> For the complete documentation index, see [llms.txt](https://shinkalabs.gitbook.io/hub/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://shinkalabs.gitbook.io/hub/andromeda/guides/configure-recovery.md). # Configure recovery To make a dWallet recoverable, you attach the on-chain [`rules-policy`](/hub/andromeda/guides/deploy-policy/rules-policy.md) program to it and configure who can recover it. This is the setup step; running a recovery later is covered in [Run a recovery](/hub/andromeda/guides/run-recovery.md). {% hint style="info" %} Recovery is opt-in per deployment. Check [`/capabilities`](https://api.andromedainfra.pro/capabilities). The exact request and response bodies are in the [OpenAPI spec](https://api.andromedainfra.pro/openapi.json). {% endhint %} ## What you configure * **Primary owner**: one credential that can recover the wallet in a single step. Identified by a 34-byte member slot `[scheme byte, identifier, zero padding]`. Schemes: Ed25519 (32-byte key), Secp256k1 (20-byte Ethereum-style address), Secp256r1 (33-byte compressed key). * **Quorum roster**: N recovery owners and a threshold M. Members may use the same schemes as the primary, plus full WebAuthn (quorum members only). * **Daily limit**: maximum recovery actions per day, measured by the Solana clock. * **Cooldown**: minimum slot gap between recovery actions. You can set just a primary, just a quorum, or both. With both, either path works on its own. ## The flow 1. **Preview.** `POST /v1/recovery/policy/preview` resolves your configuration and returns the policy PDA, without creating anything. 2. **Deploy.** `POST /v1/recovery/policy/deploy` returns an unsigned transaction; sign it client-side and submit it. The PDA is seeded with an init-authority hash so the address cannot be front-run. After this, the `rules-policy` program holds the dWallet's authority. 3. **Read.** `GET /v1/recovery/policy/{dwalletAddress}` returns the current configuration, nonces, and any pending change. 4. **Change.** Authority-level changes are challenge-based admin actions: `POST /v1/recovery/policy/admin/challenge` returns a 32-byte challenge and the expected nonce; the current owner signs it; `POST /v1/recovery/policy/admin/submit` applies it. The admin actions include adding or removing a quorum member, setting the primary owner, adjusting the threshold, daily limit or cooldown, and **`revoke`** (handing the dWallet's authority back to the owner). Changes that affect the roster or thresholds are staged as pending and finalised with `POST /v1/recovery/policy/apply-pending`, so a mistake is reversible before it takes effect. ## Building member slots A member slot is canonical and fixed-width (34 bytes) so a single slot value covers every on-chain comparison (membership, dedup). You build it from the scheme and the identifier: * Ed25519: scheme byte + 32-byte public key + 1 byte padding. * Secp256k1: scheme byte + 20-byte address + 13 bytes padding. * Secp256r1: scheme byte + 33-byte compressed key + 0 bytes padding. * WebAuthn (quorum only): scheme byte + 33-byte compressed P-256 key + 0 bytes padding. See [Recovery schemes](/hub/andromeda/reference/recovery-schemes.md) for the full table. ## Before adding an external wallet as an owner The user should prove they control it first. See [Discovery](/hub/andromeda/guides/discovery.md). ## On-chain guarantees * Every signature in a recovery (primary or member, and the owner's signature on admin changes) is verified by a Solana runtime precompile. Andromeda cannot forge it. See [Zero attestor](/hub/andromeda/concepts/zero-attestor.md). * The Solana clock is the only time source for the daily limit and cooldown. * Per-flow replay nonces block replays. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://shinkalabs.gitbook.io/hub/andromeda/guides/configure-recovery.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.