Argent: The most secure wallet

Enjoy peace of mind with multisig security and no seed phrase

Tagged

Itamar Lesuisse

Oct 3, 2024

Quick summary

We built Argent for security. For people with $50K-$1m plus that need smooth access to decentralized finance (DeFi).

Argent is the only wallet with multisignature security and social recovery (which Ethereum Founder Vitalik Buterin says is his "preferred method for securing a wallet"). This means you enjoy peace of mind with:

Protection from theft:

  • All transactions are automatically blocked unless they're to an address you trust - or you approve them with multifactor authentication. It's just one tap to transact with a trusted address.
  • This protects every Ethereum asset, including multimillion-dollar NFTs.

Protection from loss:

  • You never need a seed phrase. This eliminates the single point of failure that undermines traditional self-custody wallets, including hardware wallets.

Other important security features include:

  • You're in control: Not us. Not anyone else. If Argent is abducted by aliens you can use another Ethereum wallet to move your assets out. (More details here).
  • Battle tested: Argent is open source, regularly audited, and has been battle tested for over three years.

Here's the breakdown of how Argent's security works. At the heart of it are guardians.

Introducing guardians

A guardian is an account on the Ethereum blockchain that you give permission to help you with limited security actions. A guardian never has access to your assets.

A guardian can be:

  1. A hardware wallet, for example a Trezor or Ledger.
  2. A MetaMask account
  3. A person you’ve selected because you trust them (e.g. a friend or family member).
  4. Argent's two-factor option, this automated solution uses 2-factor authentication via phone and email.

You can pick and choose any combination you like.

Changing guardians

You can change your guardians with just a couple of taps of the app. Changes take 36 hours to come into effect. The delay gives you time to prevent any unwanted changes by locking your wallet.

The only time there's no delay is when adding a first guardian. This is to ensure you can benefit from the security they bring as soon as possible.

Protect your Argent Ethereum wallet with Guardians

How can your guardians help you?

You can use your guardians to:

  1. Authorise transactions
  2. Help you recover your wallet
  3. Lock and unlock your wallet

Here's how they do it.

1. Protection from theft with multisig security

Argent provides multi-factor, multisig, bullet-proof security

All transactions to untrusted addresses are automatically blocked unless you use guardians. Transactions to trusted addresses are seamless.

This applies to both transfers and DeFi / Dapp use.

1.a. Transfer protection

You choose which contacts to trust. You can remove them at any time. Adding a trusted contact has a security period of 36 hours.

Send in a tap to a trusted address (i.e. a family member or your Coinbase Pro account). Use guardians for everything else.

This applies to every Ethereum asset, including the highest value NFTs.

A significant benefit of this level of security is that it would protect you even if your private key was somehow compromised. Nevertheless, to protect your private key, we also use all the available security features on iOS and Android, such as biometrics, keychain, and Secure Enclave, as well as a six-digit user pin code. The pin code helps to encrypt the private key (for those of you interested in cryptography: we use PBKDF2 and AES256 in Galois/Counter Mode).

1.b. Transaction protection for DeFi & Dapps

As with transfers, everything untrusted needs guardians; everything trusted is accessible in a tap.

To combine control and convenience, you can use Trust Lists and Trusted Sessions.

Trust Lists

Trust Lists are a selection of Dapps - and more precisely, specific functions within Dapps - where you don't need to use guardians because they're trusted.

We've started with the "Argent Trust List". Key details:

  • The list includes the specific Dapps and functions integrated natively within Argent (e.g. Paraswap, Compound, Aave, Lido).
  • It's managed by us to stay in sync with those integrations. For security, it has a 1 week timelock for adding a Dapp, while removing a Dapp is instant. You can read more on this here.
  • You're always in control. The list will be active by default but you can disable it in a tap. In doing so you're making your Argent wallet a full multisig.

The next list we'll introduce will be a "WalletConnect trust list". Unlike the Argent list, you'll need to enable it yourself; it will be inactive by default.

What does a Trust List look like when applied to specific functions?

  • Take Compound, for example. A deposit of Dai in Compound won't need guardian approval as it doesn't present a security risk because you just get cDai in return. But sending cDai out of your wallet to an untrusted address will require guardian approval.

It's important to note that even if a Dapp from the Trust List had a bug, it wouldn't affect your wallet. The private key on your phone is still needed to trigger any transaction.

You are always 100% in control of your crypto with your Argent vault
Trusted Sessions

Trusted Sessions are periods of time where you don't need guardian approval.

Sessions can last:

  • 1 hour
  • 3 hours
  • 1 year (we expect this will be for smaller wallets only).

How do Sessions work?

Through the app you'll create a new, temporary private key. Once authorized by your guardians, that key will be able to take any action without guardians for the duration of your session.

At the end of the session the key becomes useless and is discarded. You can, of course, cancel a session at anytime if you change your mind.

2. Recover without a seed phrase

Traditionally there has been a massive problem with self-custody wallets, including hardware wallets: seed phrases.

The future of money should not depend on a password written on paper.

You may lose it. Someone else might find it.

Argent has a better way: recovery with guardians.

Recovery with guardians is easy:

  1. Download the Argent app on your new phone.
  2. Tap ‘Recover wallet’.
  3. Enter your username (e.g. natasha.argent.xyz).
  4. For human guardians: Speak to them and share the four emojis on your screen. If a majority confirm they match, then a 48 hour window starts. During this time you can cancel the recovery. If there’s no cancellation, you recover your wallet.
  5. For hardware wallet or MetaMask guardians: Please go to security.argent.xyz and follow the instructions there.
  6. For Argent's 2FA guardian: Enter the code sent to your phone, and verify by email.

Approving a recovery requires a majority of guardians. This is because it makes the system even more secure. How this works is that you and your guardians can each sign an instruction to the smart contract, e.g. ‘Yes, this recovery attempt is legitimate’. You can also cancel a recovery if you have a majority out of you and your guardians.

Now you’re protected from the risk of losing access to your funds. But that’s not all Argent protects you from.

3. Wallet locking

You can ask a guardian to lock your wallet. The wallet can’t then make transactions. This is useful in case your phone is lost or stolen and you want to protect it beyond the phone-layer security.

When a guardian locks a wallet, a 5-day security period starts. This gives you time to get a new phone and recover your wallet. (Locking doesn’t prevent recovery, for precisely this reason).

Any guardian can unlock a wallet, including the one that originally locked it.

How is this security possible?

Argent is able to provide unrivaled security because it's built on Ethereum smart contracts. This means we can add the security features you'd expect from a great bank (such as automatically blocking fraudulent transfers) without being a custodian.

Our smart contracts are audited and open source. You can find them on our Github. They've been battle tested for over three years.

Conclusion

Crypto offers a unique opportunity to fundamentally rethink our digital future. It gives us the potential to build a new, fairer internet that puts people first. We hope Argent represents a step change in its usability and security.

We couldn’t be more excited about the coming months and look forward to hearing from you as we work together on perfecting the experience.

You can find us @argenthq or in our Discord.