# realtime custody

> a proof of concept

**Published by:** [accountless.eth](https://paragraph.com/@accountless-2/)
**Published on:** 2025-11-19
**URL:** https://paragraph.com/@accountless-2/realtime-custody

## Content

CONTENTS tldr user problems product features product solutions a. user journey shared linked distributed b. user stories 1. raw self custody 2. shared custody 3. multi-device 4. backup shares 5. recovery contact 6. distributed network (off device) 7. temporary accounts c. technical requirements 1. modes 2. actions 3. architecture a. auth layer b. session layer c. key generation d. custody layer e. rotation & recovery f. relayer, paymaster d. FAQ 1. why seed phrase → threshold mpc? 2. why 2-device dkls vs shamir & dealer-based mpc? e. appendix: implementation & deploymenttldrnothing is 100% including security. there are always pros and cons, and seed phrases are top of the list. we want users to be able to avoid seed phrases, rotate secrets, and keep the same address when they do.user problemsa new user often has the most custody — with least security. a user downloads a wallet app and creates an account. they get: one seed, one key pair. one signer. anyone can copy it, nothing can rotate. all accounts lost if it gets leaked. compromised eoa = attacker owns the address. you must move funds to a new address.smart account: contract wallet. can rotate signers and keep address. but still bootstraps from an eoa/seed.multisig: multiple eoas must sign. secure if quorum enforced, but all signers still have seeds. compromise of enough signers = loss. address tied to contract.product featureswith realtime custody you can bring any seed phrase, for an existing eoa or eoa with mpc; secure it any way; and keep your address. move through custody models safe, easy, quickly. export any time to private key. here are three levels of service one can choose from.shared w provider — start with a seed, upgrade with mpc and a provider (2-of-3) and social sign in.linked w devices — keep shares only on your devices. sign online or offline (2-of-2).distributed off-device ****— spread shares across a network of nodes (m-of-n).product solutionswhat this deliversdon’t need to back up and re-enter a seed phrase → remove seed phrases with safer recoverywon’t expose private key during signing → sign without exposing keysdon’t need to rebuild wallet → rotate shares in place, no new key, keep same addressa. user journeya user downloads a wallet app. they get the bare wallet: one seed, one key pair. one signer. anyone can copy it, nothing can rotate. all accounts lost if it gets leaked.shared user navigates to real time custody website and creates an account. we walk the user through upgrades in one continuous flow. first, they destroy the seed and split the key or seed into shares with MPC. now custody is shared, recoverable. linked then they link another device — custody gets stronger, not dependent on a provider. they add backups and add a recovery contact. distributed then they push shares off devices onto a distributed network, and finally spin up temporary accounts to protect their main funds.single key pair with seed phraseshared custody – move to MPC, no seed, threshold shares with cloudmulti-device – add second device, strengthen custody with 2-of-2backup shares – add cloud or encrypted backup for recoveryrecovery contact – add contact, enable 2-of-3 thresholdsdistributed network – move shares to guardian nodestemporary accounts – burner/session mode, isolate from mainb. user stories1. raw self custodyuser begins with a seed phrase and a single key pair. the goal is to improve custody and prepare for transition. requirements import existing EOA (seed/private key) rotate keys while keeping same address allow optional social sign-in for account linkage provide migration path into shared custody2. shared custodyuser upgrades to MPC. the seed is destroyed, and the key is split into shares (device + cloud). this is the first real transformation: no seed, threshold keys, recoverable. requirements mpc scheme (dkls or equivalent) threshold setup (1-of-2, 2-of-3) cloud provider integration (google, icloud) social login binding to provider share3. multi-deviceuser adds a second device for stronger control (2-of-2). this removes reliance on the cloud provider. requirements cross-device pairing (qr, bluetooth) sync shares across devices ui for thresholds and permissions4. backup sharesuser protects against device loss by backing up shares. requirements cloud backup (google drive, icloud) encrypted local backup/export format recovery flows for restore5. recovery contactuser adds a contact to help recover. system moves to a 2-of-3 model. requirements add/remove recovery contacts verify contact identity (email/sms/social) permission management (recovery vs signing)6. distributed networkuser moves remaining shares off device into a distributed guardian network. custody is enforced by the network. requirements distributed storage protocol (guardian nodes) api for share distribution/retrieval threshold enforcement across nodes monitoring for availability/redundancy7. temporary accountsuser spins up isolated accounts for short-term use. this keeps main funds safe while enabling casual or private activity. requirements burner/session account support isolation from main funds auto-funding or balance-sharing ephemeral storage with auto-expiryc. technical requirementsd. faq1. why seed phrase → threshold mpc?threshold mpc splits the secret into shares and removes the single point of failure. users never copy long mnemonics and can refresh shares in place.2. why 2-device dkls vs shamir & dealer-based mpc?seed-phrase custody is eliminated by splitting the private key into two encrypted shares stored only on the user’s devices. when a transaction is approved on both devices, mpc (dkls ’23) combines the shares, signs, and discards intermediate data. what this deliversdon’t need to back up and re-enter a seed phrase → remove seed phrases with safer recoverywon’t expose private key during signing → sign without exposing keysdon’t need to rebuild wallet → rotate shares in place, no new key, keep same address

## Publication Information

- [accountless.eth](https://paragraph.com/@accountless-2/): Publication homepage
- [All Posts](https://paragraph.com/@accountless-2/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@accountless-2): Subscribe to updates
- [Twitter](https://twitter.com/alexanderchopan): Follow on Twitter