Overview

The Account Recovery Component allows users to regain access to their Ethereum smart wallets using their email addresses. This approach uses ZK Email technology to verify email replies and trigger account recovery processes, all while maintaining high levels of security and privacy.

Account recovery is a crucial component of the ZK Email Ecosystem, providing a secure and user-friendly way to recover Ethereum smart wallets using email addresses.

How it works

Simplified explanation

Concepts

The Account Recovery Component introduces several concepts that work together to provide a secure, privacy-preserving, and flexible framework for email-based wallet recovery and smart contract interactions.

These concepts form the foundation of our secure and privacy-preserving account recovery system. For a detailed explanation, watch our 2024 EthCC talk.

Account Code and Salt

A random integer (Account Code) and its derivative (Account Salt) that together create a privacy layer between email addresses and Ethereum addresses. They enable deterministic wallet address generation and secure recovery without exposing user email addresses.

userEtherAddr := CREATE2(hash(userEmailAddr, accountCode))

Example

Alice's email ([email protected]) and Account Code (1234) generate a unique Account Salt, which determines her Ethereum address (0x1234...) without revealing her email on-chain.

Invitation Code

A hex string composed of the account code and a prefix, included in email headers to verify user authenticity and prevent malicious activities during the recovery process. It ensures that only the rightful user can initiate account recovery by proving possession of the correct Invitation Code.

Smart contracts must verify the presence of the invitation code in a user's first email before confirming their account.

Example

Alice's Invitation Code "INV-1234abcd" is included in her recovery email, proving she has access to the original account setup information.

Subject Template

A predefined format for email subject lines that enables developers to create custom, application-specific email commands without modifying the underlying ZK circuits. It standardizes email communication for smart contract interactions, allowing for complex operations through simple email subjects.

Variable parts: "{string}", "{uint}", "{int}", "{decimals}", "{ethAddr}"

Example

Template "Send {decimals} ETH to {ethAddr}" allows Alice to email "Send 0.5 ETH to 0x5678..." to trigger a transaction.

Email-Auth Message

A data structure containing the user's email data, its zero-knowledge proof, and additional metadata for verifying email-based interactions with smart contracts. It facilitates secure communication between off-chain emails and on-chain smart contracts while preserving user privacy.

The isCodeExist boolean indicates the presence of an invitation code without disclosing its content.

Example

Alice's recovery email generates an Email-Auth Message containing a ZK proof of her email content and the isCodeExist flag, allowing the smart contract to verify her recovery request without exposing her email address.

PreviousAPI ReferenceNextRelease Notes

Last updated