Keyppi

Keyppi is a zero-knowledge private key recovery platform. We secure your keys by implementing zero-knowledge proof, decentralized storage, identity verification using proof-of-personhood.

Comment

Inspiration

One of the great obstacles for people to begin to use Web3 technologies, as well as one of the biggest risks for current web3 users, is the risk of losing our private keys: One of the only still centralized aspects of decentralized technologies.

What it does

Keyppi protects your private key with several cryptographic layers for which their individual weak points and risks are mitigated by distributing them along the blockchain using IPFS by splitting it on uncorrelated shards in a unique way for every user.

This is done to enable the private key to be recovered easily by only the original owner, in case they lost it, or transmit it (for example, to gift a wallet) once they do a proof-of-personhood without any risk of the private key's shards to be exposed since the retrieval and decryption process is done using Zero-Knowledge proofs in a locally secured way.

How we built it

We built a secure and decentralized back-end by using distributed storage of IPFS and Mina Protocol's zk-SNARKs for zero-knowledge proofs of the decryption algorithm once the user gets verified with a unique proof-of-personhood.

For the front-end, the user gets a OTP on mail or SMS when they want to recover their private keys, as well as an interface to gift a wallet securely, enabled by Polygon, by our splitting method. We also prioritized user experience by using Wallet Connect for the wallet integration with most popular wallet interfaces (Metamask, etc.)

Challenges we ran into

It is inevitable to find challenges when integrating so many new and changing technologies, and we frequently found ourselves needing to modify the core of some of these projects to be able to create a truly integrated and fully-secured back-end.

On the road, we also found several cases for which the private key could be unsafe during the storage and retrieval process, and had to meticulously solve every of those cases until we were really happy with its security.

Accomplishments that we're proud of

We are definitely proud of our encryption system and security, as well as the abstraction layers that enables this back-end to be paired with an intuitive front-end that results in an easy UX to help non tech-savvy users to easily enter the world of Web3 technologies.

What we learned

We stumbled into the fine details of some complex cryptographic problems that taught us a lot both about security and user experience, since we wanted to optimized it for the case of non tech-savvy end users.

We also learnt a lot about integrating technologies and making decentralized interfaces that need secure communication systems; in this case, our developed splitting method. This taught us the importance of building more interfaces that takes into account a broad vision of a future where we all use web3 technologies extensively.

What's next for Keyppi

We still want to explore more edge cases for which our cryptographic splitting method could need further securing. Also, by leveraging the recursive nature of Mina's blockchain, we want to explore the possibility of using a zero-knowledge proof as a representation of the sharded private key reconstruction procedure to remove the need for this process to expose insecurities or jeopardize user experience and gain a more abstract representation of the user's ownership that can be itself further secured with our splitting method in recursive stages for arbitrarily high protection and truly distributed information of our ownership.

Built With

Share this project:

Updates