Vitalik: How to choose guardians for multisig wallets and social recovery wallets?
Original title:How I think about choosing guardians for sig and social recovery wallets
Original Author: Vitalik Buterin
Original compilation: Qianwen, ChainCatcher
Original compilation: Qianwen, ChainCatcher
Multi-signature wallets (such as Gnosis Safe) are an easy and secure way to store funds, allowing you to enjoy most of the benefits of self-custody - when the seemingly trustworthy centralized entity becomes untrustworthy, your funds Nor will it go missing. But at the same time you don't need to bear the risk of being responsible for the entire security setup. I personally use a multisig wallet to store most of my funds, as does the Ethereum Foundation.Soul WalletAnother similarity to a multisig wallet is a social recovery wallet - a single key can be used to sign transactions, but if that key is lost, a set of keys held by someone else can be used to recover funds. Social recovery wallets are easier to use than multi-signature wallets, especially the rise of ERC-4337 account abstractions, soul wallets () is coming soon and will make the technology even more user-friendly.
Once the social recovery wallet becomes mature enough, my suggestion is to use the social recovery hot wallet to store a small part of the individual or organization's funds; use the multisig as a cold wallet to store the individual or organization's savings.
Both multisig wallets and social recovery wallets rely on the notion of a "guardian": a set of N addresses, usually held by others, of which any M addresses can approve an operation (for example, one can set N=6 and M=4). In the case of a multi-signature wallet, each transaction must be signed by M of the N guardians. In the case of social recovery wallets, a single key can sign transactions, but if that key is lost, M of the N guardians must sign a message to reset the key.Two key questions in using multi-signature wallets and social recovery wallets safely are: (i) who do you choose as guardians, and (ii) what instructions do you give them?
This post will outline how I think about it, most of which should apply equally to multisig and social recovery wallets used to secure personal and organizational funds.
What do we want from Guardians?
Minimize their chances of losing their keys.
Minimize the chances of them colluding to steal your funds or being coerced into doing so.
In cases where the above two risks are unavoidable, the risks of each guardian should be as uncorrelated as possible - you want to minimize their commonality, because this common risk may lead to risks that make many of your Guardians are also disabled or affected.
The answer to this question is simple, but it guides all my choices in Guardians:
The guardian can be your own device, but don't let too many devices become your guardian.
First of all, at least one guardian will be a wallet on your own device, which is normal. After all, this is your own funds, and there is no reason why it will affect decentralization. However, once you have more than one guardian under your control, you face a tricky conundrum: you trust others less and concentrate more power on yourself, if you are hacked, coerced, Incapacity or death, which may create risks.My experience is that there should be enough guardians under the control of others.If you disappear, there are enough other Guardians to recover your funds.In other words, you should control at least one guardian and at most NM guardians.
Also, each keeper should be on a separate device (laptop, phone, old phone, etc.).
Choose a guardian that you don't talk to often, or preferably one you don't know.
Ideally, the guardian should not know who the other party is. This greatly reduces the risk of their collusion, plus they have no good reason to know each other. If something happens to you, they'll still be able to find each other because there are some obvious standard procedures that people naturally think of in this situation (contacting your family, for example).Also, you want to reduce the dependencies between guardians as much as possible:
Don't choose two Guardians who live in the same city (or even preferably the same country), or two Guardians who use the same type of wallet, and balance between different operating systems.
Guardians should ask a security question before approving an operation:
When you ask guardians to approve an operation for you (in multisig, a transaction; in social recovery wallets, rekeying your account), they shouldn't start doing it right away. This is a disaster for security: if someone hacks your chat account, they can scan your messages, find out who your guardians are, contact each of them and ask them to confirm, thus stealing your funds .To avoid this, my preferred process is to instruct the Guardian to ask a security question.
When you ask to confirm your actions, Guardians should ask you something that only the two of you and very few others know (e.g., "What food did we eat when we last met?"), only if you give The operation is confirmed only when the answer is correct.
A natural choice would be a voice or video call, but in an age where artificial intelligence has gotten good at fakery, that's less believable, so you might want to combine a voice/video call with asking some sort of security question.
If you're a "Degen Veteran", make sure your Guardians have quick reflexes. Otherwise, you don't have to make this request.If you are doing something risky with on-chain contracts, you may need to act fast: If the contract has a loophole, pull the funds out. If you're about to be liquidated, move the money out, etc.If you have these needs, then you want to find guardians who can move quickly on short notice (and thus also guardians in different time zones, so that there are enough guardians to complete transactions at all times) to protect your funds .
However, if you don't do this sort of thing, then speed isn't particularly important, and in fact might even be somewhat harmful, since convincing people to act urgently is a common social engineering tactic for hackers, and if people resent the ethos, it might be the opposite. kind of a good thing.
Test each Guardian at least once a year
Do a test operation at least once a year. Ideally, do two test operations per year, one with half the guardians and another with the other half. This ensures your Guardians haven't forgotten or lost their accounts.
More Advanced Issues: PrivacyOne of the challenges with Guardians is that there is currently no technology that will keep your financial privacy safe from Guardians. However, this is a technical problem that can be technically solved:
The guardian does not directly guard your account, but guards a "safe" contract, and the link between your account and the safe is hidden.
