Our setup requires 2/3 shares for access reconstruction.
We observed that many users passcode / security question answers have not been properly been saved.(similar to this) Also their device share is not available.
As a result they only have access to provide 1/3 shares.
We are trying to find a way through which we can reset the security question for a user & help them get access to their account securely. We attempted to delete the security question share, as mentioned here: Using tKey JS SDK | Documentation | Web3Auth
But as you can see in the screenshot, it suggests we need the private key for using the method.
The private key will only be available when the user logs in, which is not possible due to unavailability of sufficient shares.
Kindly help us figure out a way to conduct this smooth & securely.
Are you using the manual sync mode of tKey? If that’s the case, make sure your account is synced with the metadata for the passcode to be configured properly. For general methods, the security question should be correctly setup if you’re awaiting the calls. Also make sure to check the key details after configuration to avoid such issues.
Talking about this particular problem, as you mentioned only 1/3 shares is present and there is no way to get the other 2 shares. Unfortunately in such cases there is no way of recovering the account. Because of the non custodial nature of our SDKs, we do not store any data for the key, and it solely relies of the share management. You can reset the account, however that will change the key and address of the user.
Unless the threshold is fully achieved and the private key is reconstructed, there is no way you can delete the security question share.
@yashovardhan we have not used Manual Sync so far. We are using the autosync, I think there must be some issue with that, causing the data to get not stored properly as a result - throws the error. Will try to use manual sync.
Could you point us to the methods that would can be used to validate whether the metadata has been sync properly ? I do see the manualSync flag, but would like to know if there are any check methods we can request from the web3auth nodes, to ensure the data is backed up properly without any issues.