# Account Recovery Social Recovery allows users to regain control of their accounts by replacing the owner key through a set of trusted Guardians, with a built-in time delay so owners can cancel unauthorized attempts. The Candide Social Recovery Module accepts any Ethereum address as a guardian: family and friends' wallets, hardware wallets, institutions, or email/SMS cloud wallets. ## How Recovery Works[​](#how-recovery-works "Direct link to How Recovery Works") Recovery replaces a lost or compromised owner key with a new one, authorized by a quorum of trusted guardians. ### Guardians and Thresholds[​](#guardians-and-thresholds "Direct link to Guardians and Thresholds") The account owner chooses their guardians and sets a threshold: the minimum number of guardians required to approve a recovery. A typical setup is 3 guardians with a threshold of 2, ensuring no single guardian can take over the account. Guardians can be any Ethereum address. They do not need to hold any funds, and they have no control over the account during normal operations. ### The Recovery Flow[​](#the-recovery-flow "Direct link to The Recovery Flow") 1. A guardian (or the recovery service) submits a recovery request specifying new owner(s) 2. Other guardians sign to approve the request until the threshold is met 3. The recovery is executed, starting a **grace period** 4. After the grace period, anyone can finalize the recovery to complete the ownership transfer ### Grace Period[​](#grace-period "Direct link to Grace Period") The grace period is a time delay between execution and finalization. It gives the current owner a window to cancel unauthorized recovery attempts. If the owner still controls the account, they can call `cancelRecovery` at any point during this period. ### Privacy[​](#privacy "Direct link to Privacy") Guardians are encouraged to use fresh Ethereum addresses. This keeps their identity private and prevents malicious guardians from coordinating against the owner. Since guardians never need to hold funds or submit on-chain transactions during normal operation, fresh addresses have no cost. ## Recovery Methods[​](#recovery-methods "Direct link to Recovery Methods") Both recovery methods can be used independently or combined. For maximum security, use both. For example, a 2-of-3 setup with two personal guardians and email/SMS recovery as the third. | | Personal Guardians | Email / SMS Recovery | | ------------------ | ------------------------------------- | ----------------------------------------- | | **Guardian type** | Users add their own guardians | Candide signs after email/SMS OTP | | **Key management** | Required (guardian private keys) | Not required | | **Best for** | Trusted contacts, hardware wallets | Consumer apps, users who prefer email/SMS | | **Setup guides** | Add Guardian → Recovery Flow → Alerts | Enable Email/SMS → Recovery Flow | ## Getting Started[​](#getting-started "Direct link to Getting Started") ### Personal Guardians[​](#personal-guardians "Direct link to Personal Guardians") Start with [Add a Guardian](https://docs.candide.dev/wallet/plugins/how-to-add-a-guardian.md), then follow the [Recovery Flow Guide](https://docs.candide.dev/wallet/plugins/recovery-flow-guide.md) and [Recovery Alerts Guide](https://docs.candide.dev/wallet/plugins/recovery-alerts-guide.md). ### Email / SMS Recovery[​](#email--sms-recovery "Direct link to Email / SMS Recovery") Start with [Enable Email / SMS Recovery](https://docs.candide.dev/wallet/plugins/add-candide-guardian.md), then follow the [Recovery Flow](https://docs.candide.dev/wallet/plugins/recover-account-candide-guardian.md) guide. ## Resources[​](#resources "Direct link to Resources") * **How it works**: [Making Accounts Recoverable](https://docs.candide.dev/blog/making-accounts-recoverable) * **Contracts, audits & formal verification**: [candide-contracts](https://github.com/candidelabs/candide-contracts) * **Deployment addresses**: [Social Recovery Module](https://docs.candide.dev/wallet/technical-reference/deployments/.md#social-recovery-module) * **Recovery frontend (SafeCover)**: [recovery.candide.dev](https://recovery.candide.dev) ([source](https://github.com/candidelabs/safecover)) * **Recovery Service API**: [Safe Recovery Services](https://docs.candide.dev/wallet/recovery/overview.md) * **SDK Reference**: [SocialRecoveryModule](https://docs.candide.dev/wallet/plugins/recovery-module-reference.md)