Bricked Account Recovery

[piotr-dziubecki]

Accounts can accidentally send money to the wrong address. There should be a mechanism for recovering funds lost this way provided there is community buy-in.

[SamuelSchlesinger]

This is incredibly problematic. It seems to me that it necessarily increases the effective confirmation time for users to the amount of time users are allowed to wait until requesting a refund.

[SamuelSchlesinger]

One can introduce a contract on-chain for managing these types of revocable transactions in many different ways (depending on individuals desires/needs), it need not be built into the protocol.

[goral09]

One can introduce a contract on-chain for managing these types of revocable transactions in many different ways (depending on individuals desires/needs), it need not be built into the protocol.

Thank you for joining the discussion. Do you know how other projects solve this problem? Like Ethereum, Cardano, BSC, Polkadot, Solana, etc.?

[KillianH]

One can introduce a contract on-chain for managing these types of revocable transactions in many different ways (depending on individuals desires/needs), it need not be built into the protocol.

Agree. This problem is on every blockchain. The only real solution is to improve UX/UI but this problem will always happen. People make mistakes.

[GuybrushX]

I think this is something which should be discussed a bit further since it can cause a significant and non-recoverable loss very easily. I also know of 1 individual who transferred a pretty decent amount to a wrong address. IIRC the mistake was that the recipient's wallet address was somehow pasted twice on cspr.live which was accepted and resulted in the wrong wallet.

Some thoughts/ideas:

• Transfers could be made "transactional" like in a SQL database: either the sender and/or the receiver could be required to "commit" and thereby confirm and accept the (pending) transfer -> this could be optional. It would allow the sender/receiver to check a pending transaction and if everything looks OK it can be confirmed. There could be a (configurable?) timeout after which the transfer will be refunded to the sender if it's not confirmed. It could also be added the option to cancel such a transaction as long as it wasn't confirmed by the sender/receiver. There probably needs to be a deeper discussion about this and some typical scenarios - including potential security concerns. I'm happy to join that discussion and contribute.
• Checksummed addresses are another way but they don't catch cases when the wrong address is used - similar to the IBAN system: if the receiver doesn't return your funds they are just gone.
• ENS (Ethereum Name Services) are another solution but they also don't catch a copy & paste error or a typo - also not sure if they check that the address exists so not ideal as well

For me my idea sounds like a pretty easy solution - actually so easy that I don't know why it's not implemented by everyone already ;-)

Did I miss something?
Any security/abuse concerns?
What are your thoughts on that idea?