A multi-signature (multi-sig) social recovery system is a security mechanism that requires multiple trusted parties, known as guardians, to authorize critical actions like recovering a lost wallet. Unlike a traditional single-key wallet, where losing your private key means losing your funds forever, this approach distributes trust. You configure a wallet, such as a Safe{Wallet} (formerly Gnosis Safe) or an Argent wallet, with a set of guardian addresses. A predefined threshold (e.g., 3 out of 5) of these guardians must then approve a recovery request to generate a new signing key, effectively rescuing the assets.
LABS
Guides
Setting Up a Multi-Sig Social Recovery System
A developer guide to implementing a multi-signature social recovery mechanism for smart contract wallets. Covers contract design, guardian management, and secure recovery flows.
Chainscore © 2026
introduction
SECURITY GUIDE
Setting Up a Multi-Signature Social Recovery System
A step-by-step tutorial for implementing a multi-signature wallet with social recovery to secure your digital assets.
The first step is choosing your platform and guardians. For a self-custody approach, Safe is a leading choice for Ethereum and EVM chains, while Argent offers a more user-friendly app with built-in social recovery. Your guardians should be trusted, reliable, and technically capable entities. Options include: hardware wallets you control, wallets of trusted family members or friends, or institutional custody services. Avoid centralizing risk; do not make one person or device the majority of your signers. For a 2-of-3 setup, you might use your Ledger, a family member's MetaMask, and a trusted colleague's wallet.
Next, deploy or create your multi-sig wallet. On Safe, you would navigate to app.safe.global, connect a wallet, and initiate a new Safe. You'll define the owner addresses (your primary key and your guardians' addresses) and set the signature threshold (e.g., 2 out of 3). The deployment is an on-chain transaction, so you'll pay gas fees. Once deployed, fund the Safe address. All assets sent here will now be governed by the multi-sig rules. Your primary daily-use key becomes one of the owners, but it cannot move funds alone.
Configuring the social recovery module is the core step. In Safe, this is done via the Recovery Hub in the settings, where you designate specific owner addresses as your "recovery guardians." You must then propose and execute a transaction to enable this module, which again requires consensus from the current owners. In Argent's system, this process is abstracted; you simply add guardians through the app's interface. It's critical to test the recovery flow with a small amount of funds before committing significant capital. Simulate a scenario where you lose access and require your guardians to sign a recovery transaction.
Maintaining the system requires ongoing management. Guardian addresses can become compromised or lost. You should establish a secure process for periodically verifying guardian accessibility and, if necessary, proposing a transaction to replace a guardian, which itself will require meeting the signature threshold. Document your setup—list guardian contacts, wallet addresses, and the recovery process—in a secure, offline location. This proactive management ensures your social recovery remains resilient over time, transforming wallet security from a single point of failure into a robust, socially-verified process.
prerequisites
PREREQUISITES AND SETUP
Setting Up a Multi-Sig Social Recovery System
This guide details the technical prerequisites and initial setup required to implement a multi-signature social recovery system for smart contract wallets, focusing on practical configuration and security considerations.
A multi-signature (multi-sig) social recovery system is a security mechanism that allows a user's assets to be recovered by a designated group of trusted entities, known as guardians. Unlike a traditional seed phrase, which is a single point of failure, this approach distributes trust. To begin, you will need a foundational understanding of Ethereum, smart contracts, and public-key cryptography. Familiarity with a development environment like Hardhat or Foundry is essential for testing and deployment. You will also need access to an RPC endpoint, such as from Alchemy or Infura, and a basic wallet like MetaMask for transaction signing.
The core of the system is a smart contract wallet that implements the recovery logic. Popular standards to build upon include ERC-4337 for account abstraction or existing implementations like Safe{Wallet}. Your setup must define the recovery parameters: the number of guardians, the threshold of signatures required for recovery (e.g., 3 out of 5), and the address of the new wallet destination. It is critical to store these configuration details and the guardian addresses securely off-chain, as they represent the recovery policy. Never hardcode sensitive addresses directly into the contract; use a constructor or an initialization function.
Guardian selection is a security-critical step. Guardians can be other EOAs (Externally Owned Accounts), smart contract wallets, or even institutional services. A best practice is to use a diverse set: - A hardware wallet you control - Trusted family members or friends - A dedicated smart contract you own (as a backup) - A reputable custody service. Ensure each guardian understands their role and can reliably sign a recovery transaction when needed. The security of the entire system is bounded by the security of the weakest guardian.
For development and testing, you will write and deploy the recovery logic. Using Foundry, a test script might look like this:
solidity// Example test snippet for recovery initiation function testRecovery() public { address[] memory guardians = new address[](3); guardians[0] = address(0x123...); // ... setup vm.startPrank(user); wallet.initiateRecovery(newWalletAddress, guardians); vm.stopPrank(); // Assert recovery state }
Thoroughly test scenarios like guardian revocation, threshold changes, and malicious recovery attempts in a local forked environment before proceeding.
