Co-Signers and Custom Custody
The Co-signer node is a powerfully unique component of INTU architecture which enables applications and devices to programmatically interact with on-chain features. By supporting both end users and programs, INTU’s Account Toolkit functions beyond simply a log-in, auth, custody, or signing solution, but a comprehensive solution for most applications with on-chain features.
The co-signer can:
-
Listen for, and participate in the creation of new accounts, when defined by the developer or user
-
Listen for, and participate in the formation of valid signatures for accounts they are members of
-
Subsidize gas fees, and serve as a relayer or bridge to RPCs/Gateways for various blockchains on behalf of the end-user, if their end-user factor does not support directly broadcasting transactions.
The Co-signer can be run as a standalone service, self-hosted, using a cloud provider, or using a neutral third party service. The Co-signer Module can also be built directly into an application to support advanced functionality, security, or user experience features.
Co-signers can be configured and managed in many ways, which results in different custody models. A few examples:
| Custody | Description |
|---|---|
| Self-Custody | An end-user interacts with their INTU account through an applications interface, but retains control over all participants of the account. This can include any combination of end-user factors, but also a co-signer managed directly by the end-user. In the near future, INTU will offer a direct-to-user subscription service, where the end-user is provided with a provisioned co-signer hosted on a cloud-service for their personal use, of which they have full administrative control over. |
| Permissioned Custody | A project or company can provide one or more co-signers to support their application users for simplified onboarding and signing - an “invisible” web3 experience. In this case, the end-user would retain 1-of-3 shares, with the application managing 2-of-3 shares. The result is a trusted, permissioned use of the account, similar to cloud-based applications. |
| Two-Party Custody | There are several variations for shared custody of an INTU account, typically where the end-user controls a majority of factors, and the application controls a minority. In this configuration, only the end-user is able to authorize transactions or messages, but the application can assist in co-signing for improved user experience, or support account recovery functionality. |
| Distributed Custody | Independent, neutral third party(s) can also provide co-signer services in order to preserve trustless or no-custody models. Applications will not be considered custodians of assets, and end-users preserve autonomy, while enjoying many of the advanced features of an INTU account. INTU will begin offering a similar service in early 2025, both directly and through trusted partners. |
| Progressive Onboarding | As the accounts can be reconfigured over time, end-users can be progressively onboarded as needed. A user can create their account using SSO, with the application providing two co-signers, and eventually encourage 2FA or account recovery through their UX, resulting in effective self-custody. |
Lastly, the Co-signer module can be highly customized for application-specific needs. This includes
-
AI: Direct integrations with LLM APIs to carry out on-chain interactions from AI output
-
IOT: Allowing IoT devices to directly write data on-chain while maintaining safe network credentials
-
Gaming: Seamless experiences taking RNG output in gaming, pre-forming and signing the transaction, and issuing/claiming in-game items