[SEP 43][OBRA] ZK Email Account Recovery - ZK Email

[Discussion] Email-Based Account Recovery Initiative

Authors

• Aayush Gupta (aayushgupta5000@gmail.com, GitHub: Divide-By-0, Telegram: yush_g)
• John Guilding (Github: JohnGuilding, x.com)
• Sora Suegami (suegamisora@gmail.com, GitHub: sorasue77, Telegram: sorasue)
• Aditya Bisht (adityabisht64@gmail.com, GitHub: Bisht13, Telegram: Bisht13)

Created

2024-06-17

Abstract

This initiative proposes implementing a secure and efficient account recovery system using the Zk-Email SDK. The recovery method leverages guardian-based email verification, providing a reliable fallback for users who lose access to their accounts. The guide includes the entire setup, configuration, lifecycle management, and integration instructions for digital wallet applications. We will be EIP 7579 compatible, as well as work with legacy Gnosis Safes.

Proposal Details

Purpose and Background

The proposal aims to address the critical need for a reliable account recovery mechanism in digital wallet applications. Currently, users who lose access to their wallets face significant difficulties in recovery, leading to loss of funds and user dissatisfaction. This initiative uses guardian-based email verification, leveraging the Zk-Email SDK to create a secure and efficient recovery process, and allow users to use non-chain native users as guardians.

Edit: As of July, we have already created a working demo of an email recovery module for Safe 1.3 on Base Sepolia. You can follow the live demo at EthCC here. We’ve also begun an audit of our 7579-compatible module for Safe 1.4+ account recovery.

Effects and Impact Analysis

• Pros:
  • Provides a reliable recovery method, reducing the risk of permanent loss of assets
  • Lets users use non-chain-native users as recovery methods
  • Allows for very intuitive recovery process via email confirmations
  • Timelocks for 48 hours to avoid malicious fund stealing
  • Only relies on decentralized relayer infra with all MIT licensed OSS code, removing dependencies on zk email team
• Cons:
  • Requires trust in the DKIM keys of the users’ email servers
• Risks:
  • Dependence on email service availability and security
  • Implementation complexities and potential bugs in the initial rollout

Alternative Solutions

Alternatives like MPC or centralized social recovery were considered. However, these were discarded due to their security risks.

Implementation

• The initiative requires new code development using ZK Email, for both circuits and smart contracts.
• Security of the code will be ensured through audits by Ackee in Month 1 and Zellic in Month 2, along with concurrent user testing.
• Deployment across all safes will be completed by Month 3.

For code, we are doing our own implementation but with funding (how much % to implementation: 100%) – the implementation is finished as of July 2024 and is blocked on funding for audits.

Regarding requests for technical support through Safe matter experts, we are already in touch with the relevant experts.

• Who is needed? Wallet and 7579 folks.
• Did you reach out? Yes.
• Is there a roadmap? Yes, already communicated with them. Initial implementation complete and available to try at prove.email/recovery.

Funding Request

$50,000 USDC
July Edit: The quote came back as $75,000 USDC, but due to community feedback we have kept the original $50K ask.

Upfront Funding

Ideally 100% in order to fund audit. Can do in installments of 50% as well.

Relation to Budget

The requested funding represents 25% of the total budget allocated for Strategy 4. It is also eligible for Strategy 5, and Strategy 2 only has 15K left so will not work.

Metrics and KPIs

• Number of wallets integrating the recovery system
• Number of successful account recoveries
• User satisfaction rating
• Security incidents reported

Timeline and Milestones

• Month 1: Finish code, Ackee audit
• Month 2: Testnet deployments, Zellic audit with concurrent user testing
• Month 3: Deployment across all safes

Initiative Lead

Aayush Gupta (aayushgupta5000@gmail.com, GitHub: Divide-By-0, Telegram: yush_g)

Note that the initiative in question asking for grants here is ZK Email, and PSE/EF are not associated with receiving or asking for any portion of the grant.

Team

• Aayush Gupta - Steward at ZK Email, has been working on the tech for 1.5 years
  • Email: aayushgupta5000@gmail.com
  • GitHub: Divide-By-0
  • Telegram: yush_g
  • Twitter: yush_g
• John Guilding - Lead Smart Contract Dev, working for last 3 months on ZK Email account recovery
  • Github: JohnGuilding
  • Twitter: john_guilding
• Sora Suegami - Cryptography Researcher on ZK Email, working on the tech for 1.5 years
  • Email: suegamisora@gmail.com
  • GitHub: sorasue77
  • Telegram: sorasue
• Aditya Bisht - Lead Engineer at ZK Email, has been working for 6 months
  • Email: adityabisht64@gmail.com
  • GitHub: Bisht13
  • Telegram: Bisht13

Additional Support/Resources

No additional non-financial resources are requested from the Safe Ecosystem Foundation or core contributors.

