Ensuring the security and convenience of managing your crypto assets have never been more critical. Traditionally, we’ve relied on BIP39 compatible wallets. However, even a momentary oversight of your seed phrase or private key can jeopardize your crypto assets. UniPass aims to revolutionize digital wallet security by likening our approach to a smart fingerprint lock.
Understanding the Transition
The Achilles’ heel of traditional BIP39 wallets lies in their unforgiving nature. Only a single private key or seed phrase determines access to your assets. UniPass presents ourselves as the breath of fresh air everyone has all been yearning for. Imagine the convenience of setting up a decentralized smart contract wallet merely by logging in through your Google account. The cumbersome process of memorizing and backing up your seed phrases becomes a relic of the past.
Debunking Myths: The Role of Private Keys in Smart Contract Wallets
It’s a common misbelief that smart contract wallets do away with private keys. The truth is, private keys remain crucial for most smart contract wallet operations. The game-changer with UniPass is our built-in social recovery mechanism. This allows users to retrieve their assets even if they lose their private key, relieving them of the constant mnemonic backup stress.
A Deep Dive into UniPass’s Mechanics
A unique self-custody private key is generated and linked to the user’s Google account when they register with UniPass. The main private key, exclusively designated for approving transactions, is autonomously generated on the user’s device during the registration phase. Leveraging the robust security of Keychain/KeyStore, this key remains safeguarded within the device, accessible solely only after the user has verified his/her fingerprint or FaceID.
UniPass also ensures a hassle-free experience even when users switch devices. A locally-generated encryption key encrypts the main private key and stores it as a backup file in the user’s Google Drive. A copy of the encryption key is also stored on UniPass servers, fortified by AWS’s KMS encryption.
When users log in from a new device, all that’s needed is the backup file of the private key from their Google Drive. By signing into their Google account with the backup file, users can access the encrypted key on UniPass’s servers, allowing them to recover their private key on the new device.
It’s paramount to understand that throughout this process, the private key’s integrity remains uncompromised. Only the user has access to it, and its content remain concealed from UniPass. Our solution is decentralized and focused on self-custody. We neither control nor have access to your keys, ensuring we can’t move or manage your funds.
To help you understand better, here’s a simple illustration:
Suppose Bob buys a new phone and wants to transfer his UniPass account from his old phone to his new phone. No issues! All he has to do is retrieve his backup file from Google Drive and sign into his Google account to obtain the encrypted key from UniPass’s servers. With that, Bob is ready to use his UniPass account on his new phone, without compromising his private key’s safety.
Harnessing the Power of Social Recovery
Despite having a backup process for the private key, two primary risks still exist:
- Misplacement of the backup file on Google Drive
- Unforeseen UniPass server issues or loss of the encrypted key
Unlike traditional wallets, where such situations would spell disaster, UniPass provides an ace up the sleeve: the social recovery feature.
During the UniPass registration process, two different keys are generated: the main private key and a recovery key anchored to Google OpenID/DKIM. Think of this recovery key as your emergency spare for a sophisticated lock system.
Understanding the Distinction: OpenID vs DKIM
- OpenID: Imagine you have a bunch of keys for different doors (different websites). It could be a hassle to carry them all and remember which one fits into which lock (remembering all usernames and passwords for different websites). OpenID is like a master key (a single username/password) that works on many doors (websites) without you needing to keep a bunch of keys. So instead of creating a new username and password for every website, you use your OpenID (master key) to prove that you are you.
- DKIM (DomainKeys Identified Mail): DKIM is a unique ‘stamp’ for emails. When an email hosting provider sends out an email, they add a DKIM signature (unique ‘stamp’) that is very difficult to forge. The receiving email server authenticates that DKIM signature by looking up the sender’s public DKIM key to verify the signature. If it’s valid, the email is likely to be genuine. If it’s invalid or missing, the email could be a phishing attempt or spam.
When a UniPass user misplaces their main private key and is unable to access their account, they have two recovery options to choose from via the UniPass App: using Google login (OpenID) or email authentication (DKIM). Here’s a simplified breakdown of the process:
- First, the user needs to generate a new private key. Then they need to draft a recovery statement in line with UniPass’s smart contract guidelines. This could be something like, “The address of my account is XXXXX, and I want to replace my old key with this new key YYYYY.”
- The user, then through the UniPass App can either choose to incorporate the statement during their Google login phrase or input it in the ‘Subject’ heading during the email authentication phrase. Subsequently, Google will authenticate the data using its proprietary private key and provide the UniPass App with an endorsed signature.
- The final step involves the user submitting the received signature to the blockchain via the UniPass App. On receiving the account recovery transaction, the blockchain examines the authenticity of the Google signature through a smart contract. Only upon successful verification does the account recovery procedure initiate.
For clarity, consider this example: Imagine Alice loses her private key for her UniPass account. She creates a new key and drafts a statement like, “For account address ABC123, I wish to use my new key DEF456 in place of the lost one.” She then incorporates this statement during her Google account sign-in phrase on the UniPass App. Google signs off on the statement and sends back a signature. Alice proceeds to submit an account recovery transaction using the received signature to the blockchain via the UniPass App. Once the blockchain’s smart contract verifies the signature’s authenticity, her account recovery procedure kickstarts.
With the integration of OpenID and DKIM cryptographic verification processes into UniPass’s smart contracts, users can initiate social recovery transactions via Google login or email authentication, to swap out the existing private key for a new one.
UniPass also has its own customized key management framework tools that empower users to:
- Engage Multiple “Guardians”: Users have the ability to include multiple friend’s or family’s email addresses as recovery keys to exponentially boost their account’s security
- Delegate Account Operators: Users can grant chosen confidants the authority to manage a portion of their crypto assets
UniPass, through our avant-garde features and robust security protocols, provides an unparalleled digital wallet experience. Gone are the days of seed phrase and private key backups. With UniPass, asset security is a guarantee, enhanced by the power of social recovery.
UniPass offers a comprehensive stablecoin payment solution. Enjoy gas-free payments, and the ability to process batch transactions with one-click. Confidently manage, transfer, purchase, and store your stablecoin with the UniPass wallet.