Export Private Keys

End users of your platform can unilaterally export and take full ownership of the private keys of their wallets.

To enable a user to export their private keys, your platform must implement the following flow:

1. From your BE, call Fordefi’s API set end user export permissions to allow=true. Note that this request should be called separately for every end-user who requires private key extraction.
2. From your app that embeds our SDK, call the exportKeys function to return a JSON file containing all user’s private keys.

The following diagram illustrates this flow:

Considerations for further handling

1. In the returned JSON file, Fordefi provides both ECDSA and EdDSA keys:
   • An ECDSA key should be used to recover assets on all the EVM chains, Bitcoin, and Cosmos. This private key can be imported to third-party wallets such as Metamask, Electrum wallet or Keplr, accordingly, to allow fast and seamless asset recovery.
   • The format of the exported private key on chains that use EdDSA keys (e.g., Solana, Aptos, Sui) is not compatible with external tools and wallets. Therefore, user-facing applications should implement an alternative mechanism, based on on-chain transaction, to enable their end users to move their assets to other wallets.
2. Once the private key is exported, the user can use it unilaterally outside of the platform, which may lead to an unknown outgoing transaction from the wallet.