In this article, I have summarised seven questions about the Social Recovery Wallet (Smart Contract Wallet) and the answers to those questions. Thanks to Jason from the UniPass team for his contribution to this article.
Technically speaking, social recovery is one of the functional modules in the account abstract. A social recovery wallet is generally a smart contract wallet, but a smart contract wallet does not necessarily include social recovery functionality.
A smart contract is a set of codes deployed on the blockchain, and different smart contracts can implement various functions. For example, UniPass and Argent support social recovery, while Gnosis Safe only supports multi-signature, and several other smart contract wallets also serve specific purposes.
Given the diversity of smart contract wallets, this article will only look at 'distributed hosted smart contract wallets' that offer social recovery features such as email for massive adoption purposes.
As Solidity is a Turing-complete language, theoretically, many features can be implemented in a smart contract wallet. As mentioned, the social recovery wallet is based on a smart wallet. Different wallet providers have designed various features, so this article will only list some of the features of the leading smart wallet solutions.
Account abstraction: based on account abstraction, it is possible to verify signatures, multiple ownership, change private keys, set private key weights, et al.
Security policies: setting account permissions, whitelisting trading accounts, setting transfer limits et al.
Wallet recovery: recovering control of the wallet through social or other means, setting "death inheritance", et al.
Contract features: bulk transfers, fee payments in lieu, payment of fees using multiple tokens, et al.
In addition to these, smart contract wallets can perform several unique functions. For example, Instadapp's smart contract wallet allows quick DeFi operations, such as one-click collateral conversion based on AAVE. However, this article focuses on social recovery wallets designed for large-scale application purposes, so it will not be covered here.
Account abstraction is the core value of a smart contract wallet. "The term 'account abstraction' is inherently abstract and is simply understood as a way of splitting up the EVM account system so that it can be modularised to enable functionality that was previously unavailable". **Like I mentioned before, social recovery is also a feature of account abstraction.
The EVM system has two types of accounts: EOA (Externally Owned Accounts) and CA (smart contract accounts). The EOA is an externally owned account, which can also be understood as a public or private key wallet.
EOA wallets face many problems, such as the user does not own the account, only owns the private key, and the private key owns the account. When the private key is compromised or lost, the account no longer belongs to the user. In order to meet more demanding scenarios, developers try to use smart contracts as an account and to deploy more logic within the smart contract; this is called account abstraction.
Under account abstraction, the address is no longer a private key but a set of account logic that can be modularised to suit the needs of different users—for example, the aforementioned multiple signatures and social recovery.
Let's take Argent, a leading smart contract wallet, as an example. Argent's solution allows users to add other Argent users (e.g. friends and family) as their guardians, but this also requires them to reveal their addresses to each other. Exposing addresses also means exposing assets and user transactions, which opens up the possibility of social attacks and can cause new problems.
Smart contract wallets are a series of logic, so there are several ways to solve this problem. On the one hand, zero-knowledge proofs can be introduced into the contract to ensure verification is completed without exposing either party. On the other hand, social recovery wallets also incorporate more off-chain world factors to solve this problem, such as UniPass' email DKIM signature checking.
Inevitably, users must disclose information about themselves to the wallet's provider, such as their email address and mobile phone number when using Argent. But since we're talking about a mass adoption scenario, we'll assume that these are acceptable to the user.
The challenge with Social Recovery Wallet is its reliability and compatibility. Reliability refers to how stable the service is and whether it can continue to run without fail. Compatibility, on the other hand, refers to whether or not the app chain, or app, is compatible with smart contract wallets. Here are the mainly issues:
Whether the wallet service provider can guarantee that the relay is online and provides a stable service.
The more complex the smart contract, the more difficult it is to audit and the higher the likelihood of risks.
Smart contract wallets need to be deployed separately by the service provider on each sidechain and app chain
Application developers need to optimise specifically for smart contract wallets.
Social recovery wallets still face significant challenges, the biggest of which are compatibility issues. In fact, in the early days, a large number of GameFi projects prohibited smart contract wallets from exchanging with them because they couldn't investigate the logic of smart contracts, and some exchanges didn't support smart contract coin depositing.
From my experience, when we were developing on Flow blockchain, we encountered a particular performance issue. The user has to wait a long time for confirmation after initiating a transaction because the relay nodes we deployed could not handle the sudden influx of users. This problem also occurred when users were using third-party wallets, and the experience was abysmal due to the lack of load on the wallet's relay nodes.
An article by Youbi Capital published in November 2022 ("Bringing Web2 users to Web3 - the future belongs to the unaided word wallet") compares in detail several solutions for unaided word wallets currently on the market, including MPC wallets and wallets with social recovery.
This article summarises and compares MetaMask, web3auth, Magic, Sequence, Particle Network and UniPass, with UniPass and Sequence falling into the social recovery wallets we discussed earlier. The solution of UniPass scored highest in all six areas of functionality, Gas cost, uncustody, security, replacement devices and latency, and was also more balanced.
In addition to the ones mentioned by Youbi Capital, Argent, which received the nod from Vitalik, is one of the more mainstream social recovery wallet providers today. However, it has chosen to embrace zkSync and StartNet for multi-chain support and does not support EVM-compatible chains such as Optimsm and Arbitrum for now.
The Social Recovery Wallet and the MPC wallet are solutions that are often brought up when discussing large-scale applications, but they don't actually solve the problem on the same level.
The MPC wallet solves the problem at the level of the private key, it does not abstract the account itself and does not offer the rich functionality of the smart contract wallet. But equally, while the Social Recovery Wallet can offer a rich set of modules, it also creates certain compatibility issues.
I conclude by briefly comparing the advantages and disadvantages of the MPC Wallet and Social Recovery Wallet.
Compatibility: MPC wallets are well compatible with multiple chains (whether EVM or not) without requiring any modifications by the application developer, whereas smart contract-based wallets have more challenges in terms of compatibility.
Cost of use: social recovery wallets are more suitable for Layer 2, due to the additional gas cost of smart contracts, which is very expensive on the Ethereum mainnet.
Functionality: Account abstraction allows for many features that MPC wallets cannot, such as pay gas in alts; however, I am more in favour of a protocol layer solution than an application layer solution, with the new generation of public chains such as Near and Flow coming with account abstraction, and EVM-compatible chains such as Fantom actively addressing the protocol layer.
Recoverability: MPC wallets are irrecoverable once the intact private key has been compromised, but the likelihood of this is slim
Availability: both sides rely on centralised nodes, but social recovery wallets also rely on relay nodes
Security: social recovery wallets contain smart contract logic, which carries some risk. The risk is also exacerbated to some extent by the fact that smart contract wallets require application contracts for compatibility.
Personally, I think MPC wallets will outperform social recovery wallets in terms of application scale, especially in the high-frequency, low-value application scenarios that arise from gaming-based applications. At the same time, social recovery wallets have better applicability in high-value, low-frequency scenarios such as DeFi.
But I want to emphasise that my opinion is an intensely personal judgement, and I prefer that you focus on the objective facts explored in this article.
Lastly, I want to conclude that, whatever the case, it is worth getting excited about: massive adoption is close at hand.
Arthur: ccrunchen.eth
Publish: 2023/01/23
Last modified: 2022/01/23