- Circle Research seeks to enhance the security of ERC-20 tokens through the implementation of a customizable and programmable recovery mechanism.
- Recoverable wrapper tokens can protect developers and users from thefts and illicit finance.
- Circle Research presents multiple configuration sets, or ways to implement and design tailored recoverable wrapper tokens.
Barrier to Entry: Theft and Security
Annual losses due to token theft and accidents are in the billions of dollars. In 2021, $3.3 billion was stolen in crypto hacks, and that number jumped to $3.8 billion in 2022.
The immutability, or irreversibility of blockchain transactions is a fundamental characteristic that offers key benefits. However, it also presents challenges, such as rendering thefts and illicit activities permanent and irretrievable by default. This reality makes it hard for many retail users, consumers, and businesses to adopt blockchain systems.
Recoverable Wrapped Tokens
One way to protect assets from theft is to strengthen the security of asset keys and to improve the quality of Web3 code. A complementary approach, explored in depth last year by Stanford researchers including Dan Boneh, is to extend the ERC-20 interface to support asset recovery with the “ERC-20R.” In the same vein, the Circle Research team explored recoverable wrapper tokens, building upon the aforementioned Stanford research paper. Our effort aims to construct a configurable and programmable recovery mechanism to benefit both developers and users of ERC-20 tokens.
This proposed mechanism revolves around recoverable wrapper tokens. Users can wrap their ERC-20 asset by locking them in the recoverable wrapper token contract in order to receive an equal number of wrapper tokens in return. Wrapping the tokens protects users from thefts, and still maintains most of the utility found in the token’s base form. One core difference, however, is that recoverable wrapper tokens can be recovered back to the sender within a certain time window post-transaction (say, 24 hours). Consequently, each user will have two distinct balances of the token: a settled balance (non-recoverable) and an unsettled balance (recoverable). Only settled tokens may be unwrapped back into their base form.
Building beyond the thesis put forth in the ERC20R paper, we present multiple configuration sets, or ways to implement and design a recoverable wrapper token, each with their own use cases and attributes. For instance, one version is an arbitrated wrapper appropriate for a targeted, designated ecosystem with a trusted governance. Another version offers more of a cancellable send button, where transactions simply take a longer, custom period of time to settle than the chain’s finality. Different configuration sets can still be interoperable with each other, as long as they conform to a shared interface. We provide the IERC20R contract as this interface.
As an example, we developed the arbitrated wrapper version for protecting USDC or any token (completed audit report coming soon). This will soon be available for Circle's recently unveiled Smart Contract Platform, so developers have a template to experiment with and provide token recoverability features to their users.
On the Horizon
This research brings us one step closer to unlocking improved blockchain use cases such as cancellable payments, arbitrated ecosystem tokens, or protection for a DeFi protocol’s assets. However, one challenge yet discussed is composability with the existing DeFi ecosystem when the wrapper token is used in that context.
In our next installment from Circle Research, we will discuss this challenge in depth as well as a potential solution, called “R-Pools.” This joint collaboration with Qinchen Wang and Dan Boneh from Stanford will be presented at the ACM CCS conference DeFi Security workshop in Copenhagen on November 30. Stay tuned!
Have a question or Interested in a research collaboration? Please reach out to email@example.com.