Keeping your keys safe

We DO NOT hold your keys. In an effort to simplify the trading and DeFi experience, we've entrusted Web3Auth.

Web3Auth protects users' keys through a combination of distributed key generation (DKG), multi-party computation (MPC), and threshold cryptography. Here’s a breakdown of how it works:

Non-custodial Key Management: Web3Auth splits the user's private key into multiple shares using threshold cryptography. These shares are stored in different places, such as the user’s device and Web3Auth’s network. No single party has access to the complete private key, ensuring security.
Threshold-Based Recovery: Even if one of the key shares is lost (e.g., due to device loss), users can still recover their account by combining a threshold number of shares (such as from their email, backup phrase, or a second device). The exact threshold depends on how the system is configured.
MPC (Multi-Party Computation): In key recovery and signing transactions, Web3Auth uses MPC to ensure that key shares can collaborate securely without ever revealing the full private key. This means that signing can occur without any party having complete control over the user’s key.
Social Login: Web3Auth allows users to authenticate using existing social logins (like Google, Facebook, or Twitter), making it easier for users to access their wallets without managing private keys directly. The login process acts as a secure method to retrieve one of the key shares, reducing the friction of traditional seed phrases.
Distributed Security Model: Because the key is distributed across different parties and devices, attackers cannot compromise a user’s account by breaching just one source. This decentralized approach makes it more difficult to access or steal private keys.
Backup and Key Recovery Mechanism: Web3Auth has built-in backup and recovery mechanisms using familiar options like email, phone numbers, or cloud storage. This offers a user-friendly way to recover access to the account without requiring technical expertise in private key management.

In essence, Web3Auth combines cryptographic techniques and modern authentication methods to secure private keys, reduce the risk of key loss, and make the user experience smoother. This method balances both security and ease of use, essential for broader Web3 adoption.

PreviousWhat does the suite include?NextVideo Tutorials

Last updated 7 months ago

Keeping your keys safe

We DO NOT hold your keys. In an effort to simplify the trading and DeFi experience, we've entrusted Web3Auth.

Web3Auth protects users' keys through a combination of distributed key generation (DKG), multi-party computation (MPC), and threshold cryptography. Here’s a breakdown of how it works:

Non-custodial Key Management: Web3Auth splits the user's private key into multiple shares using threshold cryptography. These shares are stored in different places, such as the user’s device and Web3Auth’s network. No single party has access to the complete private key, ensuring security.
Threshold-Based Recovery: Even if one of the key shares is lost (e.g., due to device loss), users can still recover their account by combining a threshold number of shares (such as from their email, backup phrase, or a second device). The exact threshold depends on how the system is configured.
MPC (Multi-Party Computation): In key recovery and signing transactions, Web3Auth uses MPC to ensure that key shares can collaborate securely without ever revealing the full private key. This means that signing can occur without any party having complete control over the user’s key.
Social Login: Web3Auth allows users to authenticate using existing social logins (like Google, Facebook, or Twitter), making it easier for users to access their wallets without managing private keys directly. The login process acts as a secure method to retrieve one of the key shares, reducing the friction of traditional seed phrases.
Distributed Security Model: Because the key is distributed across different parties and devices, attackers cannot compromise a user’s account by breaching just one source. This decentralized approach makes it more difficult to access or steal private keys.
Backup and Key Recovery Mechanism: Web3Auth has built-in backup and recovery mechanisms using familiar options like email, phone numbers, or cloud storage. This offers a user-friendly way to recover access to the account without requiring technical expertise in private key management.

PreviousWhat does the suite include?NextVideo Tutorials

Last updated 7 months ago