CONTENTS

tldr
user problems
product features
product solutions

a. user journey
shared
linked
distributed

b. user stories
1. raw self custody
2. shared custody
3. multi-device
4. backup shares
5. recovery contact
6. distributed network (off device)
7. temporary accounts

c. technical requirements
1. modes
2. actions 
3. architecture
a. auth layer 
b. session layer 
c. key generation 
d. custody layer 
e. rotation & recovery 
f. relayer, paymaster

d. FAQ
1. why seed phrase → threshold mpc?
2. why 2-device dkls vs shamir & dealer-based mpc?

e. appendix: implementation & deployment

nothing is 100% including security. there are always pros and cons, and seed phrases are top of the list. we want users to be able to avoid seed phrases, rotate secrets, and keep the same address when they do.

• a new user often has the most custody — with least security. a user downloads a wallet app and creates an account. they get: one seed, one key pair. one signer. anyone can copy it, nothing can rotate. all accounts lost if it gets leaked. compromised eoa = attacker owns the address. you must move funds to a new address.

• smart account: contract wallet. can rotate signers and keep address. but still bootstraps from an eoa/seed.

• multisig: multiple eoas must sign. secure if quorum enforced, but all signers still have seeds. compromise of enough signers = loss. address tied to contract.

with realtime custody you can bring any seed phrase, for an existing eoa or eoa with mpc; secure it any way; and keep your address. move through custody models safe, easy, quickly. export any time to private key. here are three levels of service one can choose from.

1. shared w provider — start with a seed, upgrade with mpc and a provider (2-of-3) and social sign in.

2. linked w devices — keep shares only on your devices. sign online or offline (2-of-2).

3. distributed off-device ****— spread shares across a network of nodes (m-of-n).

what this delivers

• don’t need to back up and re-enter a seed phrase → remove seed phrases with safer recovery

• won’t expose private key during signing → sign without exposing keys

• don’t need to rebuild wallet → rotate shares in place, no new key, keep same address

a user downloads a wallet app. they get the bare wallet: one seed, one key pair. one signer. anyone can copy it, nothing can rotate. all accounts lost if it gets leaked.

shared

user navigates to real time custody website and creates an account. we walk the user through upgrades in one continuous flow. first, they destroy the seed and split the key or seed into shares with MPC. now custody is shared, recoverable.

linked

then they link another device — custody gets stronger, not dependent on a provider. they add backups and add a recovery contact.

distributed

then they push shares off devices onto a distributed network, and finally spin up temporary accounts to protect their main funds.

1. single key pair with seed phrase

2. shared custody – move to MPC, no seed, threshold shares with cloud

3. multi-device – add second device, strengthen custody with 2-of-2

4. backup shares – add cloud or encrypted backup for recovery

5. recovery contact – add contact, enable 2-of-3 thresholds

6. distributed network – move shares to guardian nodes

7. temporary accounts – burner/session mode, isolate from main

user begins with a seed phrase and a single key pair. the goal is to improve custody and prepare for transition.

requirements

import existing EOA (seed/private key)

rotate keys while keeping same address

allow optional social sign-in for account linkage

provide migration path into shared custody

user upgrades to MPC. the seed is destroyed, and the key is split into shares (device + cloud). this is the first real transformation: no seed, threshold keys, recoverable.

requirements

mpc scheme (dkls or equivalent)

threshold setup (1-of-2, 2-of-3)

cloud provider integration (google, icloud)

social login binding to provider share

user adds a second device for stronger control (2-of-2). this removes reliance on the cloud provider.

requirements

cross-device pairing (qr, bluetooth)

sync shares across devices

ui for thresholds and permissions

user protects against device loss by backing up shares.

requirements

cloud backup (google drive, icloud)

encrypted local backup/export format

recovery flows for restore

user adds a contact to help recover. system moves to a 2-of-3 model.

requirements

add/remove recovery contacts

verify contact identity (email/sms/social)

permission management (recovery vs signing)

user moves remaining shares off device into a distributed guardian network. custody is enforced by the network.

requirements

distributed storage protocol (guardian nodes)

api for share distribution/retrieval

threshold enforcement across nodes

monitoring for availability/redundancy

user spins up isolated accounts for short-term use. this keeps main funds safe while enabling casual or private activity.

requirements

burner/session account support

isolation from main funds

auto-funding or balance-sharing

ephemeral storage with auto-expiry

threshold mpc splits the secret into shares and removes the single point of failure. users never copy long mnemonics and can refresh shares in place.

seed-phrase custody is eliminated by splitting the private key into two encrypted shares stored only on the user’s devices. when a transaction is approved on both devices, mpc (dkls ’23) combines the shares, signs, and discards intermediate data.

what this delivers

• don’t need to back up and re-enter a seed phrase → remove seed phrases with safer recovery

• won’t expose private key during signing → sign without exposing keys

• don’t need to rebuild wallet → rotate shares in place, no new key, keep same address