Disaster Recovery Process

As an io.finnet user, it's essential to understand the disaster recovery process (DRP) to ensure the safety and accessibility of your assets. When creating a vault, you'll need to strike a balance between security and convenience by carefully considering the number of shares and signers needed to approve and sign transactions.

While the vault is "live" and in use, those signers will participate in signing transactions through the app. But in the event that you (or your organization) lose access to those signers required to form the threshold of your vault, you will have to follow the DRP outlined here to recover full access to the vault's assets. In short, that will involve a process of gathering and combining the secret shares from each of the signer recovery files, which will then allow you to re-create the private key outside of io.finnet's infrastructure.

Let's explore the process and its purpose in more detail.

When to Use the Disaster Recovery Process

The DRP is necessary when you cannot withdraw funds from a vault due to an inability to generate a signed transaction. This could potentially happen in situations such as:

  • Critical software malfunction
  • Malicious DDOS attack
  • Service shutdown
  • Critical loss of user secret shares
  • Compromise of a signer that requires re-creation of the vault

As some of these may be outside of io.finnet's control, the DR tool has been released as open source code on GitHub.com and it can be downloaded, copied and used by anyone. Feel free to take a copy of the DR tool's code for your own use later for extra peace of mind.

Understanding the Recovery Process

Each vault has a threshold of signers that must participate in the signing of a transactions in order to produce a valid signature. Similarly, the DRP requires collecting the stored recovery files with enough shares to reach that threshold.

This means that you must ask the signers within a vault you are recovering to share their recovery files and 24-word phrases to a single operator, chosen by your organization, who will run the DR tool and recover the vault's private keys. Be extra cautious of the fact that this person will then, upon running the DR tool, retrieve the full private key and will have full access to the assets within that vault, and use of any smart contract permissions that have been assigned to the vault's address on web3 dApps. The operator of the tool should be considered trustworthy enough to handle this sensitive data.

Here are the key components to remember:

  1. Unique 24-word phrase: When first creating a signer on a device, the io.finnet app generates a unique 24-word phrase for that signer. This phrase should be kept in a safe and secure location, so that it is only ever seen by the rightful owner of the signer device. In the unlikely event that the DRP is needed, it should be revealed securely to personnel in charge of running the process. We will explore that more in detail below.
  2. Recovery files: These are files that contain encrypted copies of the secret shares that are stored locally on the device during normal use. They take the form of JSON files that contain encrypted backup data. On their own, without the 24-word phrases that encrypt them, these files are unreadable and useless.
  3. Storage: Each io.finnet user is responsible for securely storing an up-to-date encrypted device backup file and keeping their 24-word secret phrase in a safe, offline, and physically secure location. The io.finnet app will prompt the user when this should be done. The best times to store the backup files are after the processes of vault creation and resharing. It's common for a device owner to choose to store the backup files within their cloud storage accounts such as iCloud or Google Drive, as this will allow them to easily access the files from their desktop and other account-linked devices as/when the DRP is needed. However, the 24-word phrase is only set once and should be stored with the highest level of security, as it represents an encryption key.

Exporting Disaster Recovery Files From io.finnet Apps

  1. Open the io.finnet mobile app, make sure you are logged in, and tap on the settings cog at the top right-hand corner of the app.
  2. Tap "Export recovery file" to generate the encrypted recovery file.
  3. Select the destination where you would like to save the file (this could be cloud storage such as iCloud, if the device is connected to such a service), then confirm the save.
  4. Verify that the file was successfully saved to the selected location.

Recovering Access to Your Vault

To regain access to your vault and the assets within, follow these steps:

  1. Gather necessary materials: Members of the signing party with devices with enough shares to reach the vault threshold must gather their corresponding up-to-date encrypted backup files and device-specific 24-word secret phrases in one secure location. This would ideally be on an offline air-gapped computer that is not connected to the internet.
  2. Use the io.finnet Disaster Recovery Tool: The organization should use the publicly available, open-source script published on GitHub.com here on the secure offline computer. For information on how to read and build the source code on your own hardware, please visit the link and read through the Readme content, which explains how that is done.
  3. Restore the private keys: Upon running the tool, it will load the files from Step 1 and combine the secrets from each recovery file to restore the valid private keys for the chosen vaults.
  4. Export the key: For each recovered vault, the tool will export a WIF (Wallet Import Format) for Bitcoin key import to Electrum Wallet and create a wallet V3 file for importing to MetaMask and other Ethereum wallets such as MEW.

Note: In order to ensure all shares can be recovered from a device, the backup file should be re-downloaded each time the device participates in a new vault creation or reshare. As such, users are reminded by the app to download the file each time this occurs.

Downloading and Installing the DR Tool

You may build the source code yourself with an installed Go toolchain. Head to the repository to check the Readme, which has further details on how to do this.

If you prefer the convenience of downloading a pre-built binary for your platform, head to the Releases page. This page contains pre-built binaries for Linux, Windows (x86-64) and Mac (Apple Silicon) computers. For other computer types, or for a heightened level of security, you should build the tool yourself from source.

Using the DR Tool

First you will want to get the vault IDs available in the files:

$ ./bin/recovery-tool sandbox/file1.json sandbox/file2.json

Once you have the vault ID you want to recover, supply it to the tool to begin the recovery.

$ ./bin/recovery-tool -vault-id cl347wz8w00006sx3f1g23p4s sandbox/file1.bin sandbox/file2.bin

The tool will try to auto-detect the optimal reshare nonce and threshold of the vault you are trying to recover.
However, if you would like to override this behavior, you may specify custom values with -nonce and -threshold flags respectively.

Ethereum & Ethereum-Like Recovery

The tool is able to export a wallet v3 JSON file for import into MetaMask. Set the -password flag on the command line to export the wallet.json, and make sure it's saved somewhere safe.

To import it, open your MetaMask and add an account, then choose the import from file option.

MetaMask Screenshot

Bitcoin Recovery

The tool exports two WIFs for import into the Electrum Bitcoin wallet: one for mainnet (bc1 address), and another for testnet (tb1 address).
Choose the one depending on your vault's environment.

A WIF looks like: L1CujRNEhNfZgTS9b6e3hytTDu7gpUv1kiLx4ETEEhEc8nJcx4QA

You may download Electrum wallet, and follow these steps to import a WIF:

IMPORTANT: If you intend to recover a testnet key (address with tb1 prefix), you must run Electrum with the --testnet flag from your Terminal:
On a Mac, this is done as follows:
open -n /Applications/Electrum.app --args --testnet

Screenshot 2022-11-10 at 23 01 51

Screenshot 2022-11-10 at 23 02 00

Prefix the WIF string with with p2wpkh:, then paste it into the box.

Screenshot 2022-11-10 at 23 05 03

Create a password for the wallet.

Screenshot 2022-11-10 at 23 07 22

After syncing up the chain (may take a while), Electrum should show your balances, and the private key is recovered.

Where to Get Support

Please refer to our help center to review user guides and follow our support processes.

Alternatively, contact our team on our web portal at support.iofinnet.com. We will be happy to assist you.