👯Social Recovery

Never lose your BrightID ⚠️

Social recovery is a process where you can recover your BrightID with consent from people you trust.

Why is it important?

• To regain your BrightID if:

  • You lose your mobile phone.

  • The app accidentally gets uninstalled.

  • It gets stolen.

• To migrate your BrightID to a new phone.

Who should be your recovery connections?

• The connections must consent to be your recovery and mark you as "already known." They must also really know you just as well as you know them. These are people you will never forget, nor they forget you. A public and well-known person like the connection party host is only suitable to be your recovery connection if you know each other personally. If they do not already know you personally, you will not have their consent to be your recovery connection.

• They must be someone you trust not to steal your BrightID.

• They must be reliable, as you will need to be able to reach out and contact them every time you need to recover your BrightID.

NOTE:

• If they do not want to bother with getting it, your recovery connections do not have to have a BrightID verification like "Meets"; Only installing the app and keeping it updated is necessary. Close family and friends usually do not mind the responsibility, and they are indeed a popular choice among BrightID holders to rely on them for recovery.

• You must select at least three recovery connections. Ideally, around seven recovery connections can make it optimally secure. Greater the number of stable recovery level connections, the better.

• As you will see below, only two recovery connections are needed to be present for the actual recovery process.

🔐 Setting up social recovery

Before you start, connect to at least three people you know personally and trust. If they still need to get BrightID, have them install it.

For recovery, two types of information must be secured, the first being the most essential.

1. BrightID private key It is secured through a secret sharing mechanism with recovery connections.

2. Profile data - Your and your connection's names and photos It is secured by password and stored peer-to-peer with your contacts locally in connection's mobile phones. Your recovered BrightID can be functional even if the profile data could not be retrieved during recovery as long as the private key was recovered successfully.

1) Securing BrightID private key

Step 1. Go to Menu on your BrightID app's home screen.

Step 2. Select Recovery Connections.

If you are new to BrightID, and since Social Recovery is so important, you will continually receive an alert to set it up until it is done. You can also tap the alert message to get to the recovery connections screen.

Step 3. Choose your recovery connection from the eligible connection list.

Again, recovery connections are meant to help you recover your BrightID. Be careful whom you choose because they can take over your BrightID if two of them decide to cooperate against you.

The app will show you the list of eligible people for your recovery connection.

The eligibility criteria for someone to be your recovery connection is that the person should have marked you as '😎 Already Known,' and you have marked them as '😎 Already Known' as well.

Step 4. Click the 'Add' button to confirm your selection.

2) Securing Profile data

Set up a password to encrypt and back up profile data consisting of your name and photo and the names and photos of your connections. You can view or change this password from your profile screen, accessible from the Menu. Even though it is less essential than securing the private key, take measures to secure it; Write it down and keep it safe so you can remember it when needed.

Recovering your BrightID Using Social Recovery

Step 1. Install the BrightId app on your mobile phone. Select the “Recover” button on the screen you see when you first open the BrightID app.

Step 2. The app will show a QR code. Show the QR code to two of your recovery connections or Select 'Copy' to share it with them as a link.

Make sure your recovery connections have the same version of BrightID as your newly installed one; It will be the latest. Have them upgrade to the latest version before proceeding further. Watching out for new update announcements and keeping your and your connection's BrightID updated is a good practice to ensure your recovery goes smoothly. Follow us on Twitter at @BrightIDProject, so you do not miss these important announcements.

Step 3. On your friend side, after they scan your QR code or open the link you share, your friends will see a list of users. They must carefully identify you and correctly select your BrightID as the BrightID they are helping to recover.

You will be notified every time one of them scans the code or uses the link.

Step 4. Once two of your recovery connections finish Step 3, the app will start downloading your data from your recovery connections. A green check mark will indicate that the downloading process is done.

Step 5. Enter your password to restore the profile data.

Recovery is much smoother if you remember the password, but if you do not remember it, you may skip it. As mentioned earlier, it is less essential than recovering your private key for your recovered BrightID to be functional.

Once all steps are done, you will be taken to your BrightID home screen. Congratulations! 🎊

When you recover, BrightID in your old phone becomes invalidated and useless if you or someone still has it. If you have the old phone, it is safe to uninstall BrightID from it.

Updating recovery connections

You can change your recovery connection by (i) adding another connection to your recovery connection and (ii) changing the connection level of the existing connection on the Recovery Connection page.

For your security, changes on recovery connections will take effect after seven days. The period is called the cool-down period, and it helps if someone deliberately steals your mobile phone to steal your BrightID by changing your recovery connections. It allows you to recover your BrightID to a new mobile phone before they do. As mentioned before, BrightID on the stolen or old mobile phone automatically becomes invalidated and useless when you recover to a new mobile phone.

✏️ Adding recovery connection

Step 1. Go to Menu on your BrightID app's home screen.

Step 2. Select 'Recovery Connection.'

Step 3. Select 'Add more recovery connections.'

Step 4. Choose the additional recovery connection from the eligible connection list.

Step 5. Click the 'Add' button to confirm your selection.

✏️ Remove or downgrade your existing recovery connection

Step 1. Go to Menu on your BrightID app's home screen.

Step 2. Select Recovery Connection.

Step 3. Select the blue pencil icon next to the recovery connection you want to remove or downgrade.

Step 4. Change that connection level from "🔐 Recovery" to "😎 Already Known" or any other connection level. See more info about connection levels here.

Step 5. Click the 'Save' button to confirm the change you made.