https://img.inleo.io/DQmagpTVP5U9oFX8PrDxzXoTg8VA4cdgpLWhEdwpoxfnLeu/recovery-road-into-sunlight-760.jpg
A necessary function of crypto.
Being a bank is a stressful job. Even the most basic of operations in crypto can lead to devastating consequences. Sent crypto to the wrong address? You lose it all. A centralized entity goes insolvent? All their IOUs are worthless. Someone gets ahold of the seed phrase? Gone. Lost your own password? Sorry, better luck next time! Boating accident? Forget about it.
One of Hive's big selling points has been a feature that is hardly ever needed but still acts as a critical pillar of infrastructure. The recovery feature, as if by magic, allows for the decentralized ability for the rightful owner of an account to "steal" it back from a thief without introducing any vulnerabilities whatsoever into the system. This is quite an impressive feat that seems to have gone unnoticed within the larger crypto ecosystem.
How does it work?
Well I've already described in detail how the recovery process works, but the brief rundown goes something as follows:
- An account gets stolen.
- This account loses all their liquid assets.
- The true owner can reclaim the account and any locked assets.
- They contact their recovery provider.
- The recovery account broadcasts a new public owner key.
- This new key must then be signed with an owner key that was valid within the last 30 days.
- The account has now been reclaimed and can sign transactions with the new owner key (IE change any key that needs changing).
Even though this process very rarely needs to occur it is critical that it does exist, just like the ability to roll back bad blocks. Just because it doesn't happen very often does not imply it isn't absolutely necessary. Recovery an absolutely required feature, especially when our very online reputations are tethered to these abstracted accounts.
And it should be so on Bitcoin as well.
The more I think on it the more I realize that it is actually quite foolish that Bitcoin doesn't have something like this. Bitcoiners go through so much trouble trying to ramp up their security and make sure they never get hacked. Some of them go so overboard that they outsmart themselves with their own custom encryption algorithms and lose their coins from simple user error. At a certain point the risk of our own incompetence becomes higher than the risk of outside threats. It is known. How many stories have we heard of billions of dollars worth of Bitcoin just sitting in a landfill somewhere? https://img.inleo.io/DQmZiXPmrkVMoJp7o1XMNHzY3BauFmDGshimP5wZXyGup31/scrap-yard-junk.jpg
So what does this look like on BTC?
Well the crux of the entire recovery system is that the user is alerted to the theft before a person can unlock and steal their entire stash. Therefore the most critical piece of any recovery system is going to be timelocks, which Bitcoin already has.
The part that I'm not so sure about is the ability to employ complex multisig within a very particular smart contract. It's obvious that Ethereum (or any smart-contract chain) would be able to do something like this, but Bitcoin might be a little trickier (or not I really have no idea from a technical aspect).
What Bitcoin needs is a wallet that allows users to timelock their BTC. Again, this would be easy to achieve (I think). The Bitcoin has to stay locked forever until such times that the main private key tells the contract it needs to be unlocked. Once this message is sent it would need to be in some kind of powerdown phase (say 3-7 days) before truly unlocking and being moved.
The frontend company that provides this service should send text messages and/or emails to the user telling them their coins are unlocking and which address they'll be sent to when the timelock expires. Of course such things should be open source so hardcore users that want to be in control of everything can set it up on top of their own Bitcoin node without the need to trust such centralized agents for an alert. Plug & Play; Modular.
So what happens if the main key is stolen?
If a timelock begins countdown without the rightful owner's approval they can reset the withdrawal using their own key and sending it to the correct wallet. This alone theoretically could be enough to stop the hack because each one of these resets would cost an on-chain operation. The hacker might just give up after a single try knowing they are simply wasting money and the true owner would never allow them to steal the funds.
However the recovery account in this case would be a 2:2 multisig operation that allows the rightful owner to bypass the timelock entirely and immediately transfer the funds to a safe wallet. With this feature in place the hacker would need to know both keys at once to be successful. This would be just as good if not better than the traditional multisig being employed today.
https://img.inleo.io/DQmaL47vjwbVjgY5N7eP9ipMkdtAAph26EKsyB9ku7svRoK/learn-block-link-signature-chain-blockchain.png
What's the current alternative to this?
Without a timelock, Bitcoiners are resorting to things like 2:3 multisig. Meaning if I had a cold storage wallet maybe I give my two best friends 1 part of the key so if one of us loses it (or dies) the money can still be accessed. The problem with 2:3 is that my two best friends could certainly betray me, and the financial incentive of that event taking place just keeps going up as the value of Bitcoin increases.
Other variants
The timelocks create a scenario were the true owner of the Bitcoin pretty much stays in full control all the time unless shit hits the fan. However, multisig could be used in both cases: the primary key and the recovery key. For example, the primary key could be something crazy like 3:10 multisig while the recovery account could be 2:3.
In this scenario maybe an extended family shares the primary key among 10 members. Three of them together have the power to start the countdown and shuffle money off to another wallet after 7 days. However, if any 3 family members try to go rogue and steal the family jewels, as it were, the recovery keys could stop this from happening.
Perhaps these three recovery accounts would be considered the most trustworthy, the ones who contributed the most to the wallet, or whatever criteria was agreed upon in advance. Or perhaps these 3 keys could be given to completely neutral entities like lawyers or escrow services. The sky is the limit.
Joint accounts
The ability to create shared joint accounts while keeping individual members honest could be highly useful. For starters, it is the ultimate privacy solution. How would these data companies track the Bitcoin in our wallets when the Bitcoin is constantly flying in and out of accounts that are owned and operated by groups of multiple people? Something like this also potentially cuts down on fees by allowing bigger withdrawals to be removed from the wallet and sent to an exchange to be divided up off-chain after the fact.
Conclusion
Again I'm not technically knowledgeable enough about Bitcoin in terms of multisig and timelocks to know if everything I've stated here could be created in the exact way I've described, but I do have a quite reasonable expectation that any smart-contract network could do it without breaking a sweat. I assume that Bitcoin can do it as well but that has yet to be confirmed.
Timelocks are the key to long-term account security. Networks like Bitcoin assume their users should never make a mistake, and if they do they've just lost everything and there is no recourse. This is not a viable option as crypto goes mainstream. Multisig, timelocks, and account recovery will play a pivotal role in not only securing one's assets, but also for creating trustless joint accounts and making sure inheritance is received rather than being lost forever.
Return from Bitcoin Recovery Account to edicted's Web3 Blog