Comment on page

7.2 Non-custodial Key Management

As part of our goal of financial inclusion and enablement of abundance through blockchain technology, there has typically been a technology gap which has excluded those who are not technically proficient or well versed enough in the use and management of private keys. As a result, we created a hybrid non-custodial key management solution to enable users to access their accounts and wallets with only a username and password, while still allowing for traditional account recovery via a forgot or reset password flow.


The account creating process is simple, the user either locally generates a wallet or connects their own Celo-compatible browser extension wallet such as Metamask or Portis. The user then chooses a third-party to play the role of Guardian in the event of account recovery.
Network accounts consists of a 2 of 3 multi-signature wallet
Network Cosigner
  • Responsible for confirming relayed transactions
  • Operated by the network
Client Wallet
  • Can be self-custodied or keys stored via an encrypted keystore.
  • Operated and only accessible by the owner of the wallet.
  • Used to add new transactions to the multisig to be cosigned by the network operator.
Guardian Wallet
  • Operated by third party custodial service
  • Responsible for recovery if a member loses control or access of their client wallet
  • Incentivized by network to offer guardian service to custody partial keys on behalf of the user


Signing transactions are also simple, the user signs a transaction with their client wallet keys and asks the Network Cosigner to the cosign and confirm the transaction.


** **If a user loses access to their client wallet, they will generate or connect a new wallet.
After it’s generated, the user sends a request to their Guardian to call the replaceOwner function in order to swap the old client wallet address with a newly generated client wallet. Afterwards, the guardian asks the Cosigner to confirm the replaceOwner transaction.