Implementation Dependencies

No governance changes.

Open Questions

• How will user adoption of the guardian-based recovery system be encouraged?
• How can we closer collaborate on making the user interface as natively integrated as possible?

Copyright

Copyright and related rights waived via CC0. Code open source with MIT license.

@amy.sg the proposal grant doc clearly says June 17 is the deadline, and in Hawaii timezone I submitted by the deadline. It would be preferable to have clarity around deadline time in the future.

Hi @yush_g thanks for the feedback.

We have it documented in our Governance Hub, with exact times per season laid out here, and as support, include it in our communication on each proposal in Phase 0 that is close to the deadline (as exemplified here), but will update and include it in the funding document as you recommended. For future note, we always go by UTC as we have a global community.

Let us know if you have any questions beforehand. Hope to see your proposal in the next cycle.

Got it. Do I have to make a new thread for the next sprint (Season 3, Sprint 2) by July 8, or can I reuse this one?

Hey @yush_g,

You can go ahead and submit this thread into Phase 1. I updated the tag for you.

Here is the timeline for the next sprint. It officially starts July 8th and you have until Monday, July 22nd at 23:59 UTC to get signal from at least 3 delegates/guardians with cumulative voting power of 60K (details outlined in our governance hub and as exemplified here).

Please note: there is no upfront funding available for requests greater than 10K

Welcome to Sprint 2 - We usually have Phase 1 proposals present at the Governance call which is next Wednesday, July 17th at 16:00 UTC. Can you make it? If so, please let me know and I will add you to the agenda.

Original: We should be able to have a representative there.
Edit: Yes, we attended the call.

Sounds good. I’ve added your team to this Wednesday’s agenda.

Please DM me here/Discord (@amy_safe) your email to add to the calendar invite or your team member can add directly to the calendar invite.

I am a Safe Guardian with sufficient voting power , and I believe this proposal is ready to move to a vote.

@yush_g Following up here. Please confirm if your team will be attending. Thank you!

Links from the governance call presentation:

• EthCC talk from Aayush and myself: https://ethcc.io/archive/ZK-Email-Decentralized-Email-Login-Account-Recovery-2FA
• Website: https://prove.email/
• Basic docs: Account Recovery | ZK Email
• More extensive email recovery docs in this readme: GitHub - zkemail/email-recovery: Use ZK Email to do account recovery for any smart wallet, including 7579 and 4337 support.
• Docs in this readme for lower level zkemail contracts including circuits: GitHub - zkemail/ether-email-auth: A user of on-chain apps can authenticate that the user is a correct holder of the specific email address and authorize anything described in the email.

Note that the updated audit quote to support both Safe 1.3 and 1.4+ is 75K, not 50K. We know the max for this round is $50K – it would be great to get a sense of if you expect there to be an extra $25K available from this round or other sources.

Hey @yush_g as mentioned in the governance call, here is the breakdown if all proposals make it:

Strategy 1: 100K left (No change/ None requested)
Strategy 2: 15K left (75K requested)
Strategy 3: 54.1K left (24K + 15.4K requested)
Strategy 4: 50k left (50K requested)
Strategy 5: 56K left (28K requested)
Wildcard: 50K left (50K* requested)

Hello, unfortunately this proposal did not receive sufficient signaling from Guardians and Delegates to move onto Phase 2: Voting on Snapshot.

You may propose again at a later sprint (earliest is Season 3, Sprint 3 on August 5th).

It sounds like we’ve still got a few hours left till the deadline of midnight UTC on Tuesday? I’ll try to ping some delegates…

Tagging @karpatkey @bh2smith @auryn @Nneoma_StableLab @LuukDAO @kdowlin @adamhurwitz.eth – I know you all have sufficient voting power, and might find email-based account recovery for Safes compelling. Is this a proposal you would be willing to back for the next sprints deadline, and if not then how can we improve it?

Hey @yush_g Can you let me know where you read the Tuesday timing so we can adjust in case that’s written somewhere? The deadline was Monday.

You may propose again at a later sprint (earliest is Season 3, Sprint 3 on August 5th).

Oh, I missed this earlier! I have enough voting power and think your email-based account recovery for Safes is really compelling. I’d be happy to back this proposal for the next sprint’s deadline.

Apologies for the slow reply. I’m very much onboard with this proposal. Not sure if this reply is too late, but as a delegate with sufficient voting power I think this proposal is ready for a vote.

@amy.sg how can we move this to Season 3, Sprint 3 – are there any edits I need to make? It should have enough voting power now to move to snapshot, right?