during social recovery setup, your bitkey app encrypts the key that protects your phone key using your friend’s public key; not the phone key itself. only their device can decrypt it.

here’s the flow:

1) you invite a trusted contact

2) their bitkey app generates a public/private keypair

3) their public key is sent to your app

4) your phone key is encrypted with a random symmetric key (called PKEK)

5) that PKEK is encrypted using your friend’s public key

6) both encrypted blobs are stored in your cloud account

7) their private key stays on their phone (optionally backed up to their cloud, never to block!)

during recovery:

1) you install bitkey on a new phone and log into your cloud

2) you contact your friend (to be clear... they don’t get any automatic alert)

3) they enter a 6-digit recovery code into their bitkey app

4) their app decrypts the wrapper and returns the symmetric key (PKEK)

5) your app uses it to decrypt your phone key

6) now you’ve got 1 of your 2 keys, you can use delay & notify with new hardware to recover full access

so yes: the encryption key for your phone key is encrypted to your friend’s public key, only their device can unlock it & only when you ask. block never has your key, doesn’t see your seed and only facilitates communication between apps.

tl;dr: you choose who can help you recover. no seed phrases, no backdoors, no one else in control.