Additional options to recovery account

pdmitry · September 17, 2024, 6:19pm

Hey
Is it possible to set rules for recovering wallet access if a user loses access to their email or phone, such as using a backup email or other recovery methods?

thanks in advance

w3abot · September 17, 2024, 6:21pm

Hey Dmitry,

I understand you’re looking to set up additional recovery options for user wallets using Web3Auth’s Plug and Play SDK. As of now, you can set up additional recovery factors like a backup email or other methods, but the specifics of these features depend on the exact implementation.

For the best guidance tailored to your needs:

Please specify the methods of recovery you would like to implement (e.g., backup email, security questions, backup phone number).
Mention whether you have already tried any specific configurations or if you need help starting from scratch.

These details will help our support team provide you with the precise information and steps needed.

This response was generated by the Web3Auth Bot, and a person from the Web3Auth team will come and answer your query as well.

pdmitry · September 18, 2024, 9:51am

Hi, thanks for the replly
my answers below

I would like to have user with Backup email + Facial Authentication to be able to recover account
I do not have any configuration yet

Thanks

Ayush · September 18, 2024, 11:05am

Hey @pdmitry can you tell which SDK you are looking to use. If you are using PnP SDKs for any platform, you can enableMFA allowing users to set the Backup Email, Phone number, or Authenticator App to recover the account. You also mandate the 2FA, you can checkout the docs: Multi Factor Authentication with PnP Web Modal SDK | Documentation | Web3Auth

Facial authentication is not possible using PnP SDKs as of now, you’ll have to use the low level SDKs to have more customisation option such as tKey SDK which is part of enterprise plan.

pdmitry · September 20, 2024, 3:07pm

Hey @Ayush thanks for answers
As I understand correctly with tKey we can create a share for Backup email + Facial Authentication
So it might work as follows?

Data to Store

Second Email and OTP: Stored securely after email verification.
Facial Share: Stored securely either on the device (e.g., Secure Enclave) or backend with encryption derived from Face identification
Recovery Process
User enters the second email → OTP verification.
User completes facial recognition.

The tKey is reconstructed using the second email share and the facial share, granting access.

thanks, Dmitry

pdmitry · September 24, 2024, 12:45pm

hey @Ayush could you please with answer for questions above?
thanks
Dmitry

Ayush · September 24, 2024, 1:20pm

Yes, @pdmitry that’s correct understanding

system · October 8, 2024, 1:21pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.