End users of your platform can unilaterally export and take full ownership of the private keys of their wallets.
To enable a user to export their private keys, your platform must implement the following flow:
- From your BE, call Fordefi’s API set end user export permissions to
allow=true. Note that this request should be called separately for every end-user who requires private key extraction. - From your app that embeds our SDK, call the
exportKeysfunction to return a JSON file containing all user’s private keys.
The following diagram illustrates this flow:
Considerations for further handling
- In the returned JSON file, Fordefi provides both ECDSA and EdDSA keys:
- An ECDSA key should be used to recover assets on all the EVM chains, Bitcoin, and Cosmos. This private key can be imported to third-party wallets such as Metamask, Electrum wallet or Keplr, accordingly, to allow fast and seamless asset recovery.
- An EdDSA key should be used to recover assets on Solana, Aptos, and Sui. There is no straightforward way to recover assets on chains that use EdDSA keys, so the user-facing application should implement on chain transaction to enable the end users to access their assets.
- Once the private key is exported, the user can use it unilaterally outside of the platform, which may lead to an unknown outgoing transaction from the wallet.