A3 Smart Accounts lay the foundation for making the wallet experience more flexible. Specifically we want to enable our users to tailor the security measures to their risk profile. On the high security side, this means enabling accounts to have configurable signers, thresholds, and recovery methods. On the low security side, it allows for low-volume transactions to be easily authorized by a single mobile device, or even to be delegated to the recipient, like in the case of subscription payments. Such flexibility introduces a wide array of new use cases and greatly streamlines the user experience.
Apart from offering tailored security, A3 also provides a range of compelling features that greatly enhance the user experience. These features include the convenience of passwordless accounts, the ease of zero-funds onboarding, seamless automatic asset opt-ins, and stablecoin wallets that allow protocol fees to be paid with a user-selected token.
One particularly interesting use case is account recovery. With smart accounts, we can distinguish the regular process of transaction signing from the emergency actions of account recovery. By treating recovery differently, we're able to introduce an extra layer of security through a timelock. This feature prevents any single party responsible for recovery from having instant access, thereby allowing teammates, friends, family, and even semi-trusted custody providers to be involved. Most importantly, the recovery process is fully customizable, even post account creation. Users have the flexibility to add or revoke recovery options as their needs evolve.
In summary, A3 provides an exceptional level of flexibility, allowing users to tailor wallet functionality to their precise needs. They can create their own account masterpiece using the modular architecture of A3. The specific modules are pluggable smart contracts that are immutable, open-source, and fully auditable on-chain. Rooted in the ARC-58 abstracted account standard, this design invites anyone to contribute new functionality to the A3 protocol by developing additional modules that align with the established interfaces.
All the Possibilities
The following provides an overview of the solution space that A3's capabilities encompass. From this, an entire ecosystem of features can be unfolded. Importantly, while this shows the potential of the account protocol, a small subset already has great utility. We call this the "sweet spot" use cases and detail them in the "Phase 1 Implementation" section.
team accounts
dynamic multisig (owners can change)
DAO avatars (replace law with code)
account actions by vote
easy account recovery
fully configurable
multiple recovery options
social recovery (dynamic)
custodial KYC recovery with time-lock
inheritance recovery
flexible signing
multiple team members (dynamic)
multiple devices (dynamic)
multi-factor signing
HSM signing
reduced signers for small volume transactions
signature-free transactions (subscriptions, vesting)
smooth processes
zero-funds onboarding (delegated fee payments)
automatic ASA opt-ins
pay fees in any token (e.g. stablecoin wallets)
Phase 1 Implementation
Right from the start, we want to offer smart accounts that grow with the users. This means no cognitively-taxing choices that need to be made during onboarding. Imagine one account type that can be reconfigured along the way and evolve with user preferences and requirements.
The initial feature set revolves around Defly sweet spot use cases. We will start with default configurations (which can be customized) that have great benefits along the security and usability dimensions. Here are some of the highlights followed by a detailed description of these default configurations.
Stress-free Recovery Phrase Handling
Proper save-keeping of account mnemonics is difficult. Ideally they need to be stored redundantly in two or more places. All of these places need to be secured from unauthorized access. With A3 we can take much stress out of this process. We can add a configurable time-lock that can catch any unauthorized recovery attempts. Additionally, multiple recovery options can be added and, most conveniently, revoked at any time.
Passwordless Accounts
With biometrics and device-bound private keys we can finally leave passwords in the dust of history. Here is how it works. The account key is enclaved on a user device without a mechanism to extract it. There is no functionality to show the mnemonic or to export the private key. It can only be used for transaction signing by device-local biometric authentication. Any number of devices can be added to the account and, if so desired, removed. If you lose your smartphone, you can replace it and add a new one with your laptop or other authorized device. With enough redundant devices, adding a mnemonic-based recovery is optional.
Access Levels
Not everything needs to be a high security vault. Many UX concessions have to be made with a high security approach. Nobody wants to buy a carrot at the farmers market with an air-gapped multisig account. With A3 we can have different transaction volumes depending on access levels. Small payments can effortlessly be made by a mobile phone while bigger payments and account administration require signatures from multiple devices, or even multiple owners.
Sweet Spot Configurations
The Defly implementation of A3 Smart Accounts will start with these default configurations. They illustrate the benefits over standard accounts. Most importantly, they can easily be customized for more advanced use cases.
Starter 1/1 + time-locked recovery
one owner
device-bound private key
biometric access to key
one recovery option
singleSig account + 3 day time-lock
➜ owner writes down recovery phrase
Benefits
device-bound signing keys
add/remove devices and owners
configurable signature thresholds
add/remove recovery options
stress-free recovery phrase handling
(access to it doesn't mean immediate access to funds)owner can cancel any recovery attempt within time-lock duration
(in case of an unauthorized recovery attempt)owner can void any recovery accounts and add new ones
owner can configure emergency access/digital will
(e.g. grant access to a family account after 1 year of inactivity)
Multi-Device 2/2 + time-locked recovery
one owner, two devices (phone, laptop)
device-bound private key
biometric access to key
one recovery option
singleSig account + 3 day time-lock
➜ owner writes down recovery phrase
easy payments
owner sets a volume threshold under which singleSig transactions are allowed
Additional Benefits
end-point security
no single compromised device can take over the account
(guards against root-kits, key-loggers, and trojan horses)
small transactions easy to sign
Future Modules
SRS - Secret Recovery Service is a unique solution to make brain wallets real. It reduces the length of the passphrase from 25 to 4 words while maintaining maximum security. This makes it a great A3 recovery option. Instead of having to handle long cumbersome mnemonics users deal with a short phrase that can be memorized or written down in 10 seconds. It is the perfect complement to social and KYC recovery. See SRS whitepaper for details.
Smart Voting - We developed an end-to-end auditable, on-chain, anonymized voting system in 2022. With it, A3 accounts can turn into DAO avatars where measures are proposed and voted by the members and control of the funds is directly authorized by voting results. This has the potential to fully decentralize the ownership of DAOs.
Your idea here - A3 smart accounts are built on an open modular architecture. Anybody can write new modules that can extend the functionality of smart accounts. While users maintain absolute control over selecting and granting access to the modules they trust, developers are free to offer their creations through the blockchain's decentralized maketplace.