Smart Contracts for User Identity and Asset Recovery Features

Jan. 31, 2017, 5:22 p.m. | Xenia Temchenko

Global cryptocurrency community celebrated New Year of 2017 with the news about Bitcoin reaching $1000 mark and coming close to breaking its previous record of 2013 and continued with the news about Bitcoin being a possible solution for countries in crisis, like Venezuela or Nigeria. To cut to the point, cryptocurrency gains more popularity and gets wider adoption.

Due to increasing interest in decentralisation Blockchain gets more recognition for the issuance of currencies and other assets like shares of a company.

As you probably know, blockchain transactions are authorized using digital signatures instead of login and password. Digital signature is a digital fingerprint of someone's digital identity. Digital signature can be generated during the process of registering a crypto wallet or by an exchange. While the procedure of creating a digital signature is simple, there is a problem that the majority of users aren’t aware that the key is unique and only you have a copy of it. A considerable amount of users aren’t well-acknowledged or aren’t used to working with cryptography and they often lose their keys, forget passwords, etc. Consequently, now and then we come across some dramatic news that a certain user has “lost” a significant amount of assets as a result of losing their key (i.e. lost access to their account).

Fortunately, a solution has been developed by Ambisafe in cooperation with blockchain security company SecondFactor.io for restoring access to blockchain assets even when the key is lost. So now we have a backup plan for users for the cases when something went wrong. With Secondfactor you can rest assured that you can still regain access to your assets after proper identity verification.

Secondfactor as a recovery provider delivers the recovery service with the help of smart contracts (smart contract is a code that defines rules and penalties around the agreement and automatically enforces those obligations, omitting the need in a third party. Basically, it plays the role of a notary if the notary was an algorithm instead of a person). When a user creates a crypto wallet powered by Ambisafe technology, he also goes through registration and authentication process with  Secondfactor. It happens almost invisibly on a backend. Along with a phone number recovery provider will requests user’s address and e-mail. In the process of registration, a recovery provider performs a transaction with user’s data to be written into the recovery contract, which is stored in blockchain. All mentioned above allows forming a reliable connection between a user and a recovery provider.

    We form 3-party multisig wallet that looks like shown below:


 

When user wants to recover his account, he goes through multiple authentications - with wallet provider and with recovery provider. Each service authenticates user independently from each other. This approach guarantees that if one of the companies was hacked another one’s security measures will not let the attacker steal the assets.