I need to create a comprehensive document about social recovery in EIP-4337 context, specifically focusing on the provided SimpleAccountV2.sol implementation. I'll structure this as a technical documentation that explains:

1. The concept of social recovery
2. How it works in the EIP-4337 context
3. The specific implementation details from SimpleAccountV2.sol
4. Code examples from the contract
5. Usage patterns and best practices

The document should be in English and follow a clear, technical style appropriate for developers and users of the Weber implementation.

```markdown:consensus-specs-1.4.0/docs/EIP4337/social-recovery.md

Social Recovery in EIP-4337

Introduction

Social recovery is a critical security feature for smart contract wallets that enables users to regain access to their accounts without relying on traditional private key backup methods. EIP-4337 (Account Abstraction) creates a foundation for implementing robust social recovery mechanisms within smart contract wallets.

Weber's implementation of EIP-4337 includes a comprehensive social recovery system that allows users to designate trusted individuals or entities (guardians) who can collectively help recover account access when needed.

Core Concepts

Guardians

Guardians are trusted entities (individuals, institutions, or even other smart contracts) that have the authority to participate in the account recovery process. The account owner designates these guardians in advance, establishing a security network for potential recovery scenarios.

Threshold-based Recovery

Rather than requiring all guardians to approve a recovery, the system uses a configurable threshold approach. This means that a pre-defined minimum number of guardians must approve a recovery request before it can be executed.

Recovery Process

The recovery process typically involves: 1. Initiation - A guardian starts the recovery process 2. Support - Additional guardians confirm their approval 3. Execution - When the threshold is reached, ownership is transferred 4. Confirmation - The new owner gains full control of the account

Weber's SimpleAccountV2 Implementation

Weber has implemented social recovery through the SimpleAccountV2 contract, which extends the base SimpleAccount functionality with guardian management and recovery processes.

Guardian Management

The contract maintains a list of guardians and provides functions for the account owner to add or remove guardians:

function addGuardian(address _guardian) external onlyOwner {
    require(_guardian != address(0), "Invalid guardian address");
    require(!guardians[_guardian], "Already a guardian");
    require(_guardian != owner, "Owner cannot be guardian");

    guardians[_guardian] = true;
    guardianList.push(_guardian);
    guardiansCount++;

    emit GuardianAdded(_guardian);
}

Guardians can be removed by the owner, but only if it doesn't violate the threshold requirements:

function removeGuardian(address _guardian) external onlyOwner {
    require(guardians[_guardian], "Not a guardian");
    require(guardiansCount > threshold, "Cannot remove: threshold not met");

    // Find and remove from array
    for (uint i = 0; i < guardianList.length; i++) {
        if (guardianList[i] == _guardian) {
            guardianList[i] = guardianList[guardianList.length - 1];
            guardianList.pop();
            break;
        }
    }

    guardians[_guardian] = false;
    guardiansCount--;

    emit GuardianRemoved(_guardian);
}

Threshold Configuration

The account owner can set the minimum number of guardians required for a successful recovery:

function setThreshold(uint256 _threshold) external onlyOwner {
    require(_threshold > 0, "Threshold must be positive");
    require(_threshold <= guardiansCount, "Threshold too high");
    threshold = _threshold;
}

Recovery Process

The recovery process in SimpleAccountV2 consists of three main steps:

1. Initiation: Any guardian can initiate a recovery process by proposing a new owner address:

function initiateRecovery(address _newOwner) external {
    require(guardians[msg.sender], "Only guardians");
    require(_newOwner != address(0), "Invalid new owner");

    // Create new recovery request
    currentRecovery.newOwner = _newOwner;
    currentRecovery.approvals = 1;
    currentRecovery.hasApproved[msg.sender] = true;

    emit RecoveryInitiated(msg.sender, _newOwner);
}

1. Support: Other guardians can support the ongoing recovery process:

function supportRecovery() external {
    require(guardians[msg.sender], "Only guardians");
    require(currentRecovery.newOwner != address(0), "No recovery in progress");

    if (!currentRecovery.hasApproved[msg.sender]) {
        currentRecovery.hasApproved[msg.sender] = true;
        currentRecovery.approvals++;
        emit RecoverySupported(msg.sender);
    }

    // Execute recovery if threshold is met
    if (currentRecovery.approvals >= threshold) {
        _executeRecovery();
    }
}

1. Execution: When the threshold is reached, the recovery is automatically executed:

function _executeRecovery() internal {
    require(currentRecovery.approvals >= threshold, "Not enough approvals");

    address oldOwner = owner;
    address newOwner = currentRecovery.newOwner;

    owner = newOwner;

    // Reset guardian approval states
    for (uint i = 0; i < guardianList.length; i++) {
        currentRecovery.hasApproved[guardianList[i]] = false;
    }

    // Reset other states
    currentRecovery.newOwner = address(0);
    currentRecovery.approvals = 0;

    emit RecoveryExecuted(oldOwner, newOwner);
}

Cancellation

The current owner can cancel an ongoing recovery process:

function cancelRecovery() external onlyOwner {
    require(currentRecovery.newOwner != address(0), "No recovery in progress");
    delete currentRecovery;
    emit RecoveryCancelled();
}

Integration with UserOperations

The social recovery mechanism works seamlessly with EIP-4337's UserOperation model. When a recovery is executed, the new owner gains the ability to sign UserOperations for the account without requiring the previous owner's private key.

Best Practices for Social Recovery

1. Guardian Selection: Choose guardians carefully, considering both trustworthiness and availability.

2. Diversification: Select guardians from different social circles and/or institutions to reduce collusion risks.

3. Threshold Configuration: Set a threshold that balances security (higher threshold) with recovery convenience (lower threshold).

4. Guardian Education: Ensure guardians understand their responsibilities and how to participate in recovery.

5. Regular Review: Periodically review and update your guardian list and threshold settings.

Security Considerations

1. Guardian Compromise: If multiple guardians are compromised, an attacker could potentially gain control of the account.

2. Social Engineering: Guardians may be susceptible to social engineering attacks targeting the recovery process.

3. Threshold Setting: A threshold set too low increases security risks, while one set too high might make recovery impossible if guardians are unavailable.

4. Owner Notification: The implementation should consider notifying the current owner when recovery is initiated to prevent unauthorized recovery attempts.

Conclusion

Social recovery represents a significant advancement in smart contract wallet security, addressing one of the most challenging aspects of blockchain account management: key loss recovery. Weber's implementation of social recovery within the EIP-4337 framework provides a secure, flexible solution that balances security with usability.

By leveraging guardians and threshold-based approval, users can recover access to their accounts without relying on centralized services or compromising on security principles. This approach maintains the self-custodial nature of crypto wallets while providing practical solutions for real-world recovery scenarios. ```