In order to reduce the chance of user error leading to the loss of funds, Casa holds one of the signing keys in the user’s multisig setup for use only in emergency recovery scenarios. The recovery transaction is used to transfer the client’s funds to a new full keyset.
Casa only will use the Emergency Recovery Key after a client has verified private data that they provided to us at setup. This signing of a single Emergency Recovery key must be combined with two other key signatures from the client to complete a recovery transaction. This ensures that Casa (or a malicious actor attempting to compromise Casa) can never block or access client funds.