Skip to main content

Security & Authentication

Authentication with Privy

All sensitive actions require authentication using a non-custodial wallet. Wallets are managed securely using Privy, a privacy-first authentication provider for web3. Privy ensures that private keys are never exposed to the backend or any third parties.

How Privy Works

  1. When a user signs up or logs in, Privy creates a new wallet for them or connects an existing one.
  2. The user authenticates using Privy's secure interface (email, social login, or wallet connect).
  3. The wallet address is used for all on-chain transactions and account management.
  4. All sensitive operations, such as signing transactions, are performed client-side in the user's wallet.
  5. Private keys are never transmitted or stored on backend servers.

Data Privacy

  • No private keys or sensitive wallet information are ever stored by the platform.
  • Only public data (wallet addresses, transaction hashes) is used for platform operations.
  • User data is handled in compliance with privacy and security best practices.

Exporting Wallet

Users can export their wallet securely from the profile section of the app (web app only is supported due to privy security aspects). This allows them to back up their keys or import their wallet into another application.

Why Use Privy?

  • Provides seamless onboarding with email, social, and wallet login options.
  • Ensures non-custodial, user-owned wallets.
  • Used by leading web3 projects for secure authentication.