Thanks for the further explanation-- I fully understand that such things aren't baked into the current infrastructure-- which also creates problems (for example a cell service provider resetting a password over SMS through their own supposedly 2FA system). L
The smart contract you describe is sort of what I meant by service providers emerging for this sort of thing: The average user will not feel comfortable rolling their own such contract. It either needs to be dead easy, or there will emerge services that do this for you and oversee their execution. I could be wrong about that... Much of what Web3 will look like is speculation. But if those sorts of services emerge and become market dominators, they would have a lot of control-- contracts that allow termination (deplatforming). As contracts become more complex to avoid edge cases we see being exploited right now, it may become even harder to understand all implications, loopholes, exploits, etc.
The above may be a solvable problem: Develop tools to parse smart contracts. A specialized class of automated testing tools for smart contracts.
In the scheme I described there would be no central authority with special power over the "recoverable account" smart contract. Each user would deploy their own fully independent instance and choose who can help them recover the account. Contracts are immutable so the person writing / distributing the code wouldn't have any extra powers the way Google and Facebook do.
Obviously this hinges on the contract not being backdoored by its creator to begin with, but collections of free, open source, audited smart contracts for stuff like this already exists. A user would likely use some app / tool to deploy their instance, once deployed it's really simple to verify the deployed code matches the verified open source version.
The smart contract you describe is sort of what I meant by service providers emerging for this sort of thing: The average user will not feel comfortable rolling their own such contract. It either needs to be dead easy, or there will emerge services that do this for you and oversee their execution. I could be wrong about that... Much of what Web3 will look like is speculation. But if those sorts of services emerge and become market dominators, they would have a lot of control-- contracts that allow termination (deplatforming). As contracts become more complex to avoid edge cases we see being exploited right now, it may become even harder to understand all implications, loopholes, exploits, etc.
The above may be a solvable problem: Develop tools to parse smart contracts. A specialized class of automated testing tools for smart contracts.