Why We Need a Recovery Mechanism

It has been previously discussed that Clave employs the mechanism of Passket Signing, transforming everyday devices into secure hardware wallets. This advancement is significant; however, it brings forth a notable challenge. If a user were to lose all of their devices, recovery would be formidable, given that the key within the Secure Enclave—or other hardware modules that we are using—is non-extractable. To address this problem, we have developed a recovery mechanism.

Clave’s Recovery Mechanism:

An ideal recovery mechanism is an indispensable aspect of digital asset security, especially when utilizing advanced technologies like Passkey Signing. The perfect recovery solution should be user-friendly, resistant to censorship, cheap, efficient, and devoid of introducing any additional trust assumptions.

Recognizing the critical importance of a solid recovery solution, we have implemented a comprehensive recovery mechanism at Clave, which includes a 48-hour time lock feature designed to reduce the risk from malicious actors.

Characteristics of an Ideal Recovery Mechanism:

  1. User-Friendly: The mechanism should be intuitive and accessible, ensuring that users, regardless of their technical proficiency, can navigate through the recovery process with ease and precision.
  2. Censorship-Resistant: It should be impervious to external manipulations and interferences, enabling users to have uninterrupted access to their assets in varied geopolitical landscapes.
  3. Economically Viable: The cost implications of utilizing the recovery mechanism should be minimal, allowing users from different economic backgrounds to benefit from the service.
  4. Efficient: The process should be streamlined and prompt, ensuring users can regain access to their assets without undue delays or complications.
  5. No Additional Trust Assumptions: It is crucial that the mechanism does not necessitate the introduction of any new trust assumptions, maintaining the integrity and security of the user's assets.

The 48-Hour Time Lock:

The incorporation of a 48-hour time lock in both recovery mechanisms is a deliberate measure designed to prevent potential unauthorized access and malicious activities. After beginning the recovery process, the user receives a notification from the Clave app and/or email and is given 48 hours to cancel the recovery. This provides a recovery mechanism without introducing new trust assumptions, as the user maintains complete control over their assets.

Cloud Based Recovery: Passkeys

Passkeys are designed as a secure and user-friendly alternative to traditional passwords, utilizing a technology that greatly eliminates the risk of phishing. This system involves the creation of a unique pair of cryptographic keys for each account: a public key, which is openly stored on the server, and a private key, which remains confidential and is securely held on the user's device.

When a user creates an account with passkeys, the encrypted version of the private key is synced via the Cloud. This means that if users lose their device, they can recover the key from other devices if the device is selected as a "trusted device". The Passkeys are encrypted via Secure Enclave (biometrics), and the encrypted version is shared via Cloud. This means that even if the Cloud gets compromised, no one can access it.

This recovery method native to Passkeys has a flaw: if you lose all devices, you cannot recover your account. Thus, we've implemented Social Recovery.

Social Recovery

Instead of using iCloud or Google Drive, users can pick family or friends to help them get their account back if needed. Users can do this by giving the friend’s or family member’s Clave nickname or address. After picking a guardian, there’s a 48-hour wait time during which users can change their mind and stop the process if they want to.

To start getting their account back using a new device, users need to give their helper’s Clave nickname or address. Clave will then make a link that users send to their helpers. Like when picking a guardian, there’s a 48-hour wait time during the recovery process, giving users a chance to stop it from the original device if needed.

This way, called Social Recovery, is all about giving users more choices to keep their accounts safe, mixing security with the help of friends or family, and making it all easy to manage.

Final Thoughts:

At its core, Clave is on a mission to revolutionize recovery management by making it secure and user-friendly, without compromising trust. Our goal is to eliminate the complexities often associated with recovery processes, making it a seamless experience for every user, regardless of their technical know-how.

In the ever-evolving web3 space, security is paramount. Clave is aiming to provide the most secure key management system available, ensuring that every user can have seamless experience.

By introducing recovery mechanisms like Cloud Based backups and Social Recovery, Clave is not just offering alternatives but is setting a new standard in secure, versatile, and user-friendly digital asset management. It’s about empowering users, giving them the autonomy to manage their digital presence securely and effectively, and ensuring their peace of mind in the web3 space.

In conclusion, Clave is not just a platform; it’s a secure harbor in the digital world, pioneering easy-to-use, reliable solutions in account recovery and management, and standing as a beacon of trust and security in the web3 space.

About Clave

Clave is an easy-to-use, non-custodial smart wallet powered by Account Abstraction and the hardware-level security elements (e.g., Secure Enclave, Android Trustzone, etc.) to simplify the onchain experience for the next billions. By empowering users with a user-friendly and secure bridge to seamlessly integrate their assets into everyday life, Clave delivers a comprehensive fintech solution, ensuring a holistic financial experience for all.

Connect with Clave: