Content
@
0 reply
0 recast
0 reaction
Dogan
@doganeth
We just have developed PoC with a new social recovery plugin that uses ZK-Email to enable to use of any Email addresses as a guardian. This is just an another usecase of ZK-Email. Super excited for that! https://warpcast.com/getclave/0x6e7d9e1a
4 replies
2 recasts
11 reactions
Wilson Cusack
@wilsoncusack
Nice! Does this follow ERC 7522? Email recovery is great, but then if someone can also takeover my account just from my email, it’s kinda scary 😬
1 reply
0 recast
0 reaction
alim.clv.eth - clave
@aalimsahin
I think 7522 remains very specific. It would be much better to have a more general standard for authenticating emails specifically. Because more usecases will emerge every day.
1 reply
0 recast
1 reaction
alim.clv.eth - clave
@aalimsahin
I also agree that these methods are scary. I think this is true for all the methods. That's why we have divided the recovery process to two. The first is to start the recovery, the other is to execute it. In this way, if an undesirable situation occurs, the user can cancel the execution process before it is completed.
1 reply
0 recast
1 reaction
Wilson Cusack
@wilsoncusack
Got it, so fair to say this is useful for total loss of key material but not hacks? Cause if hacked attacker can just cancel?
1 reply
0 recast
0 reaction
alim.clv.eth - clave
@aalimsahin
No, the attacker cannot cancel it. Only the user can cancel. Guardians can only initiate Recovery. Recovery can be canceled by the user within a certain period of time. This way, the recovery method compromised by the attacker can be removed.
1 reply
0 recast
1 reaction
