DEVELOPMENT

How will the email-based private key recovery feature further enhance the Web3 user experience?

share
How will the email-based private key recovery feature further enhance the Web3 user experience?

The wallet developer Clave has introduced the concept of Universal Recovery with a Social Recovery mechanism: leveraging traditional email verification combined with on-chain protocols to create a social recovery private key function that can protect user privacy and security simultaneously. This enhances the most crucial aspect of the Web3 user experience - private key management. Source

Private Key Management is Key to User Experience

Web3 Built on Key Pair Cryptography

Web3 eliminates intermediaries and shifts responsibility back to users by utilizing encryption and key pairs. While innovative, this approach brings significant challenges, particularly in terms of poor user experience.

Users often lack knowledge on correctly storing keys, leading to high learning curves in Web3 usage and decreased security due to risks of key loss.

The Web3 ecosystem requires more user-friendly and secure solutions for private key management.

Social Recovery Optimizes Private Key Management

If a user loses access to their account, they lose access to their assets. Therefore, a recovery mechanism is crucial to enhance security and user experience. One mainstream recovery method is Social Recovery.

Social Recovery requires users to designate trusted individuals as guardians for account recovery. When a user loses their private key, they can seek key fragments from their guardians to recover the complete key, ensuring that only the user knows from whom to retrieve the key.

This improves user experience in private key management and enhances asset security.

Social Recovery Challenge: Guardians Need Blockchain Wallets

Existing Social Recovery mechanisms have a limitation where guardians need to possess blockchain wallets to operate, restricting the extension of this mechanism to a larger user base.

Social Recovery mechanism requires guardians to have blockchain wallets, limiting user reach

Clave's team addresses this issue by creating a Universal Recovery feature. The goal is to allow any internet user to become a protector of on-chain accounts, even if they do not have a blockchain wallet themselves.

Introduction to Universal Recovery Mechanism

Considering that over 4 billion people have at least one email address, creating an on-chain wallet using email can revolutionize the social recovery system. The team calls this Universal Recovery, where specific emails are authorized to initiate the recovery process.

Based on the recovery mechanism defined by EIP-4337, Clave's team developed the concept verification of Universal Recovery. This implementation allows users to designate friends with email addresses as protectors, expanding the account recovery options within the Clave wallet.

Traditional Email Verification: DKIM

Traditional email protocols use DomainKeys Identified Mail (DKIM) to ensure data integrity. DKIM uses RSA key pairs, similar yet different from Web3 key algorithms.

DKIM Verification Mechanism

The sender's server generates a unique digital signature for each email using a private key and attaches it to the email header.

The recipient's server verifies the signature using the sender's public key provided in DNS records. Successful verification confirms the email's authenticity and security.

To achieve this mechanism, each email includes three components similar to blockchain signature mechanisms:

  • Message: The content of the email
  • Signature: Generated using private key, message, and signature function
  • Public Key: Used by the receiver to verify the signature

Moving Verification Mechanism to Blockchain

If the verification process could occur on-chain instead of the recipient's mailbox server, it could trigger a contract to recover private keys under the guardian's intent, utilizing the email to provide key recovery functionality.

However, directly verifying DKIM on-chain would compromise privacy, as each email contains a signature, message, public key, and sender's address. Additionally, blockchains do not inherently support RSA signatures, and the cost of verifying signatures could be high.

Hence, Clave's team needed an alternative method and chose to use zero-knowledge proofs to address these challenges.

ZKEmail Utilizes Zero-Knowledge Proofs for Privacy Protection

Through the on-chain ZKEmail protocol, which assists in verifying the DKIM mechanism, creating zero-knowledge proofs to prove messages originate from specific email addresses and linking directly to the email's on-chain address simplifies the integration of email and blockchain technologies, ensuring privacy and efficiency.

ZKEmail verifies DKIM off-chain and submits zero-knowledge proofs on-chain

Here is an overview of the ZKEmail protocol process:

  1. Users sign messages with their email addresses.
  2. Signed messages, signatures, and public keys are sent to verifiers.
  3. Verifiers verify the email's DKIM signature and generate zero-knowledge proofs based on the data.
  4. These zero-knowledge proofs are validated on the blockchain to establish on-chain account identity based on the email, facilitating recovery.

While the proof validation process consumes significant gas fees, ZKEmail usage primarily focuses on key recovery. Therefore, the costs are only incurred during recovery, minimizing impact on user utilization.