Cos72 is an account-abstraction wallet & community OS built on WebAuthn (Face ID), BLS aggregate signatures, and ERC-4337. Below, in comics: what each role can do, the tech behind it, and why it matters to you.
🎒 Xiao J guides «Individual User»: The full journey: verify email, create the account with Face ID, set guardians, transfer, recover, and join a community.
Registration starts with your email: we send a 6-digit code to confirm it's you. Email is just a simple way to reach you — it is not your password and not your security.
⚙️ How it works: A one-time code (OTP) verifies you and creates the account record (a JWT); no password is ever stored.
💡 Why it matters: A familiar first step — nothing to memorize or invent.
Next you create a passkey with Face ID / Touch ID (or a security key). This passkey becomes the key that signs for your on-chain account.
⚙️ How it works: WebAuthn generates a P-256 credential (key held in KMS), bound as the signer of your AirAccount — no password, no seed phrase.
💡 Why it matters: Your face or fingerprint is your wallet key.
Your address exists from day one as a 'counterfactual' address; your first transaction deploys it for real. At that moment you set guardians: 2 of your own + 1 community guardian (2-of-3).
⚙️ How it works: An ERC-4337 counterfactual account, deployed on the first UserOp (create-with-guardians); a guardian can be a passkey, an EOA wallet (e.g. MetaMask), a friend's account, or the community — flexible by design.
💡 Why it matters: Recovery is wired in from the start — no separate setup, and you can't 'forget' to protect yourself.
With zero ETH in your wallet, you can still buy GToken or aPNTs points with USDC. This is the EOA purchase convenience provided by Launch (the launch-sale): you pay USDC from an EOA, and a relayer covers the gas.
⚙️ How it works: USDC uses EIP-3009 authorization; a DVT relay + Paymaster sponsors the gas and submits the tx on-chain.
💡 Why it matters: The #1 newbie blocker — 'you need ETH for gas first' — is removed entirely.
🔗 Real Sepolia tx (TOK-01)
This step is NOT adding guardians (those were set when your account was created) — here you set spending policies: a daily cap, plus amount-based verification tiers. The daily limit can only be lowered, never raised.
⚙️ How it works: Security is layered (verification escalates with amount): small transfers need only your passkey (Tier 1); larger ones add a DVT co-signature (Tier 2); large ones additionally require a guardian's signature (Tier 3) — the bigger the amount, the more factors it takes. On top sits the monotonic daily cap (raising it reverts on-chain).
💡 Why it matters: Even if your key is stolen: the daily cap limits one-day damage, and big transfers simply can't go through without extra guardian approval.
Every transfer needs your own Face ID / fingerprint: prepare → sign → submit on-chain.
⚙️ How it works: Two-phase ceremony (prepare/submit); released only after passkey assertion + BLS aggregate signature verify.
💡 Why it matters: Mandatory per-transaction verification makes phishing / forged signing very hard.
🔗 Real Sepolia tx (XFER-01)
Lost your phone? Recovery needs any 2 of your 3 guardians. The default community guardian is only 1 of 3 — so it can never act alone, it can only help you.
⚙️ How it works: 2-of-3 social recovery swaps the signer; the community guardian is a public multisig that re-confirms it's really you through real, in-person social memories — anchored in relationships, not a key.
💡 Why it matters: Lose a device or even one guardian and you still recover; and a rogue community still can't steal your funds (1 < 2).
Stake GToken for one ticket (SBT); with that single ticket you can join any permissionless community — from 'using a wallet' to 'joining a community'.
⚙️ How it works: Staking mints a non-transferable SBT ticket as proof of membership; communities are aggregated in the plaza.
💡 Why it matters: Turns a wallet into a community gateway — the meaning-economy base Cos72 is built for.
🎒 Xiao J guides «Visitor»: Not signed up yet — what can you see?
This role's tour is being drawn — coming soon.
🍄 Xiao M guides «Community Admin»: Create a community, issue points, set gas strategy, run it.
This role's tour is being drawn — coming soon.
🍄 Xiao M guides «Operator»: Run a gas-sponsoring node in the SuperPaymaster ecosystem.
This role's tour is being drawn — coming soon.
🐱 Baobao guides «Guardian»: Co-sign to help others recover.
This role's tour is being drawn — coming soon.
🐱 Baobao guides «Protocol Admin»: Protocol governance, status and config.
This role's tour is being drawn — coming soon.