Everything you need to know about non-custodial crypto wallets recovery methods
Custodial vs non-custodial
As the world of cryptocurrency continues to grow and evolve, more and more people are starting to use digital currencies. With the rise of cryptocurrencies comes the need for secure storage options. This is where crypto wallets come in.
There are two types of crypto wallets: custodial and non-custodial. The type of access keys, where they are stored and (this is important) how they can be recovered if lost, depends on the wallet type.
As usual, both types have their advantages and disadvantages. Not your keys not your crypto, yet in case with non-custodial wallets one can easily lose access to the wallet as there is virtually no way to restore it once completely lost. However, there exist some recovery methods, let’s have a closer look at them.
Basic recovery method (Private key/Mnemonic)
In general, in order to get access to the funds deposited to a certain address, one needs to import the wallet with the private key or mnemonic. This is the most common way, which is generally accepted and supported by all non-custodial wallets. However, if the private key or mnemonic is lost, it becomes impossible to regain access to the wallet.
Backup Services
How to avoid losing the private key or mnemonic? Evidently, to save it in some cloud storage. For instance, Rainbow Wallet (https://lnkd.in/dKhGMEna, https://lnkd.in/dz48fYZ4) allows one to save encrypted mnemonic in iCloud and restore it using the password one used to encrypt it.
However, such an approach is not really safe. Just like with custodial services, in case the cloud storage is hacked, malefactors will gain access to mnemonic/private keys, even though encrypted. For instance, in April 2022, scammers impersonated Apple support, got access to his iCloud, and stole 650k USD from a trader.
Multi-Party Computations
The idea is that one splits the key into parts and later restores it when needed. This allows the holder not to keep the whole key in one place and thus mitigate the risk of its leak.
The main advantage of this approach is that it helps to prevent the loss of a private key or its leak. To achieve it, a private key or a seed phrase is split into multiple parts and stored in different ways, for example: one part is stored at a friend’s or a family member’s device, the second one is stored in the cloud storage and the last one is stored in some centralised service, that will require some authorization to restore the part of the key.
Examples of MPC Wallets:
— ZenGo (zengo.com) — splits private key into two independently created «secret shares». One is stored on a user’s device, the second one is stored with ZenGo.
— Fireblocks (fireblocks.com) is a MPC solution for traders, exchanges, banks, etc.
Social Recovery
This approach was coined by Vitalik Buterin and here is how it works. First, a smart contract is being created and the following addresses are added:
1. The owner’s address, which can initiate transactions
2. 3 and more (the more the better) ‘Guardian’ addresses which with the majority of votes can change the private key which initiates transactions.
The owner’s address can also add or remove the ‘Guardians’. The changes come don’t come in force immediately, for instance, Buterin suggested that there should be a 3 days delay.
Normally one would use the smart contract as a standard wallet. But in case the user loses access to their private key, Social Recovery comes in. The user should to ask the ‘Guardians’ to sign a special transaction which will allow them to change the address and regain access to the funds.
There are many ‘Guardians’ types:
1. Other devices or just a written down mnemonic which belongs to the user.
2. Friends and family. In this case it’s vital that the ‘Guardians’ don’t know each other, otherwise they potentially can conspire.
3. Custodial services which will sign the transaction in case it’s approved by SMS, email or other verification methods.
What’s important when creating a contract like this is to add the possibility for the ‘Guardians’ to block outcoming transactions. To ensure this, one can add a slight delay before the fund’s withdrawal begins — this will allow the ‘Guardians’ to cancel the transactions by voting.
Thus, Social Recovery allows to significantly lower the risk of losing the access to the funds as well as the risk of the robbery.
