The CoinCover integration allows users to create a recovery package encrypted with a dedicated CoinCover encryption key. Only CoinCover holds the corresponding decryption key. The encrypted package remains inaccessible to CoinCover unless the customer explicitly grants access. Customers can download the encrypted package at any time, subject to admin quorum approval.
How it works
Encryption key fetched from Coincover. Utila requests an encryption key from CoinCover. Only CoinCover retains access to the corresponding private key, meaning the package can only be decrypted by CoinCover.
The customer does not need to pre-register with CoinCover. As soon as the customer initiates the recovery package flow in Utila, a 30-day eligibility period is automatically granted. During this time, CoinCover will reach out to finalize commercial terms.
Admin quorum approval required. The recovery package creation process requires admin quorum approval. The CoinCover encryption key is presented to the quorum and MPC-signed using the vault’s security key share.
Key shares encrypted and uploaded. Customer key shares are encrypted using the CoinCover encryption key and uploaded to Utila. Utila encrypts its own key shares with the same encryption key and assembles the full recovery package.
Package download gated by quorum approval. The completed recovery package is available for download from Utila. Downloading the package is subject to admin quorum approval. In all cases, the package can only be decrypted using CoinCover’s private key corresponding to the encryption key.
For details about each step, see Create vault backup using CoinCover.