Hook
A forum post on Ethereum Magicians. A proposal for timelock-based account recovery. No GitHub repository. No testnet deployment. No audit trail. Yet the crypto press is already framing it as the next evolution in smart wallet security. The data suggests that this is not a breakthrough—it is a thought experiment, elevated by a market starved for infrastructure narratives.
In practice, the gap between a forum thread and an EIP is vast. Between an EIP and a production wallet integration lies a graveyard of abandoned ideas. The timelock recovery proposal sits at the very beginning of that journey. Most readers will never return to check if it survived.
Context
Ethereum’s account abstraction (ERC-4337) introduced a paradigm shift: instead of externally owned accounts (EOAs) controlled by a single private key, users can deploy smart contract wallets with programmable security logic. This enables features like multi-signature approval, daily spending limits, and social recovery.
Social recovery, the current gold standard, works by appointing a set of guardians who can vote to replace a lost key. It reduces single-point-of-failure risk but introduces a new trust assumption: guardians must be honest, available, and collusion-resistant. If a user’s private key is compromised and all guardians are malicious or unreachable, the account is lost.
The timelock proposal attempts to fill this gap. It offers a recovery path that does not depend on guardians. Instead, the user pre-authorizes a new key, but that key cannot take control immediately. A delay—say 48 hours—is enforced. During that delay, the original key (or any other authorized key) can cancel the recovery. The idea is elegant in its simplicity: time buys safety.
But elegance in theory and robustness in practice are separated by more than a forum post.

Core
Let me break down the proposed mechanism at the code level—or rather, at the level of pseudocode, because no actual Solidity exists yet. The core logic is:
