Objective: Deploy new security protocol to allow users to recover their wallet under any circumstances.
Length: 2 months.
Allow users to recover their wallet with:
Recover your wallet with backup devices/people
- Step 1 : Install Incognito Wallet in a new device & input the email that attached to your lost wallet, and tap Recover the account.
- Step 2: Ask your guardians to approve the changes on their phones (they will receive notifications once you trigger the recovery process).
- Step 3: Once at least 2 of other devices approve the recovery process, your account will be recovered.
- Step 4 (special case) : In case your 2 guardians know each other & know how rich you are and planned to take control over your account. The recover process will only happen 12 hours after the recover request approvals, and you will be notified when such actions happen. Since you are the main owner of the account, you can remove the guardians who approved account recovery without your permission and therefore such approvals will be voided.
Recover your wallet with biometrics
- Step 1: Make sure you are logged in with the same iCloud (for iOS) /Google account (for Android devices) as the one your previous device.
- Step 2 : Install Incognito Wallet on the new device, enter the email as a recovery hint => Choose to recover by biometrics login instead of Guardians
- Step 3: Scan Facial / Fingerprint similar to the one you used on the lost device, to verify
- Step 4 : You are in.
Any huge transaction (set by users) will need approval from another device/person
In case you share your wallet access with your spouse, and you want every big transaction to be approved by both you and your spouse:
- Step 1 : Set the minimum amount to be approved by both parties (Say…0.5 BTC, that means any transaction with the value greater than 0.5 BTC has to be approved by both parties, any amount less than that does not need to go through 2 approvals)
- Step 2 : Everytime one party make a transaction greater than the set amount, the other party will be notified via Incognito Wallet, and that person will double check & approve the transaction.
We made this possible using:
Keyless means that your key is not stored entirely on one platform (either locally on your phone or on the service server). It means even when the server got hacked, or you lost your phone, you can still recover the wallet. It happens because an encrypted copy of your device share is stored on the server, and the decryption code is stored separately in your personal iCloud (iOS) or Google (Android) account. Only with your 3D biometric face map or approvals from you guardians can you access the encrypted share.
Multisig requires more than 1 person to approve an action, whether it’s a transaction or an account recovery.