Key management as it currently exists in blockchains is unfamiliar to the vast majority of the population. When signing up for new services, users expect the usual email-password signup flow, and anything that strays from that is often avoided.
The combination of the technicality and consequences of key management can be disastrous. Key loss is unfortunately quite common and has likely lead to the loss of millions of dollars. Let’s take a look at how we’re working to make key management more user-friendly.
A mnemonic is, “a device such as a pattern of letters, ideas, or associations that assists in remembering something”, and was the first proposed solution to user-friendly key management on Ethereum. Initially proposed in March of 2016, EIP-75 set out to make private key management simpler by allowing a set of seed words to regenerate a user’s private key in the case that it gets lost.
Instead of storing a 40-character private key, this approach gives users a list of 12 random words, making it much easier to store, or even memorize. Though this was a significant improvement, it doesn’t appear to be an effective enough method to store a significant amount of financial value, since it can still be easily lost or destroyed.
Multi-signature, or multisig, wallets are wallets with multiple owners wherein actions can only be made if a minimum number, or threshold, of wallet owners agree. Since multisig wallets have many owners, in the case that an owner loses their private key, the other owners can still perform actions. This eliminates the single point of failure that standard wallets have.
Multisig wallets can also make use of more advanced functionality. For example, they can be configured to allow owners to agree upon adding or removing a member to the group. They can even be configured to be modified by governance models so that non-owners can vote on certain actions, such as removing an owner from the group.
As useful as multisig wallets can be, they can still have their pitfalls. It is imperative that the wallet owners are trustworthy, otherwise corrupt owners can collude to drain the funds. Although unlikely, it is also possible that enough owners lose access to their private keys, meaning that there aren’t enough members to meet the threshold to perform actions, though this can be circumvented by adding members back as soon as they lose access to their private key.
Social recovery is a method for key management that works by selecting a group of trustworthy people to have partial access to your account. Each member of your social recovery group is given a cryptographic piece of your private key which if combined can give them access to your private key, but individually the pieces are effectively useless.
As with other approaches to key management, it is not a perfect approach. Like with multisig wallets, if your trusted members aren’t as trustworthy as they seem, they can collude to gain account access and steal your funds.
Advanced Social Recovery
Advanced approaches to social recovery have been, and continue to be, created. One notable approach to advanced social recovery is Argent wallet’s guardians.
Argent guardians works similarly to standard social recovery, except the guardians used for account recovery don’t actually have access to your funds. Instead, your guardians have access to a limited selection of administrative functions. They can lock your wallet, approve a wallet recovery, or approve a transfer that exceeds your daily limit.
KYC or ‘know your customer’ is a standard regulatory approach which works by authorizing users with their identity. Although standard in bank regulations, KYC has many flaws when applied to blockchain technology. Since the KYC process is off-chain and reliant on a provider, it is no longer trustless, meaning that a malicious provider could effectively steal user funds. It is also an expensive process, of which someone has to cover the cost.
Time Lock Recovery
An interesting approach to restoring lost accounts, the time lock recovery method allows users to prove that they have lost access to their account. The process starts with the account owner placing a deposit to signify that they no longer have access to their account. This deposit starts a countdown in which if no transactions occur on the account, then it is proven lost and the funds can be transferred to the new address of the owner. In the case that a malicious actor tries to perform this process, the owner can prove they still have access to the account by making a transaction, causing the attacker to lose their deposit.
Perhaps the best approach to key management for user-experience is a combination of the options listed above. Regardless, it seems evident that there is still much room to improve upon this process.
Follow me on medium and twitter for future articles.