We proposed a way to develop a self-custodial email/password authentication via DKIM
Hacking culture is strong in the Ambire team, so last week felt like a hackaton on its own at our HQs, as the dev team developped a proposal for the Ethereum Foundation's Account Abstraction Grants 2023.
We proposed a way of enabling an email-based recovery mechanism that is very secure, doesn’t compromise on self-custody and unlike the current solution, doesn’t require a timelock.
About the Grants
In February The Ethereum Foundation launched a new grants round to encourage development, research, and education around Account Abstraction and the necessary infrastructure to support it.
While Account Abstractions frees the design space for user experience and wallet innovation, the community still needs to build and establish a set of standard interfaces without compromising on decentralization and censorship-resistance.
- The Ethereum Foundation
Being among the most active teams in the AA space, we decided that the grants provide an opportunity for our team to develop an interesting concept that we've been researching recently:
Self-custodial Email/Password Authentication via DKIM
Ambire is a web-based account abstraction wallet launched in late 2021, the first to offer self-custodial accounts creation using email/password authentication, thanks to an underlying 2/2 multisig.
After one year of running on Mainnet and other EVM networks, we believe that email/password accounts demonstrate how account abstraction makes Ethereum more inclusive. We found out that email-based registration is perfect for onboarding people who aren't technical or patient enough to deal with seed phrases or browser extensions.
When using email/password signers, Ambire creates a 2/2 multisig under the hood for you, where one of the keys is on your device and encrypted with the password, while the other is responsible for verifying email confirmation codes and “lives” on a back-end HSM. Both keys are necessary to control the account, but one is enough to trigger the time-locked recovery procedure.
We provide a recovery option for email/password accounts in case the password or email access is lost. If a transaction was signed with only one of the keys, the contract triggers a time-lock recovery for 72 hours. After 72 hours, the missing key from the transaction will be replaced with a new one provided by the user in the same transaction. (For more details, read our security model or more generally, our whitepaper.)
Right now the private key related to email is managed by Ambire’s back-end. Also the user experience of time-lock transactions is not native for the Web2 world and often confusing, especially when combined with a cross-chain experience, where you have to trigger the time-lock on each of the networks you use.
With our Account Abstraction Grants 2023 proposal we want to implement email recovery with DKIM. With this we will provide option for the user to not share any sensitive information with the wallet provider. Additionally, it will allow the time-lock to be dropped.
How Ambire saved $186,000 worth of user funds thanks to account abstraction
For our submission we ran some calculations to test the hypothesis that email registration and password retrieval is actually useful for users and here's what we found:
62% of all registered wallets since we released Ambire were created with email multisig signers. However, they account for appr. 1/5 of all TVL. We can conclude that people favouring email registration hold smaller funds and are probably new to Web3 and experimenting/learning. Traditionally, this group is the most vulnerable one to funds loss due to inability to recall seed phrases or private keys.
Using our account recovery mechanism, our users regained access to 117 accounts holding $186,000 - funds that would have otherwise been lost.
All of this shows that the Account Abstraction implementation in Ambie Wallet is already achieving the goal to onboard new people to Web3.
Interested in Ambire? Follow us: