Recover Incognito Wallet under any circumstances.

What problem are you solving?

When it comes to storing your assets, safety is always first, don’t we all agree? It does not matter how many cool features that wallet offers, once you lose your phone & private key, you can do nothing with those fancy features. As for now, there are a few circumstances we can think of where users might lose their fund or control of their fund at least:

  • Case 1: Users lost their phones, and also lost their private keys.
  • Case 2: Users lost their phones, still have access to the private keys, but their phones are unlocked and they did not set up the passcode for the app. This will allow thieves to easily have access to their wallet and make transactions.
  • Case 3: Users who reluctantly give their wallet access to their spouses and have a need to vote in every big transaction their partners make.

What is the solution?

Incognito is working hard to increase the level of security for the wallet, to help users recover their wallet access even in the most unexpected situations.

This is what users will need to do to set up the security for their wallets:

  • Set up your email address for your account, that will be used as a recovery hint.
  • Assign another person that you trust or a hardware wallet (it is highly recommended that you assign to at least 2 devices or people, to avoid single point failure), as a backup solution in case you lost your phone => Assign by adding the email attached to your guardian’s wallet.

Okay, just imagine, if you just lost your phone, & also do not remember where you kept your private key. How would you regain access to the wallet? You would not be able to, at least for now. With the new security feature, recovering your wallet would be a no-brainer.

1/ Here’s how you can recover your wallet with backup devices/people:

  • Step 1: Install Incognito Wallet in a new device & input the email that attached to your lost wallet, and tap Recover the account.
  • Step 2: Ask your guardians to approve the changes on their phones (they will receive notifications once you trigger the recovery process).
  • Step 3: Once at least 2 of other devices approve the recovery process, your account will be recovered.
  • Step 4 (special case): In case your 2 guardians know each other & know how rich you are and planned to take control over your account. The recover process will only happen 12 hours after the recover request approvals, and you will be notified when such actions happen. Since you are the main owner of the account, you can remove the guardians who approved account recovery without your permission and therefore such approvals will be voided.

2/ Another way to recover your wallet is with your own biometrics (which was automatically backed up from the old phone to your personal cloud services like icloud or google drive)

  • Step 1: Make sure you are logged in with the same iCloud (for iOS) /Google account (for Android devices) as the one your previous device.
  • Step 2: Install Incognito Wallet on the new device, enter the email as a recovery hint => Choose to recover by biometrics login instead of Guardians
  • Step 3: Scan Facial / Fingerprint similar to the one you used on the lost device, to verify
  • Step 4: You are in.

3/ In case you share your wallet access with your spouse, and you want every big transaction to be approved by both you and your spouse:

  • Step 1: Set the minimum amount to be approved by both parties (Say…0.5 BTC, that means any transaction with the value greater than 0.5 BTC has to be approved by both parties, any amount less than that does not need to go through 2 approvals)
  • Step 2: Everytime one party make a transaction greater than the set amount, the other party will be notified via Incognito Wallet, and that person will double check & approve the transaction.

The technologies we use to improve security are called Multisig & Keyless.

Multisig requires more than 1 person to approve an action, whether it’s a transaction or an account recovery.

Keyless means that your key is not stored entirely on one platform (either locally on your phone or on the service server). It means even when the server got hacked, or you lost your phone, you can still recover the wallet. It happens because an encrypted copy of your device share is stored on the server, and the decryption code is stored separately in your personal iCloud (iOS) or Google (Android) account. Only with your 3D biometric face map or approvals from you guardians can you access the encrypted share.

Which solutions do people resort to because this doesn’t exist yet?

We’ve been using passcode & biometrics login to secure your wallet account only while you still have access to your phone. We are yet to be able to help you recover the wallet in case you lost your phone.

Who are you?

A product team member who is very concerned about users’ asset safety.

Why do you care?

I put my money in Incognito Wallet, and I want the risk of losing money as close to 0 as possible, for the sake of mine and other users’ as well.

What’s your plan? What’s your schedule?

To build the new security feature for Incognito Wallet, there are 2 inputs:

  • UI/UX design: Expected to deliver by end of April
  • Multisig + Keyless technology: Expected to deliver by middle of May

With careful QC to make sure the feature works smoothly, we are expected to push the new security feature live by the end of May

What’s your budget?

Resource Price Quantity Monthly cost
Product manager 1,000 PRV 1 1,000 PRV
Blockchain engineer 1,000 PRV 2 2,000 PRV
QC 1,000 PRV 1 1,000 PRV
Subtotal 4,000 PRV
Total (2 months) 8,000 PRV

Is there an existing conversation around this idea?

There have been conversations about losing Incognito private keys here and there on Telegram, however none of them made it to Incogito.org, and I intend to address this matter seriously with this proposal.

Is there anything else you would like the community to know?

It’s important that my solution makes it possible for users to regain access of their wallets in the most unexpected circumstances. Therefore, it’d be very helpful if you, our community members, give me feedback in terms of what case my solution fails to cover.

It’s our duty to build a wallet that users feel safe putting their money in. Any feedback would greatly help.

5 Likes

Henry, thanks for submitting the proposal. I personally think it’s absolutely a cool feature to have. Regarding the timeline, could you please make it clearer?

Hi all,

Is there any news on this side ? I myself am super interested in helping develop such a feature.

I’ve been an Ethereum dev for three years now [mostly working with the Aragon team] and have also developed the Argent wallet rescue CLI here and therefore have a good understanding of how this security feature could work.

My main concern is that I don’t see how to make this work in a trustless way as long as the multisig feature is not implemented. Is there any news on this side ?

Even a pure multisig feature would not really be enough. Actually the trick would be to only have one key controlling the multisig for most transactions [the owner key] and to have a multisig feature enabling guardians to update the owner key.

I would really love to know if something like this is implementable on the incognito chain :slight_smile:

Bests.

4 Likes

Hi @osarrouy,

You are totally right!

Currently, we cannot apply multi-sig or anything with similar functionality (e.g., keyless) since the key image, that will be used to check double spend, is a non-linear function with the private key.

We are implementing the new privacy version 2 for Incognito Chain. We will replace Sigma protocol and key image by MLSAG protocol as similar to Monore. That will help to build the multi-sig feature easily.

After the upgrade finished, we will continue to work on this proposal. Please check the update here Privacy Version 2 for Incognito :slight_smile:

2 Likes