Self-custody made easy!
Starting April 7th, 2025, Smart Custody is in private BETA for @grinderyAiBot. The system will reset in approximately 10 days, meaning (i) you'll need to set it up again and (ii) you cannot lose access to your wallet and funds during this period. Please report any issues or suggest improvements via Slack or the Grindery community Telegram Group.
You can activate Smart Custody by typing the command
/smartcustody in the Bot.Smart Custody makes your Grindery wallet self-custodial while adding advanced protection. It works by requiring two keys for transactions—yours and Grindery's—ensuring you maintain full control while getting AI-powered security against scams and phishing attempts. Plus, multiple recovery options mean you'll never lose access to your funds. Activate with "/smartcustody" in the GrinderyAIBot.
Key features
- Smart Custody: Your wallet uses two keys to authorize transactions—one held by you, and one by us. Both keys are required to complete any transaction. There are no transaction without your approval meaning you have full control and self custody.
- Powerful Protection: Grindery uses the second key to protect your account better than any human ever could. We detect threats, hacks and phishing attacks using machine learning and dark web databases and give you a heads up before we execute any transaction.
- Multiple Recovery Option: To ensure you never loose access you have many recovery option such as key redundancy on multiple devices, email and SMS messages.
Currently Smart Custody is working with a single device and email as primary recovery method. This means you can and should confirm, transaction only on that device. We will be adding support for multiple devices in the coming weeks.
How to set it up?
First of all, you should go to the Grindery AI Bot. Once you're there, you need to run the command
/smartcustody , click on setup and follow the steps.Steps
1️⃣ Click on Get Started: Make sure you read the text before clicking the button to confirm we don't have any typo or confusing text on this page.
2️⃣ Set up your six digit PIN code and click on Unlock.
3️⃣ You'll see that your device key was created and you can click on continue.
4️⃣ Set up your recovery email. Just enter your email and click on Send Email. You will receive an email and the address you've entered with the code. Enter the code and click on submit.
5️⃣ Wait for the verification and setup and you should land into the Email Setup Completed page. Just hit Continue.
6️⃣ You should be ready to activate Smart Custody. The only thing you need to do now is to click on the button below that says Activate smart custody.
7️⃣ Enter your device key once again. This is the six digit pin code that you've entered before on step 2, and click unlock.
8️⃣ Wait for the system to complete your setup and you should get into the page that says Smart Custody Activated. Click on Manage to manage your smart custody.
9️⃣ As you can see in the Manage settings, you can change your recovery email at any moment. Just click on Change, enter your new email and submit as before. You will receive your code via email and you just need to submit that new code and click on next.
🔟 To see your Smart Custody status in your wallet you can navigate to your wallet, enable Debug mode and turn on the Smart Custody in there. To open the debug Mode, just click 10 times on your Wallet balance and you'll see the menu. Turn on Smart Custody and go back to your wallet. You should see now that your Smart Custody is activated. That's all.
Please make sure you record the testing session and add your feedback and comments to this form.
ONLY SUBMISSIONS INCLUDING SCREEN RECORDING WILL COUNT AS VALID FOR EARNING G1
Prize: The best 3 submissions will receive 10K G1 each! 😎
BONUS: We will pick up 3 random submissions from all participants and will receive a 5K G1 bonus each! 😎
Technical Overview
Grindery Wallet is a smart EVM wallet built on ERC-4337 account abstraction standard. It currently supports Polygon, BSC and opBNB. It uses following contracts in its core operation (address is the same on all chains):
Wallet factory
- Current: 0x37EA5D6bAA4e9038d6A7c7d859FA106Da50eff06
- Legacy: 0x33DDF684dcc6937FfE59D8405aA80c41fB518C5c
Validator
- Current: 0x9B71a9447053116F17D0e63Ce289030D2B839588
- Legacy: 0x9392C6a8A0b5d49cc697B8242d477509bAE16700
Account implementation
- Current: 0x9fB33F29d40e667d9B31B877e113bC560888bEa8
- Legacy: 0xDe81a259910d029D159C6CfA12A998eb10f2d175
By default, user wallets are managed by a common signing key in Grindery system for easier user onboarding. Users can switch their wallet to self-custodian mode, powered by Turnkey, which enables following security features:
Cryptographic Key Management:
- User Keys: Users generate and store cryptographic keys locally on their devices, stored in secure storage and never transmitted over network.
- Verifier Keys: Grindery maintains a verifier key securely stored on Google KMS with restricted access, used to co-sign transactions. This key is non-exportable, managed under strict access controls and audited regularly to ensure security and compliance with industry standards.
Transaction Signing Process:
- Transactions require a multi-signature mechanism where both the user’s and Grindery’s keys are needed to execute any blockchain transaction. This is implemented using Turnkey's signing policy.
Secure Communication Channels:
- All communication between client devices and the server occurs over encrypted channels using TLS (Transport Layer Security), ensuring that transaction requests and data exchanges are secure from interception or tampering.
Recovery Options:
- Email and SMS Recovery: Recovery links or OTPs (One Time Passwords) are sent via email or SMS, allowing users to initiate a recovery process. This process involves re-authentication and the generation of new cryptographic keys which are then registered with the Grindery Wallet.
- Multiple registered devices: User can register new device with the system. Using signature from an existing user key, key on the new device can be added to the Grindery Wallet. The new device can be used to access wallet in case of losing the original device.
Emergency Recovery Protocol:
- In cases where all recovery options are unavailable (e.g., loss of device, email, and SMS access), the system implements an emergency recovery process that involves a 30-day cooldown period. During this time, the user’s account is frozen to prevent any unauthorized access. After the cooldown, recovery is granted through a pre-verified Telegram account, ensuring that the user still maintains control.
Security Oversight and Risk Management:
- Before co-signing any transaction, the Grindery Wallet conducts a risk assessment based on parameters such as transaction frequency, amount, and user behavior patterns. If a transaction is flagged as risky, additional user verification (e.g., biometric, OTP) is requested to confirm authenticity.
- Implementation of proactive security measures such as rate limiting, anomaly detection, and regular security audits of the infrastructure help in mitigating risks related to hacking and phishing attacks.
Compliance and Standards:
- The system is designed to comply with relevant security standards and regulations (e.g., GDPR for data protection). Regular compliance audits and penetration testing are conducted to ensure the system adheres to high-security benchmarks.