🔐Account Recovery
The Account Recovery contract is used by guardians to help recover the smart wallet account in case the user loses account access. A user can lose access if:
They uninstall the dApp from their mobile devices, which generally involves removing all locally stored data and keys of the dApp from the device.
They delete the passkey/private key stored locally on their computers
Once the wallet access is lost, a user can initiate an account recovery request for their smart wallet account by verifying the email they used to create the smart wallet account. A consensus has to be achieved by the account guardians on the account recovery request, post which, a new embedded wallet is created for the user by the dApp and is made the owner of the smart contract holding assets of the user's smart wallet.
Since the Account Recovery contract handles individual accounts' recovery operations and storage, a new instance of the Account Recovery contract is deployed on the creation of every new smart wallet account.
You can refer to the Guardian smart wallet architecture to understand the high-level inter-dependencies between various contracts.
Usage
On the client side:
Use the AccountGuardian
contract address directly on the client side to interact with the deployed contract.
In smart-contract projects:
Import
Functions
Used by your email verification service to commit email verification hash with the Guardian Smart wallet system. A verification hash is generated by encoding a recovery token and nonce and turning it into a hash (bytes32).
Please note, that you will have to set up an email verification service which will be responsible for generating a random recovery token and nonce and sharing it with both:
The user's email
commitEmailVerificationHash(..)
function
This is done to enable email verification of the user initiating the account recovery request by Guardian Smart Wallet system.
Params:
bytes32 _emailVerificationHash
The email verification hash committed by your email verification service and will be used to verify the user initiating the account recovery request.
Since the user has lost access to their wallet, a new embedded/EOA wallet has to be issued for the user to call the generateRecoveryRequest().
The address of the new embedded/EOA wallet will also be made the new owner of the smart contract holding the user's smart wallet assets once the recovery request is executed, thereby recovering access to the smart wallet!
This function is used to generate the account recovery request for a smart wallet account. The owner of the smart account can only initiate the account recovery request by verifying the email they used to set up the smart account. Refer to the createAcccount(..).
The email verification process involves sending the following params to the generateRecoveryRequest(..)
and matching them against the token
and nonce
shared by the email verification service with the commitEmailVerificationHash(..)
function
Params:
string calldata email
The email address of the user used while setting up the smart wallet
bytes calldata recoveryToken
The recovery token received by the user from the email verification service.
uint256 recoveryTokenNonce
The recovery nonce received by the user from the email verification service.
Will collect the account guardian's signatures on the account's active recovery request.
With every new signature coming in, the Guardian Smart Wallet system will evaluate the consensus status of the account's recovery request. If consensus is achieved, the ownership of the smart contract powering the smart wallet account is given to the new embedded wallet created for the user, by your dApp, during the initiation of the account recovery request.
Can be called only by verified account guardians, allotted by the smart wallet owner.
Params:
guardian
The guardian who’s signature on the recovery request is being sent.
recoveryReqSignature
The guardian's signature on the account's active recovery request.
Retrieve the account's active recovery request.
Returns:
bytes32
The hash of the account's recovery request.
Last updated