Recover a wallet

MPC recovery allows your users to recover their MPC wallets in the event that their device is lost, broken, or stolen.

MPC recovery uses the MPC backup that a user has already configured to create a new set of signing shares.

Recovery creates a new set of signing shares, and deprecates the old set.

User Recovery

Recovering a user's MPC share is done by retrieving the encryption key from the user's cloud storage provider and decrypting the encrypted share within your infrastructure.

In order to support user MPC recovery, two dependencies must be met:

1. Your server must send the encrypted share to the user's mobile device

2. Your mobile app must initiate the recovery process

Sharing encrypted shares with the client

During the recovery process, the encrypted client backup share needs to be retrieved from the custodian backend.

Create an endpoint to get the encrypted share, so the client can decrypt the value using the encryption key stored in the user's cloud storage provider.

/*
 * This endpoint can be defined by you however you want
 */
app.get('/portal/clients/:clientId/backup', async (req, res) => {
  const { clientId } = req.params
  
  // example db function getting a "user" by clientId
  const user = await db.users.find({
    where: {
      clientId: clientId,
    }
  })
  res.status(200).send({ cipherText: user.cipherText })
})

Updating Your Mobile App

In order to initiate the recovery process from your mobile app, you must perform two steps:

1. Retrieve the encrypted client backup share from your API.

2. Get a new encrypted client backup share from running portal.mpc.recover.

import axios from 'axios'
import React, { FC } from 'react'
import { Button, View } from 'react-native'
import { BackupMethods, usePortal } from '@portal-hq/core'

const RecoveryButton: FC = () => {
  const portal = usePortal()
  
  const handleRecovery = async () => {
    // Get the existing encrypted client backup share from your API.
    const backupShare = await axios.get('/clients/[clientId]/backup')
    
    // Set the new signing share by running recover.
    await portal.mpc.recover(
      backupShare,
      BackupMethods.GoogleDrive, /* or BackupMethods.iCloud */
    )
  }
  
  return (
    <View>
      <Button onPress={handleRecovery} title="Recover your wallet" />
    </View>
  )
}

 export default RecoveryButton 

Custodian Recover

In order to support custodian MPC recovery, one dependencies must be met:

1. Your server must support the /{webhook_root}/backup/fetch webhook to provide Portal your existing custodian backup share.

Implementing the webhook

Portal will request the existing custodian backup share with a POST request to /{webhook_root}/backup/fetch.

The request body of this POST request will contain one field:

• clientId - The Portal clientId of the user

app.post('/webhook/backup/fetch', async (req: Request, res: Response) => {
  const { clientId } = req.body
  
  // example db function getting a user from the "users" table by clientId
  const user = await db.users.find({
    where: {
      clientId: clientId,
    }
  })
  
  res.status(200).send({ backupShare: user.backupShare })
})

Next steps

Portal is all set up in your app! Now you can explore all that Portal has to offer.