Private email recovery with ZK Email

TL;DR

Rhinestone has partnered with ZK Email to bring private email recovery to all smart accounts, starting with Safe and ERC-7579-native accounts. The module is under audit and will be available via the ModuleSDK in Q3 2024.

For developers who want to build other kinds of on-chain tools with ZK Email, Rhinestone will also develop a ZK Email module template that will be available via ModuleKit. This template will make it dead easy for any developer to build new smart account modules and dapps that utilize ZK Email, just by writing Solidity specifications for emails.

We’re excited about ZK Email for many reasons. Not only does this module unlock features never seen before, but it also breaks new ground when it comes to developers utilizing smart account modules as a distribution method. For ZK Email, this module provides 1) a direct integration path to a users’ existing smart account, and 2) it can be consumed by wallet developers who wish to modify how ZK Email consumes email content to recover a user account.

Why ZK Email

The web2 ecosystem has many great products and services. In an ideal world, web3 developers could seamlessly leverage this to improve upon what came before. To do this, we require trustless integration methods from offchain to onchain. Without this, blockchain applications can feel isolated, siloed, or even inaccessible. This can be tolerable for DeFi and gaming, where applications can be fully self-encompassed experiences. However, for social applications that aim to be plugged directly into the users’ everyday lives, this can be limiting.

ZK Email is looking to solve this problem by providing a trustless and privacy-preserving mechanism for using offchain data onchain.

ZK Email unlocks what is called “provenant data.” Provenant data is self-attesting data that can be verified onchain without any additional protocol acting as a trusted third-party verifier. By only exposing specific parts of the provenant data, ZK Email can make the data programmably private. As ZK Email puts it, “programmable provenance is the holy grail of web2-web3 integration”.

What does this mean in simple terms?

ZK Email provides a service that allows users to self-attest their information or identity by utilizing DKIM (DomainKeys Identified Mail) and an open-source ZK verifier. DKIM is an email authentication protocol that uses a cryptographic signature to let the recipient know that the message was sent and authorized by the domain owner. All legitimate email providers (e.g., Gmail) utilize this open-source technology. The result is that anything that can be proved via email (e.g., ownership of an X / Twitter handle) can be ingested onchain in a privacy-preserving manner using ZK Email.

This is a huge unlock for web3 application developers, especially when paired with smart accounts. As such, we are excited to announce the following:

• ZK Email partners with Rhinestone to bring private email recovery to the ERC-7579 smart account ecosystem.
• Rhinestone will develop a ZK Email module template that will be added to ModuleKit and act as a wrapper around ZK Email’s core contracts. This template will allow any developer to easily build smart account features on top of ZK Email and ERC-7579 smart accounts.

ZK Email Recovery Module

Key management is an important but daunting job for any self-sovereign crypto owner. One of the most well-known benefits of smart accounts is key rotation, which allows for account recovery if the user’s key is lost or compromised. However, recovery is still fraught with problems. Who should be trusted as a guardian? Does this person have the appropriate key management processes and security in place?

Often, users prefer to trust themselves, adding secondary wallets (such as a hardware signer) or secure third-party services (such as the iCloud KeyChain) as guardians. With the ZK Email Recovery Module, users can now use an email address as a guardian without revealing the email address.

This module is ERC-7579-native and will be available to any developer building with the Safe via our Safe7579 adapter, ZeroDev’s Kernel V3, Biconomy’s upcoming Nexus account, or Etherspot’s Prime account.

For a deeper dive into the inner workings of the ZK Email Recovery Module, jump into the ZK Email blog.

Making ZK Email Composable for Any Developer

ZK Email’s functionality is highly extensible. For this reason, Rhinestone will also be building a module base that acts as a template for any developer wishing to utilize ZK Email with smart accounts. We believe this will open up many new smart wallet features that continue to improve Web3 UX and unlock novel privacy-preserving products.

We’ve already seen several new applications using ZK Email in innovative ways. For example, ZKP2P provides P2P crypto on-ramping and payments, utilizing ZK Email to extract payment information from receipt emails as proof of payment. This enables users to send USD via Venmo and receive/send USDC onchain. Nozee uses ZK Email to create pseudonymous social media with verified email domains.

But this is just the beginning. We are excited to see applications covering many onchain problems, from privacy-preserving KYC, new asset ownership and transfer mechanisms, DAO governance and authorization mechanisms, controlling wallet functions through email, privately claiming assets using any verifiable web2 credential, and many more.

Start Building with ZK Email

The ZK Email Recovery Module will launch in Q3 2024 and work seamlessly with any ERC-7579 smart account, including Safe, via the Safe7579 adapter. The module will be open source and accessible to dapps via the ModuleSDK.

The ZK Email module base is currently under development. If you are interested in building smart account apps that utilize ZK Email and smart account modules, please reach out so that we can ensure our initial release meets your needs. In the meantime, please check out ModuleKit and our existing tooling, templates, and third-party integrations.

Conclusion

We’re excited about ZK Email for many reasons. It can power novel smart account products that serve real user needs. Private email recovery is a clear and simple demonstration of this. It also demonstrates how smart account modules provide a platform for distributing products and services directly to the user account or wallet. Finally, the ZK Email module base shows how smart account modules can be a developer-to-developer distribution mechanism and power open smart account innovation.

Thanks to Yush, John, and Sora for the open collaboration! We look forward to bringing more novel products to the ERC-7579 ecosystem.

Follow us on X

• Rhinestone
• ZK Email