Our Vault

100% non-custodial on-chain social recovery. dApp users on FVM can set up a group of trusted addresses who can sign as a group to recover any secret, such as a crypto seed phrase, 2FA Authenticator recovery code, chatGPT4 API key, anything! Setup entails creating your own smart contract (vault room) in one click. In your vault room, you or any guardian can backup a secret by creating a Vault. Each vault is comprised of soul-bound NFTs belonging to your guardians. To initiate recovery, ask a guardian to sign a transaction to kick things off. Each guardian decrypts the NFT data, and re-encrypts with a shared secret password. This could be a security question / answer pair, OR a random nonce beamed directly from the guardian's browser to yours. Decrypt each shard in your browser, and you have your secret, visible to only you! (We didn't quite get to build the whole product, but we included a demonstration page of the sound cryptography that works behind the scenes.) It is well thought out and there is enough specification to build a complete product using our novel double-encryption approach, eliminating the need for any kind of server-side state or storage.

The choice to stick to web3 only instead of opting for onboarding web2 UX is based on having a solid foundation. User-friendly account abstraction and multi-part-computation could be built on top, as everything speaks the same cryptographic language. Powered by IPFS, FVM, and the magic of SHAMIR's backup share math.

It's a dApp built with React using Vite, Wagmi libraries. Hardhat powered the smart contract development. Soul bound nft's on FVM for each encrypted shard point to permanent pinned IPFS addresses. The hacky part was juggling a range of dependencies, including a robust shamir library that is pure JS from 4 years ago. There was some window global object setting and getting in order to get everything to play nice with the Vite bundler environment.