fluidkey
Wallet attribute: Account recovery
One of the core components of Vitalik Buterin's "What I want to see in a wallet" is the ability for the user to recover their wallet. We should indeed ensure wallets do something about this.
For EOAs, this is probably some form of nagging/reminder to back up the seedphrase, or forcing positive user confirmation by requiring the user to type back (some of) the seedphrase during setup, or later after initial onboarding.
For smart contract wallets, this is a bit more complicated. There is no strong prominent ERC or best practice for wallet here. Per our 2025-06-22 meeting, the consensus is that we should require such wallets to have some sort of "recovery module", or allow the user to permissionlessly add one to the wallet. Such a module could allow self-sovereign recovery, by allowing the user to sign a transaction that the wallet recognizes and executes as a key rotation request. zkEmail would be one such option as a recovery vector.
This requires the following feature data:
- Whether wallets come with a recovery module already set up
- Whether wallets permissionlessly allow a user to add in a recovery module to their existing wallet
- Can either of these recovery module be used self-sovereignly and privately?
The "can you recover your account permissionlessly" part of this was implemented as part of the Account Portability attribute. There is still another aspect of it, which is "does the wallet make it easy to recover your account at all" which needs to be defined as a separate Security attribute.