Prior to mainnet deployment, conduct audits and dry runs on a testnet like Sepolia or Goerli. Deploy the wallet factory and recovery module contracts. Execute a full recovery flow end-to-end with your guardians on testnet to confirm all parties can sign correctly and the transaction executes as expected. This verifies your tooling, gas estimates, and the guardians' operational readiness. Document the process and share the verified contract addresses and ABI with your guardians.
Finally, fund your newly deployed smart contract wallet and begin using it. Maintain an off-chain record of the guardian set, the recovery threshold, and the contract addresses. Periodically verify that guardian addresses are still valid and consider implementing a schedule to test the recovery process. This proactive maintenance ensures the system remains functional when you need it most, transforming a theoretical safety net into a practical, reliable component of your asset management strategy.
contract-architecture
SMART CONTRACT ARCHITECTURE
Setting Up a Multi-Sig Social Recovery System
A guide to implementing a social recovery wallet using multi-signature smart contracts, enabling users to regain access to their assets with the help of trusted guardians.
A multi-signature social recovery system is a smart contract architecture that allows a user to designate a set of trusted guardians (e.g., friends, hardware wallets, other contracts) who can collectively approve the recovery of a lost wallet. Unlike traditional seed phrases, this model shifts the security paradigm from a single point of failure to a social consensus mechanism. Popularized by projects like Ethereum's ERC-4337 account abstraction and the Safe (formerly Gnosis Safe) wallet, it provides a robust alternative for managing private keys. The core contract holds the user's assets and only executes critical operations, like changing the owner, when a predefined threshold of guardian signatures is met.
The architecture typically involves three main components: the main wallet contract, a guardian registry, and a recovery module. The wallet contract is the primary account holding funds. The registry is a separate contract or data structure that stores the list of guardian addresses. The recovery module contains the logic for initiating a recovery request, collecting signatures from guardians, and executing the owner change after the threshold is reached. This separation of concerns enhances security and upgradability. For example, you can upgrade the recovery logic without migrating the main wallet's assets.
To implement this, you start by writing the core recovery logic. Below is a simplified Solidity snippet for a recovery module using OpenZeppelin's EIP712 for signature verification:
solidityfunction initiateRecovery(address newOwner, bytes[] calldata signatures) external { require(signatures.length >= recoveryThreshold, "Insufficient signatures"); bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(RECOVERY_TYPEHASH, newOwner))); address[] memory verifiedGuardians = new address[](signatures.length); for (uint i = 0; i < signatures.length; i++) { address signer = ECDSA.recover(digest, signatures[i]); require(isGuardian[signer], "Invalid guardian"); // Prevent duplicate signatures for (uint j = 0; j < i; j++) { require(signer != verifiedGuardians[j], "Duplicate signature"); } verifiedGuardians[i] = signer; } _executeRecovery(newOwner); }
This function requires a newOwner address and an array of EIP-712 signatures from guardians.
Setting the right recovery threshold is a critical security decision. A common configuration for a circle of 5 guardians is a threshold of 3, ensuring recovery is possible even if 2 guardians are unavailable, while preventing any single guardian from acting maliciously. The guardian set should be diverse: - Personal devices: Other wallets you control. - Trusted individuals: Friends or family members. - Institutional services: Providers like WalletConnect or Coinbase. It's advisable to use a multi-chain approach where guardians can be on different networks (via CCIP Read or LayerZero), preventing a single network outage from blocking recovery. Regularly updating your guardian set is as important as choosing them initially.
Integrating this system with ERC-4337 Account Abstraction is a powerful next step. Instead of a regular Externally Owned Account (EOA), your wallet becomes a smart contract account. The social recovery module can be a validation function within the account's validateUserOp method. This allows recovery logic to be bundled as a UserOperation, paid for with ERC-20 tokens via a paymaster, and broadcasted through a bundler. The Safe{Core} Protocol provides a standardized framework for building such modular smart accounts with plug-in recovery mechanisms. This creates a seamless, gas-efficient user experience entirely within the account abstraction ecosystem.
Before deploying to mainnet, rigorous testing is non-negotiable. Use a framework like Foundry or Hardhat to simulate various attack vectors: - A guardian attempting to recover to their own address. - Front-running recovery requests. - Replay attacks across different chains. - Guardian collusion below the threshold. Formal verification tools like Certora or Solidity SMTChecker can prove the correctness of your signature verification and state transition logic. Finally, consider a timelock on the recovery execution, giving the original owner a final window to cancel the request if it was initiated maliciously. This adds a crucial layer of protection for the user's sovereign control over their assets.
key-concepts
SOCIAL RECOVERY
Key Concepts and Components
A multi-signature social recovery wallet uses a network of trusted contacts, or guardians, to authorize transactions and recover access if keys are lost. This guide covers the core components for setting up a secure system.
