. With this new address, a user can proceed normally; giving them complete access to their smart wallet and associated balances

--

--

Nightly Crypto
NightlyCrypto

Written by Nightly Crypto

126 Followers

Blockchain, bitcoin and decentralized finance education

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams