๐ก๏ธ4337 Account Recovery Architecture
Last updated
Last updated
The user's EOA address is not lost. If there is a risk of private key leakage from the wallet, the AA account can be directly reset through the wallet's private key, binding a new EOA address to the AA account.
This scenario is the safest way to manage private keys, just like all current private key management. However, the assets cannot be recovered once your private key is lost. If the private key on the user's phone is lost, it will be impossible to manage the AA contract account. Without a set guardian address, resetting the EOA address bound in the AA contract account is impossible. This will make the assets in your AA contract account inaccessible and irretrievable.
Please consider carefully when deleting the guardian address operation to prevent asset loss!
Firstly, the platform provides TSP address as the guardian address for users to conveniently and securely recover the private key. After user registration, the TSP address is automatically set as the guardian address for the user's account. The account can be recovered using the default guardian address when the private key is lost.
If users do not trust the TSP platform, they can choose to set a custom guardian address using the ERC-4337 social recovery method. The ERC-4337 standard simplifies the user experience, enhances security, and improves the modularity of the protocol. Users can select a group of individuals they trust, and these individuals can use their private keys to recover the user's account in case of private key loss. The security of this method depends on the trustworthiness and security awareness of the selected group of individuals.
Therefore, users no longer need to worry about writing 12 words on paper. Instead, they can add and remove devices and provide recovery options with friends or lawyers, which gives them a bank-level user experience. Even if they lose their password, someone can assist them in recovering their bank account at any time.
When the private key is lost on the user's mobile phone, they cannot manage the assets in the AA contract account. In such cases, they can initiate an EOA address reset request and notify the guardian addresses to verify and execute the modification of the old EOA wallet address bound in the AA contract account to the newly submitted EOA wallet address.
The maximum number of guardian addresses that can be set is 5, and the user can determine the number of addresses to be verified during the reset process. Once the required number of guardian addresses is verified, any one of the guardian addresses can perform the reset task.
