How it works

EOA wallets

EOA wallets, or Externally Owned Accounts, serve as the primary interface for users to interact with web3. The creation of an EOA wallet involves generating a private key, which acts as a unique signature providing access and control to the account. EOA wallets generated by the SDK are user-custodied, meaning that they are created and stored on a user's device.

Generating EOAs

The EOA wallet generation process uses the BIP39 mnemonic generation to create a hierarchical-deterministic (HD) wallet. This mnemonic is used to extract a private key from the BIP32 path "m/44'/60'/0'/0/0" which is the Ethereum default path.

This generation process uses the same methodologies as ethers js, with a couple of key differences:

  • The generation of the mnemonic and the extraction of the private key are both done in native code, with C being used on the iOS side and Kotlin on the Android side.

  • The private key from our NativeModule is passed over to the JavaScript side to instantiate an ethers js wallet using the private key.

The generated ethers js wallet does not have access to the mnemonic, it is not able to create a second wallet with a different path.

Encryption & Storage

Private key storage makes use of hardware encryption and low level OS key storage technology on device.

Persistence

By default, createAccount stores the private keys at the device + cloud level.

iOS

  • Device + iCloud storage

    • Requirements

      • Device must be logged into an Apple ID to back up keys to iCloud.

    • Use cases

      • Logging on to different devices with the same Apple ID and mobile app will restore the original crypto account created by that Apple ID.

      • Deleting and reinstalling a mobile application will restore the original crypto account.

  • Device only storage

    • Use cases

      • Deleting and reinstalling a mobile application will restore the original crypto account.

Android

  • Device + Google Cloud storage

    • Requirements

      • End to End encryption is supported on devices running Android 9 and above.

      • Device must have a screen lock set with a PIN, pattern, or password for end to end encryption to be enabled.

      • Device must be logged into a Google account to back up keys to Google Cloud.

    • Use cases

      • Logging on to different devices with the same Google account and mobile app will restore the original crypto account created by that Google account.

      • Deleting and reinstalling a mobile application will restore original crypto account.

  • Device only storage

    • Use cases

      • Deleting and reinstalling a mobile application will generate a new private key due to SharedPreferences being deleted along with the app bundle. The original crypto account will no longer be recoverable.

Last updated