Obi Public Docs
  • FOR USERS
    • Quickstart: Using Obi
  • FOR BUILDERS
    • Obi: Cross-Chain Account and User Management
    • Dev Quickstart: Connecting Your App
    • Dev Quickstart: Building Multi-Chain Apps
    • πŸ”΅The Obi Smart Account Suite
      • πŸ”’Multikey
        • 🎣Preventing Phishing
        • πŸ“²SMS and Other Web2 Providers
        • πŸ’•Final Recovery
      • πŸ”Signet
        • Draft Signet Whitepaper
      • πŸ’•Extra Life
      • πŸ€–Automatons
      • ⏳Sessions
        • Threshold Escalation
      • πŸ§™β€β™‚οΈParty Members
        • Allowances: Hot Wallets, Budgets, and Subscriptions
        • Allow/Block/Delay Lists
      • 🧩Obi Stack Overview
      • β›½Gasless UX
      • πŸ”General Obi Features
      • πŸ“œSmart Account Design Philosophy
      • πŸ—οΈSmart Contract Architecture & Flow
    • πŸ›£οΈRoadmap: Upcoming Features
      • πŸ”§Duress Mode
      • πŸ“³Security Notifications and Lockdowns
      • βœ‹Global Transaction Limit (Sanity Limit)
      • 🌐Obi Service Providers
        • Incentivizing Service Providers
    • πŸ₯‡Obi's Unique Advantages
    • πŸ”’Multikey Attack & Loss Vectors
      • Passkey
      • Cloud Key
      • SMS Key
      • Telegram Key
      • WhatsApp Key
      • Social Recovery Key
      • Email Recovery Key
      • Ledger Hardware Key
      • Map Points Key
      • NFC Key
      • Major 2 Key Loss Vectors and Mitigations
      • Major 2 Key Attack Vectors and Mitigations
      • β€œUnlocked Obi Theft” Attack
  • Glossary
Powered by GitBook
On this page
  1. FOR BUILDERS
  2. Multikey Attack & Loss Vectors

SMS Key

can be lost if:

  • the SIM card is lost in a context where the phone number cannot then be recovered. (There are potential exceptions: see SMS Providers)

  • the security answer is irrecoverably forgotten

  • all SMS providers terminate all provider accounts servicing Obi accounts

Non-duress attacks include:

  • SIM swap attacks

  • physical theft of the device in an unlocked state or with insecure settings (e.g. message notifications display text even when locked)

  • an SMS provider is compromised

Both attacks are mitigated by the security answer, especially in combination with Security Notifications.

PreviousCloud KeyNextTelegram Key

Last updated 1 year ago

πŸ”’