Overview

Invented by Dr. Leemon Baird, Decentralized Recovery (DeRec) is a novel method that safeguards a user’s secrets (a list of passwords, a blockchain account key, some images, etc.) in a way that they can be recovered in case the original records of them are lost or forgetten. A DeRec application on a user’s device turns a secret that belongs to that user into a series of smaller indecipherable fragments called “shares” and then distributes those shares to the user’s handpicked group of DeRec Helpers. 

Helpers are trusted individuals or organizations who, with the help of the DeRec Protocol, securely store these shares on their devices and systems. The DeRec app contacts all the Helpers periodically (typically, once a day but it’s up to the app developer) to make sure the Helpers are reachable and the shares are safely stored according to the Protocol’s specifications. If the user loses their secrets, say because they lost the device on which their secrets were stored, they only need to contact half of their original Helpers to retrieve the previously stored shares. Upon receiving these shares, the DeRec app cryptographically reassembles them and recovers the secrets that were lost. The DeRec Protocol and applications are designed such that a layperson can use them safely without being crypto-savvy or a technical expert. 

Details

Imagine Alex, a layperson interested in securing his private keys for various ledgers like Bitcoin, Ethereum, Algorand, Cardano, Hedera or Ripple. Or, he could have a set of passwords for various websites that he wants to store in a file that’s for his eyes only. Alex could store that file on his smartphone since, presumably, he is the only one who has access to the device. However, a concern arises: What if Alex loses his phone? How will he get those secrets back?

To ensure that he has access to his secrets if he loses his device, Alex will need to make a backup copy of his file and store it somewhere else. But securing multiple copies of that file is hard as well. What if somebody else gets access to a backup copy? Furthermore, the manual process of keeping the backup copies up-to-date whenever the main file is updated can quickly turn into a logistical nightmare. LIke other manual processes, it’s a process that doesn’t scale well. 

The Decentralized Recovery (DeRec) Protocol addresses this problem by automatically splitting Alex’s secrets into a collection of encyrpted fragments known as DeRec Shares. It then distributes those Shares across a group of hand-picked DeRec Helpers in a way that the Shares can easily be recalled and decrypted for reassembly into the original secrets. Each of the Shares is independently indecipherable and is therefore of no use to the Helpers, hackers or other malicious actors.

Alex’s network of DeRec Helpers will likely consist of his friends, family,  and other trusted parties, none of whom need to know who the other Helpers are. Only Alex and the DeRec-compliant app on Alex’s phone know who the Helpers are. If less than half of Alex’s Helpers were to somehow discover each other and collude, the Helpers would still be unable to access Alex’s secrets. Once the Shares are distributed to Alex’s Helpers, the DeRec app periodically checks-in with the Helpers to ensure that the Shares are properly stored and continuously available for retrieval. 

If Alex were to lose his device, he can simply get a new device and install the DeRec application on it. He can then contact half of his original Helpers to retrieve enough of the Shares (at least half) for decryption and reassembly of his secrets. 

Other Approaches

Alternative approaches such as social recovery exist to address this problem, particularly when it comes to blockchain accounts on Ethereum. In social recovery, multiple “guardians” secure a signing key for Ethereum transaction approval. If users lose their key, they can seek assistance from their guardians to change it. To achieve this, each guardian must log on to some webpage and sign the user’s recovery request to approve it. However, this approach has certain limitations and potential security risks. 

Decentralized recovery presents a more secure, versatile, and blockchain neutral alternative that can protect any secret; not just the private keys and mnemonic recovery phrases associated with blockchain accounts. 

Security Comparisons 

Using social recovery, when a user needs to recover their signing key, the guardians must sign a special transaction to approve recovery. Once this step is complete, the majority of the user’s guardians’ information is revealed to the world. Anyone who views the transaction on the blockchain will be able to see that a user with address x was using social recovery, and just recovered their signing key with help from guardians whose addresses are also revealed. This information leakage can paint a target on both the user’s and the guardians’ backs and make them vulnerable to social engineering attacks. 

Technical Comparisons

Social recovery is also limited to securing keys on the Ethereum network. The DeRec Protocol can be supported in any wallet or application to protect keys on any distributed ledger network. It can also be used to protect more than just keys (e.g. passwords, mnemonic phrases, photos, notes). This versatility enables a wide range of use cases and ensures comprehensive asset protection. 

Furthermore, social recovery requires that users and their guardians have Ethernet Name Service (ENS) names or Ethereum addresses. In addition, social recovery requires a high degree of technical competence on behalf of both the users and guardians. This requirement poses challenges for everyday users who are unfamiliar with cryptocurrencies or blockchain technology. Decentralized Recovery can be used by anybody who can operate a phone, without advanced blockchain knowledge. Users must only know what they want to protect and who they trust to help them recover their secrets should they lose their device. Decentralized Recovery was designed to allow someone with minimal knowledge about blockchain or cryptography to protect their secrets, whether the secrets are passwords they tend to forget or photos that they want to keep safe. All they need to remember to recover their secrets is half of their Helpers