npm
Sign UpSign In

lsp-social-recovery
TypeScript icon, indicating that this package has built-in type declarations

1.3.0 • Public • Published

lsp-social-recovery-js

Account ownership recovery sdk built on top Universal Profiles and on Lukso Testnet

Live example: Youtube:

Team Members

  1. Github Profile: Collins Hue

Getting started

Installation

yarn add lsp-social-recovery

or if using npm

npm install --save lsp-social-recovery

Install web3 too if not yet already.

Getting Started

This sdk builds on the Lukso Testnet and uses Universal Profiles Browser extension Universal Profiles Browser Extension please extension is installed to continue.

1. Initializing the sdk

To use the SDK:

import SocialRecover from 'lsp-social-recovery'

const providerUrl = 'https://rpc.l16.lukso.network'

const provider = new HDWalletProvider({
  privateKeys: [process.env.PRIVATE_KEY],
  providerOrUrl: providerUrl,
  pollingInterval: 18000,
  shareNonce: false
})

const options = {
  provider: provider,
  account: '0x508234eA0600b837CD70332ab342f9BB3B4fF900'
}

const accounts = await window.ethereum.request({ method: 'eth_requestAccounts' })
// or
const options = {
  provider: window.ethereum
  account: accounts[0]
}

const socialRecovery = new SocialRecovery(options)

2. Deploy SocialRecovery & BasicRecovery Contracts

const main = async () => {
  const superGuardians = []
  try {
    await socialRecovery.deploy()
    // set secret phrase
    socialRecovery.setSecretPhrase('a secret phrase')
    // save privateKey
    socialRecovery.setPrivateKey(privateKey)
    // add super guardians
    socialRecovery.addSuperGuardians(superGuardians)

  } catch(err) {
    console.err(err)
  }
}

3. Recover account ownership( Signature verification)

a. Signature submission and verification First strategy in recovering account ownership after initialization is to let added superGuardians sign messages and submit the message to be stored in the contract:

const messageHash = web3.utils.sha3(message)
const signature = web3.eth.accounts.sign(messageHash)
await socialRecovery.addGuardianSignature(superGuardian: Address, signature: string)

Note: All guardians must submit a signed message to be used to recover the account in future.

b. Verifying signature To recover the account, all superGuardians must verify their signatures individually:

// guardian1
await socialRecovery.verifySignature(messageHash, signature)
// guardian2
await socialRecovery.verifySignature(messageHash, signature)
// guardian3
await socialRecovery.verifySignature(messageHash, signature)

// all after signature verifications, recover account privateKey
await socialRecovery.recoverPrivateKey(secretPhrase)

All signature verification request must be initiated by the individual superGuardian Universal Profiles

4. Vote-based account recovery

Another strategy is using vote-based method to recover universal account ownership based on LSP11BasicSocialRecovery

await socialRecovery.setScret('a secret')
await socialRecovery.addGuardian(guardianAddress)
await socialRecovery.voteToRecover(recoverProcessId)
// after guardian voting:
await socialRecover.recoverOwnership()

Development

Setup

Clone this repo:

git clone https://github.com/naftalimurgor/social-recovery-js

Install dependencies:

cd social_recovery/
yarn install

Build

To build

yarn build

Test

To run the tests

yarn test

Contributing

Contributions welcome! Feel free to create a new issue or submit a Pull Request.

Readme

Keywords

Package Sidebar

Install

npm i lsp-social-recovery

Weekly Downloads

9

Version

1.3.0

License

none

Unpacked Size

117 kB

Total Files

18

Last publish

Collaborators

  • slax425
Try on RunKit
Report malware