When integrating with our wallet service, you don't need to worry about how to securely store and manage the private keys. We have done that job for you.
Once a user is created through our SDK, we automatically create a wallet for that user. The private key is encrypted and securely stored in our cloud infrastructure.
The user can never retrieve the private key to the client side. If the user wants to sign a transaction to perform an operation (e.g. transfer SOL), the client side needs to call our wallet SDK to perform these actions.
Operations we support:
- transfer SOL
- transfer token
- view historical transactions
- The user's private key never leaves our cloud infrastructure.
The key generation, encryption, decryption, and storage are all happening in the cloud. The overall process is never exposed to the external.
- The user's key is encrypted by the third-part KMS(Key Management System).
We don't store the plain-text private key. Instead, only the encrypted key is stored in our backend. The encryption is done by a trustable third-party KMS provider with strict access control policies to protect the data encryption data. Moreover, the encryption key never leaves the KMS.
As to the developers who want a non-custodial solution, please keep tuned for our future announcement. If you have a question, please feel free to contact us.
Edit this page on GitHub