Skip to content


The Authenticator contract serves as an on-chain storage for 2FA Guru. It stores information about the list of trusted relayer addresses and the binding between primary and recovery wallets.

All 2FA contracts are dependent on the Authenticator contract to perform signature verification. The Authenticator simply returns a boolean type data to determine if a signature is generated from one of the approved relayers.


function getRecoveryWallet(address primaryWallet) external view returns (address)

Gets the address of a recovery wallet based on the given primary wallet address.


function getWalletNonce(address primaryWallet) external view returns(uint256)

Gets the transaction count of the primary wallet.


modifier validWalletBinding(address primaryWallet, address recoveryWallet)

This modifier defines the conditions that both wallets must satisfy to bind with each other. The conditions are:

(1) The primary and recovery wallets cannot be the same address

(2) The primary wallet can only bind with a recovery wallet once. After a recovery wallet is binded with the primary wallet, this process is not reversible.


function setRecoveryWallet(address recoveryWallet) external

Binds msg.sender with the provided recoveryWallet. This function includes both only2FA and validWalletBinding modifiers.

⚠ Note: msg.sender is passed as the input to the only2FA modifier. In other words, the primary wallet holder must be the originating caller. This function makes an exception, which delegation is not allowed.


function setRelayer(address relayerAccount) external

Adds the given address into a list of vetted relayers. Any signatures signed by relayerAccount will be considered valid after this function is executed.

This function requires onlyOwner.


function removeRelayer(address relayerAccount) external

Revokes an existing relayer address from validating 2FAs. Any signatures signed by relayerAddress will no longer be valid after this function is executed.


function isTrustedRelayer(address relayerAccount) external view returns (bool)

Checks whether the provided relayerAccount address is a trusted relayer.


function verifySignature(
    uint256 deadline,
    address primaryWallet,
    address target,
    bytes memory data,
    bytes memory signature
) external returns (bool)

This function re-constructs and hashes the message to be verified against the provided signature. Returns a boolean value describing whether the provided signature is generated from a trusted relayer.

Parameter Type Description
deadline uint256 The transaction reverts if block.timestamp > deadline
primaryWallet address The primary address that is subjected to the 2FA authentication process
target address The contract address where the function executes
data bytes The calldata to be executed by the target contract
signature bytes The signature generated by a relayer

See the Appendix section to learn more about the structure of the message that is signed by the relayer.