V God: Why We Need Widespread Adoption of Social Recovery Wallets

On January 11, Ethereum founder Vitalik Buterin published an article on his blog stating that the current theft and loss protection features of cryptocurrency wallets are far below actual needs, often clumsy and difficult to use, resulting in extremely low usage rates. Therefore, Buterin pointed out that a better alternative has recently emerged in the industry: a new type of smart contract wallet called social recovery wallets.
Buterin stated that hardware wallets still face risks of supply chain attacks and single points of failure. While mnemonic phrases help prevent loss, they do nothing to prevent theft and are not user-friendly enough. Therefore, users need a wallet design that meets three key conditions:
First, there should be no single point of failure; second, there should be a low mental burden, requiring users to learn unfamiliar new habits or exert mental effort to always remember and follow certain behavioral patterns as little as possible; third, there should be maximum transaction convenience, with the energy required for most normal activities not being significantly more than that of conventional wallets (e.g., Metamask).
Thus, the article introduces social recovery wallets, which operate mainly in two parts. First, only one signing key is used to approve transactions; second, there are at least 3 (or more) guardians, most of whom can cooperate to change the signing key of the account.
Users can add guardians by entering their ENS name or ETH address, and after the latter signs the transaction on the recovery webpage to agree to the addition, users can successfully add guardians to their account address.
In all normal circumstances, users can use their social recovery wallets as simply as a regular wallet and sign messages with their signing key, allowing each signed transaction to be quickly completed with a single confirmation click.
If users lose their signing key, the social recovery function will be activated. Users can directly contact guardians to request them to sign a special transaction to change the registered signing public key in the wallet contract to a new signing key.
After that, guardians can simply go to a webpage like security.loopring.io, log in, view the recovery request, and sign it. For each guardian, this is as easy as making a Uniswap transaction.
Common guardian choices can include three types: first, other devices owned by the wallet holder (or paper mnemonic); second, friends and family; third, institutions that will sign recovery messages upon receiving confirmation of the user's phone number or email, or verify identity through video calls in high-value cases.
However, to reduce the risk of attacking guardians and collusion, Buterin suggests that users do not need to publicly disclose the identities of their guardians and recommends choosing a variety of guardians from different social circles (preferably including an institutional guardian).
If a user experiences death or permanent loss of work capacity, this will be a socially recognized standard protocol, allowing guardians to publicly announce themselves so that they can find each other and recover the user's funds in such cases.
Currently, the two main wallets that have implemented social recovery features are Argent wallet and Loopring wallet. They both currently face two major issues: reliance on relayers to resolve transactions and high transaction fees, but these can be addressed by moving the ecosystem to Layer 2 protocols, such as ZK rollups.
Buterin also stated that this solution may be seen as a betrayal of the value of the blockchain and cryptocurrency industry, but such criticism stems from a fundamental misunderstanding of cryptographic technology.
"For me, the goal of cryptocurrency has never been to eliminate the need for all trust. On the contrary, the purpose of cryptography is to enable people to access cryptographic and economic building blocks, thereby providing more choices of trusted entities and allowing people to establish more constrained forms of trust: empowering someone to do something on your behalf does not give them the power to do anything."
"In this light, multi-signature and social recovery systems are a perfect expression of this principle: each participant has some influence over accepting or rejecting transactions, but no one can unilaterally transfer funds. Compared to situations where funds must be unilaterally controlled by one person or key, this more complex logic can make the setup much more secure," Buterin stated.