TLDR
This frustrating product team has designed "recovery password" to be equivalent to a "mnemonic phrase". If you lose the recovery password, you lose your wallet—permanently lost.
Preface
As of now, my Binance Web3 wallet has been lost for six months! I can only watch it sitting in Binance, and there's nothing I can do about it.
After communicating with customer service and related product colleagues, I have roughly understood its implementation principle. Not knowing was better; knowing makes it hard to resist venting about this product's design… three thousand words omitted here.
Binance Wallet Shard Storage Solution
Share 1 (User Device Shard): Stored on the user's current device.
Share 2 (Shard stored by Binance): Stored on Binance's servers.
Share 3 (User Cloud Storage Shard): Users can choose to back up the third shard to personal cloud storage (like Google Drive or iCloud). Note: This has been encrypted.
Any two shards can access or restore the wallet.
Shard Combination
Combination One: Share 1 + Share 2
Share 1 (User Device Shard) + Share 2 (Shard stored by Binance):
This combination allows you to operate the wallet directly. However, if your device loses Share 1 due to upgrading the Binance app or clearing the cache, you will have to enter the recovery process (I entered the recovery process because I upgraded the app).
Combination Two: Share 2 + Share 3
Share 2 (Shard stored by Binance) + Share 3 (User Cloud Storage Shard):
This combination enters into the so-called recovery process (i.e., Share 1 shard is unavailable). The key issue arises: since the Share 3 shard has been encrypted, it must be decrypted using the recovery password; otherwise, even if backed up, Share 3 becomes unusable.
Product Design Issues
Recovery password has become a single point of failure
In other words, you need to write down the recovery password on paper or other devices like a mnemonic phrase. If you lose the recovery password, then your backed-up shard Share 3 becomes unusable.
Imagine, if you forget the login password for Binance, but you can recover your account through your phone, email, and other means. However, if you were told that you could only try to remember the password to log in, wouldn't you be very frustrated? But today, if you forget the recovery password, you will find yourself in such a predicament!
Backup is ambiguous
To put it bluntly, your backup is just a step in the backup process; the real backup requires users to back up the recovery password on paper or other devices. (🤔: So why not use a mnemonic phrase from the beginning? Isn't that redundant? I really don't understand what your MPC solution is for.)
User Mindset
At the beginning, users wouldn't have a clear understanding of your implementation mechanism. The subconscious belief is that if you let us back up shards to cloud storage, we can recover the wallet through those cloud storage shards. Users won't remember the recovery password on paper like a mnemonic phrase, which is a serious risk.
I believe that today's users can potentially recover passwords through some social means; passwords are not the same as mnemonic phrases. However, in your design, the recovery password has actually become equivalent to a mnemonic phrase. There's a serious cognitive issue here!!!
Risk
As more and more users upgrade their wallets or devices, they will encounter the process of wallet recovery due to Share 1 shard becoming ineffective, and I estimate that many will forget their recovery passwords. My funds are small, so losing them is whatever. But I can't imagine how anxious someone with a large amount of funds would be in this situation. I just can't stand this product design anymore and had to vent.