Enhancing Polkadot's ecosystem with Logion's recoverable secrets and Legal Officer oversight

Introduction: Understanding ID LOC (Identity Legal Officer Case)

Before delving into our proposal, it is crucial to understand the concept of an ID LOC, in the Logion environment. An ID LOC is a certification mechanism that verifies and authenticates the identity of a participant within the Polkadot ecosystem. This process is overseen by a Legal Officer, a qualified individual providing legal warranties and trust in the digital space. The ID LOC plays a pivotal role in our proposed recoverable secrets system, ensuring a secure and legally sound framework for identity verification and key pair recovery.

Proposal context

In blockchain and decentralized systems, the loss of cryptographic key pairs can lead to irreversible asset and/or data loss. Logion proposes a unique solution to this challenge, integrating human control and legal guarantees provided by Legal Officers, providing also a real defense against fraudulent activities and unauthorized access.

Proposal details

Collaborative framework:
Our solution requires collaboration with at least one external partner, creating a dual-layer of security and verification.

Legal Officer involvement:
Legal Officers within Logion play a crucial role, providing legal guarantees and human oversight in the recovery process.
Their involvement adds an extra layer of trust and security, essential in managing digital identities and assets with flexibility in case of need.

Recoverable secrets mechanism:
Users can submit a “secret” (the encrypted key pair or other sensitive data) attached to an ID LOC.
In case of key pair loss, the secret can be recovered through a post-identity verification by a Legal Officer.

Challenge-based recovery:
A unique challenge is linked to each recovery request.
Following identity verification by a Legal Officer, the secret is recoverable via an API call or through a public application form, using the challenge.

User’s partner integration:
The process involves generating an encrypted key pair, with the passphrase stored by the user’s partner and the encrypted key pair stored within Logion.
Restoration of the key pair requires approvals from both the user’s partner and Logion, ensuring a secure and collaborative process.

Current situation in the Polkadot ecosystem

Key Pair management challenges: Currently, in the Polkadot ecosystem, as in many blockchain systems, the management and recovery of cryptographic key pairs pose significant challenges. If a user loses access to their key pair, they potentially lose access to their assets permanently. This creates a significant risk and a barrier to entry for less technically-savvy users.

Limited recovery options: The existing methods for key recovery are often technical without any possible assistance and legal warranty. This can lead to gaps, vulnerabilities and does not provide users with a trusted avenue for recovery, especially in cases of lost keys.

Absence of human oversight: Automated systems dominate the current recovery processes. While efficient, they lack the nuanced understanding and verification that human oversight (especially legally backed) can provide.

Improvements brought by the Logion proposal

Secure and legal framework for key recovery: By integrating Legal Officers in the recovery process, Logion introduces a legal framework that enhances trust and security. This legal backing provides a stronger guarantee against misuse and fraud, something that automated systems alone cannot fully ensure. With the development of artificial intelligence tools, this is something that could become essential.

Enhanced user experience and accessibility: The Logion approach simplifies the key recovery process, making it more readable and accessible to a broader range of users. This user-friendly approach can increase adoption and participation in the Polkadot ecosystem by reducing the fear of asset loss due to key mismanagement.

Strengthening trust in the ecosystem: By providing a more secure and legally robust mechanism for key recovery, Logion’s proposal can strengthen overall trust in the Polkadot ecosystem. Increased trust can lead to higher adoption rates and a more stable and reliable network.

Interoperability and scalability: The Logion system’s design for recoverable secrets aligns with Polkadot’s vision of interoperability and scalability. It offers a solution that can be integrated across various platforms within the ecosystem, further enhancing the network’s cohesion and functional reach.

Conclusion

The Logion proposal addresses critical gaps in the Polkadot ecosystem related to key pair management and recovery. By introducing a legally backed, human-verified recovery process, it significantly enhances the security, trust, and user experience within the ecosystem. This proposal not only safeguards assets, data access, but also promotes wider adoption and participation in the Polkadot network, aligning perfectly with its goals of interoperability, scalability, and user-centricity.

Thanks for your feed-back!

There is pallet-recovery which enables account recovery. It does not allow to decrypt any data though.

A user can just register your Logion as recovery account, then they would have these guarantees as well i assume.

I dont quite understand. Is this post just an introduction that this will be available in the future or are you proposing a governance referendum?

In general i think it can be very helpful for institutional adoption to have recovery options handy. But i dont see why it would be needed to decrypt some additional data. Is that just an additional service or do you imply that it is needed to recover an account?

Hi Olivier thanks for your question.
This post is tagged “decentralized-future”, meaning it introduces a request to this program.

Logion is a Polkadot chain offering certification of the economic and legal framework for digital operations (tokens certifications, traceability certification…), via ZKP certificates. All data relating to these certificates is stored in digital files (LOC) under the responsibility of legal officers (certificates signatories). Certificates, like all operations supported by Logion, offer real legal guarantees which only we can offer. For recovery, it’s the same: the secret is linked to an IDLOC validated by a Legal Officer and under its responsability. This opens the way to recovery on ID control, but also to heirs in case of disappearance of the initial requester, after verification of course.

I hope this helps you to understand better our approach.

I’ll let our CTO answering technicals questions.

Hello Olivier,

We actually include pallet-recovery in our runtime and implemented some additional tools to make it more handy and secure (see here). However, we now face some use cases (including encryption, which you mention) where “proxy based” recovery is less or not at all usable.

So this proposal is indeed about a new service which would enable the recovery of the key pair, not only the access to the account.

We are aware that social recovery is more secure in general, so the method described in our proposal will remain optional. However, we believe that in some cases, recovering the key pair is needed.

Nice, thanks for the replies. I see that you are operating at a much wider scope :+1:

Okay good that it helps, i think its not often used.

Yea its probably unavoidable, especially when interacting with Web2 systems.