01
Understanding Guardians
Guardians are the core of social recovery. They are trusted entities—individuals, hardware wallets, or other smart contracts—that hold a share of the recovery authorization.
- Key Role: They collectively sign to approve a wallet recovery or a sensitive transaction.
- Selection Criteria: Choose a diverse set (e.g., 3 of 5) to avoid a single point of failure. Mix family, friends, and institutional services.
- Best Practice: Use at least one non-custodial, always-online guardian like an ENS name or a Safe{Wallet} for reliability.
02
Recovery Modules & Smart Contracts
The recovery logic is enforced by on-chain smart contract modules. These define the rules for guardian actions.
- Core Function: Manages the guardian set, recovery timelocks, and signature thresholds.
- Popular Standards: Safe{Wallet} uses a Zodiac-compatible module. Argent Wallet pioneered social recovery with its custom guardian system.
- Security Consideration: The module's code is immutable once deployed. Audit the contract or use a battle-tested implementation from a major protocol.
03
The Recovery Process & Timelocks
A recovery is not instant. A security timelock gives the legitimate owner time to cancel a malicious recovery attempt.
- Standard Flow: 1) A recovery is initiated. 2) Guardians sign over the timelock period (e.g., 48-72 hours). 3) After the delay, the new wallet owner is set.
- Critical Security Feature: This delay is your last line of defense. Never set it to zero.
- Example: Argent uses a 36-hour delay, while Safe's default module allows configurable timelocks.
05
On-Chain vs. Off-Chain Signatures
Guardian approvals can be recorded on-chain or aggregated off-chain for efficiency and cost.
- On-Chain Signatures: Each guardian submits a transaction. More transparent and simple, but expensive on L1 Ethereum.
- Off-Chain Signatures (EIP-1271): Guardians sign messages off-chain. A relayer aggregates them into a single on-chain transaction. Used by Safe and Argent to reduce gas fees.
- Key Insight: The user experience is similar, but off-chain signing relies on the integrity of the relayer service.
06
Setting Up Your Guardian Network
A practical checklist for configuring your recovery system.
- Determine Threshold: Start with a 3-of-5 configuration (3 signatures required out of 5 guardians).
- Diversify Guardians: Include:
- Personal Contacts (2-3)
- Institutional Service (e.g., Coinbase Custody as a guardian)
- Your Own Hardware Wallet at a separate location
- Set a Timelock: Minimum 48 hours for significant assets.
- Test Recovery: Perform a dry-run recovery with a small amount of funds before depositing major assets. Document the process for your guardians.
implementation-steps
STEP-BY-STEP IMPLEMENTATION
Setting Up a Multi-Sig Social Recovery System
This guide provides a technical walkthrough for implementing a multi-signature social recovery system using the Safe{Wallet} smart contract framework and the Zodiac module for guardian management.
A multi-signature social recovery system allows a user to designate a set of trusted individuals or entities—called guardians—who can collectively recover access to a wallet if the primary private key is lost. This is a critical security upgrade over single-key wallets, mitigating the risk of permanent fund loss. We'll implement this using Safe{Wallet} (formerly Gnosis Safe), the industry-standard multi-sig, and the Zodiac Recovery module, which provides a flexible, on-chain framework for guardian management and recovery proposals. This setup requires a pre-deployed Safe with at least one owner.
First, deploy the Recovery module. You will need the addresses of your Safe and the initial set of guardian addresses. The deployment is typically done via a factory contract. Using Foundry, you can script this deployment. The key parameters are the owner (the Safe address), the recoveryCooldown (a timelock period), and the recoveryExpiration (how long a recovery proposal is valid). A 24-hour cooldown and a 7-day expiration are common starting points for security.
solidity// Example deployment call parameters address safeAddress = 0x...; address[] memory guardians = new address[](3); guardians[0] = 0x...; // ... uint256 cooldown = 86400; // 1 day in seconds uint256 expiration = 604800; // 7 days in seconds
Once deployed, you must enable the module on your Safe. This is a critical security transaction that requires confirmation from the Safe's existing owners, as it grants the module the power to execute transactions. Connect to your Safe via its web interface or SDK, navigate to the "Apps" section, find the Zodiac module, and initiate the enableModule transaction. After confirmation, the Recovery module is an authorized module on your Safe, allowing it to propose and execute recovery actions.
Guardians can now initiate recovery. If a user loses access, a guardian starts the process by submitting a recovery proposal to the module contract, specifying a new proposed owner address. This transaction requires a signature from the initiating guardian. The proposal is now in a pending state, visible on-chain. Other guardians must then review and confirm the proposal. The module is configured with a threshold (e.g., 3 out of 5 guardians), and once enough confirmations are collected, the proposal is executable.
