Discover more from Clave
Meet with Clave #3 : Recovery for Everyone
Clave offers different recovery options for different user segments: Cloud Backup and Guardians
Why We Need a Recovery Mechanism
It has been previously discussed that Clave employs the mechanism of Hardware Signing, transforming everyday devices into secure hardware wallets. This advancement is significant; however, it brings forth a notable challenge. If a user were to lose their device, recovery would be formidable, given that the key within the Secure Enclave—or other hardware modules that we are using—is non-extractable. To address this problem, we have meticulously developed two distinct recovery mechanisms, each specifically designed to cater to different user segments. Clave is going to support authorizing different devices’ for using same account which may can help
Clave’s Recovery Mechanisms:
Clave’s Recovery Mechanisms: A Dual Approach to Accessibility
An ideal recovery mechanism is an indispensable aspect of digital asset security, especially when utilizing advanced technologies like Hardware Signing. The perfect recovery solution should be user-friendly, resistant to censorship, cheap, efficient, and devoid of introducing any additional trust assumptions.
Understanding the imperative need for such a robust recovery solution, we have established two distinct recovery mechanisms at Clave. Both these mechanisms are imbued with a 48-hour time lock feature, a strategic implementation aimed at mitigating the risk from malicious actors.
Characteristics of an Ideal Recovery Mechanism:
User-Friendly: The mechanism should be intuitive and accessible, ensuring that users, regardless of their technical proficiency, can navigate through the recovery process with ease and precision.
Censorship-Resistant: It should be impervious to external manipulations and interferences, enabling users to have uninterrupted access to their assets in varied geopolitical landscapes.
Economically Viable: The cost implications of utilizing the recovery mechanism should be minimal, allowing users from different economic backgrounds to benefit from the service.
Efficient: The process should be streamlined and prompt, ensuring users can regain access to their assets without undue delays or complications.
No Additional Trust Assumptions: It is crucial that the mechanism does not necessitate the introduction of any new trust assumptions, maintaining the integrity and security of the user's assets.
The 48-Hour Time Lock:
The incorporation of a 48-hour time lock in both recovery mechanisms is a deliberate measure designed to prevent potential unauthorized access and malicious activities. After beginning the recovery process, the user receives a notification from the Clave app and/or email and is given 48 hours to cancel the recovery. This provides a recovery mechanism without introducing new trust assumptions, as the user maintains complete control over their assets.
Cloud Based Recovery:
When a user creates an account with extra security features, they have the choice to use iCloud or Google Drive as a backup for account recovery. If a user chooses this, a new account, known as an EOA, is created, but this is only for recovery purposes. The main key, which is the real controller of the user’s account, is kept inside a secure enclave, and the EOA is there to help in case of recovery.
The private key of the EOA is safely stored in either iCloud or Google Drive, depending on the user's choice. This means, if a user loses their device, they can use this EOA’s private key to get back access to their account from a different device.
It is important to highlight that the EOA account created for recovery purposes through Cloud Based Recovery can only be used for that specific function. Users maintain full control over this recovery option, with the ability to remove the EOA account at any time through the profile section of the app. Furthermore, they can overwrite the existing settings in the backup section of the app at their convenience, ensuring a secure and flexible recovery process.
Starting the recovery process triggers a 48-hour waiting period. During this time, if users have access to their original device, they can cancel the recovery. This wait time acts as a safety feature, giving users a chance to stop unauthorized recovery attempts.
Instead of using iCloud or Google Drive, users can pick family or friends to help them get their account back if needed. Users can do this by giving the friend’s or family member’s Clave nickname or address. After picking a guardian, there’s a 48-hour wait time during which users can change their mind and stop the process if they want to.
To start getting their account back using a new device, users need to give their helper’s Clave nickname or address. Clave will then make a link that users send to their helpers. Like when picking a guardian, there’s a 48-hour wait time during the recovery process, giving users a chance to stop it from the original device if needed.
This way, called Social Recovery, is all about giving users more choices to keep their accounts safe, mixing security with the help of friends or family, and making it all easy to manage.
At its core, Clave is on a mission to revolutionize recovery management by making it secure and user-friendly, without compromising trust. Our goal is to eliminate the complexities often associated with recovery processes, making it a seamless experience for every user, regardless of their technical know-how.
In the ever-evolving web3 space, security is paramount. Clave is aiming to provide the most secure key management system available, ensuring that every user can have seamless experience.
By introducing recovery mechanisms like iCloud/Google Drive backups and Social Recovery, Clave is not just offering alternatives but is setting a new standard in secure, versatile, and user-friendly digital asset management. It’s about empowering users, giving them the autonomy to manage their digital presence securely and effectively, and ensuring their peace of mind in the web3 space.
In conclusion, Clave is not just a platform; it’s a secure harbor in the digital world, pioneering easy-to-use, reliable solutions in account recovery and management, and standing as a beacon of trust and security in the web3 space.