👮‍♂️
Guardian Smart Wallet Contracts
  • 👋Welcome
  • 🔭Overview
    • ✨Our Features
      • Smart Wallets
      • Social Account Locking
      • Social Account Recovery
    • 🚀Getting Started
    • 💡Architecture
  • 📗Guides
    • 💰Smart Account (Account Factory)
    • 👮‍♂️Guardian Contract
    • 🤝Account Guardian
    • 🔒Account Lock
    • 🔐Account Recovery
Powered by GitBook
On this page
  • Usage
  • Import
  • Functions

Was this helpful?

  1. Guides

Account Recovery

PreviousAccount Lock

Last updated 1 year ago

Was this helpful?

The Account Recovery contract is used by guardians to help recover the smart wallet account in case the user loses account access. A user can lose access if:

  • They uninstall the dApp from their mobile devices, which generally involves removing all locally stored data and keys of the dApp from the device.

  • They delete the passkey/private key stored locally on their computers

Once the wallet access is lost, a user can initiate an account recovery request for their smart wallet account by verifying the email they used to create the smart wallet account. A consensus has to be achieved by the account guardians on the account recovery request, post which, a new embedded wallet is created for the user by the dApp and is made the owner of the smart contract holding assets of the user's smart wallet.

Since the Account Recovery contract handles individual accounts' recovery operations and storage, a new instance of the Account Recovery contract is deployed on the creation of every new smart wallet account.

You can refer to the to understand the high-level inter-dependencies between various contracts.

Usage

On the client side:

Use the AccountGuardian contract address directly on the client side to interact with the deployed contract.

In smart-contract projects:

import {AccountRecovery} from "@guardian-wallet/contracts/utils/AccountRecovery.sol"

Import

import {AccountRecovery} from "@crypto-phoenix/contracts/utils/AccountRecovery.sol"

Functions

function commitEmailVerificationHash(bytes32 _emailVerificationHash)

Used by your email verification service to commit email verification hash with the Guardian Smart wallet system. A verification hash is generated by encoding a recovery token and nonce and turning it into a hash (bytes32).

Please note, that you will have to set up an email verification service which will be responsible for generating a random recovery token and nonce and sharing it with both:

  1. The user's email

  2. commitEmailVerificationHash(..) function

This is done to enable email verification of the user initiating the account recovery request by Guardian Smart Wallet system.

Params:

bytes32 _emailVerificationHash The email verification hash committed by your email verification service and will be used to verify the user initiating the account recovery request.

function generateRecoveryRequest(string calldata email, 
    bytes calldata recoveryToken, 
    uint256 recoveryTokenNonce)

Since the user has lost access to their wallet, a new embedded/EOA wallet has to be issued for the user to call the generateRecoveryRequest().The address of the new embedded/EOA wallet will also be made the new owner of the smart contract holding the user's smart wallet assets once the recovery request is executed, thereby recovering access to the smart wallet!

The email verification process involves sending the following params to the generateRecoveryRequest(..) and matching them against the token and nonce shared by the email verification service with the commitEmailVerificationHash(..) function

Params:

string calldata email The email address of the user used while setting up the smart wallet

bytes calldata recoveryToken The recovery token received by the user from the email verification service.

uint256 recoveryTokenNonce The recovery nonce received by the user from the email verification service.

function collectGuardianSignaturesOnRecoveryRequest(address guardian, bytes memory recoveryReqSignature) external;

Will collect the account guardian's signatures on the account's active recovery request.

With every new signature coming in, the Guardian Smart Wallet system will evaluate the consensus status of the account's recovery request. If consensus is achieved, the ownership of the smart contract powering the smart wallet account is given to the new embedded wallet created for the user, by your dApp, during the initiation of the account recovery request.

Can be called only by verified account guardians, allotted by the smart wallet owner.

Params:

guardian The guardian who’s signature on the recovery request is being sent.

recoveryReqSignature The guardian's signature on the account's active recovery request.

function getRecoveryRequest() -> bytes32

Retrieve the account's active recovery request.

Returns:

bytes32 The hash of the account's recovery request.

This function is used to generate the account recovery request for a smart wallet account. The owner of the smart account can only initiate the account recovery request by verifying the email they used to set up the smart account. .

📗
🔐
Guardian smart wallet architecture
Refer to the createAcccount(..)