What are guardians and verifiers?
Portkey's social recovery mechanism relies on two essential roles: guardians and verifiers.
- Guardians are user-defined protectors of their own wallets, essentially social accounts linked to their trusted individuals or themselves. Supported guardian types in Portkey include email address, Google account, Apple ID, and Telegram account. Wallet owners have the flexibility to designate their own guardians and determine the number of guardians by adding or removing them. To enhance account security, Portkey recommends a minimum of two guardians.
- Verifiers are external verification service providers introduced to enhance security and decentralisation in Portkey's social recovery mechanism. These providers offer various verification options, such as SMS OTP, email, Google, and Apple verification, corresponding to the types of guardians supported. Each guardian added to a wallet account must be associated with a verifier responsible for collecting and verifying data from that guardian. Except during the initial signup, where a verifier is randomly assigned to the user's first guardian, users themselves choose the verifiers for all other guardians.
Whenever a wallet initiates actions that could change the current security configurations or potentially pose risks to the account, these actions must be approved by guardians and verified by verifiers. Examples of such actions include logging in on new devices, removing login devices, adding/removing guardians, customising transfer limits, and activating/resetting DApp allowances.
Together, guardians and verifiers collaborate to execute social recovery and protect the account and assets of the wallet owner.