After the cooldown period has passed and the threshold is met, any account can execute the recovery. The execution transaction calls the module's executeRecovery function, which performs a swapOwner operation on the Safe, replacing the lost owner address with the new one specified in the proposal. This action is irreversible and finalizes the account recovery. The user regains control via the new private key, and the old, lost key is permanently invalidated for that Safe.
For production use, consider additional safeguards. Use a hardware wallet or smart contract wallet as guardians for higher security. Implement off-chain coordination among guardians using tools like SafeSnap for gasless signing or a secure communication channel. Regularly review and update your guardian set to account for changed relationships. This system, while robust, places significant trust in your guardians, so choose them carefully and consider their technical capability to execute the recovery process when needed.
SECURITY CONFIGURATION
Multi-Sig Threshold Comparison
Comparison of common multi-signature threshold configurations for a 5-of-7 social recovery wallet setup.
| Security Metric | 3-of-5 (Standard) | 4-of-7 (Balanced) | 5-of-9 (High Security) |
|---|---|---|---|
Minimum Signers Required | 3 | 4 | 5 |
Total Guardians | 5 | 7 | 9 |
Fault Tolerance (Compromised Guardians) | 2 | 3 | 4 |
Attack Surface for 51% Control | 3 guardians | 4 guardians | 5 guardians |
Typical Recovery Time | < 24 hours | 1-3 days | 3-7 days |
Gas Cost per Recovery Tx | $40-80 | $60-120 | $80-160 |
Single Point of Failure Risk | Medium | Low | Very Low |
Recommended for Wallet Value | < $50k | $50k - $250k |
|
security-considerations
MULTI-SIG & SOCIAL RECOVERY
Security and Operational Considerations
A multi-signature (multi-sig) wallet controlled by a trusted social circle is a robust alternative to seed phrases. This section covers the key tools and operational steps for implementation.
MULTI-SIG SOCIAL RECOVERY
Frequently Asked Questions
Common technical questions and troubleshooting for developers implementing multi-signature social recovery systems using smart contract wallets like Safe, Argent, or custom solutions.
A multi-signature (multi-sig) wallet requires a predefined number of signatures (e.g., 2-of-3) from a fixed set of private keys to authorize a transaction. It's a pure cryptographic threshold.
Social recovery is a specific application of this concept for account recovery. Instead of signing transactions, a set of "guardians" (which can be EOAs, other smart contract wallets, or trusted entities) collectively sign a recovery request to reset the signing keys for a primary account, like an ERC-4337 smart account. The core mechanism is still a multi-sig, but its purpose is singular: key replacement. Systems like Argent V1 and many ERC-4337 account factories implement this pattern.
resource-links
DEVELOPER REFERENCES
Resources and Further Reading
These resources cover production-ready tools, standards, and design patterns for building a multi-sig social recovery system. Each link focuses on concrete implementation details rather than high-level concepts.
conclusion
IMPLEMENTATION SUMMARY
Conclusion and Next Steps
You have now configured a secure multi-signature social recovery system, establishing a robust framework for managing digital assets and smart contract permissions.
Your multi-sig setup, using a tool like Safe{Wallet} or Argent, now acts as a programmable vault. The core security model is defined by the threshold (e.g., 2-of-3) and the carefully selected guardians. This structure ensures no single point of failure, as a malicious actor would need to compromise multiple, independent keys or devices. Remember, the security of this system is only as strong as the guardians you choose and the devices they use to store their signing keys.
To operationalize this system, you must establish clear protocols with your guardians. This includes defining recovery scenarios (lost device, compromised key), communication channels for initiating a recovery, and a process for verifying requests to prevent social engineering attacks. For developers, the next step is integrating this recovery logic into your dApps or DAO treasuries using the Safe SDK or similar libraries to enable programmatic interactions.
Consider advanced configurations to enhance your setup. You can implement time-locks on recovery operations, requiring a waiting period before execution to allow for challenge. Adding hardware wallet signers as guardians significantly increases security. For DAOs, explore module-based governance where a Zodiac module allows a Snapshot vote to trigger a recovery transaction on the Safe, blending social and on-chain governance.
Regular maintenance is crucial. Periodically review and, if necessary, rotate guardian addresses. Test the recovery process in a testnet environment like Sepolia or Goerli to ensure all guardians understand the procedure. Monitor the ecosystem for new social recovery standards like ERC-4337 account abstraction, which may offer native, gas-efficient alternatives in the future.
The principles you've applied—decentralizing trust, eliminating single points of failure, and designing for human error—are foundational to secure Web3 system design. This multi-sig social recovery pattern is a critical tool for securing high-value operations, from individual wallets to protocol treasuries and grant distributions.