Wallaby
  • Introduction
    • Welcome
    • Getting Started
    • Key Architecture Overview
    • SDK vs API
    • Authentication Overview
    • Security Overview
      • Wallaby System Security
      • Securing User Access Token
      • Securing API keys
      • Securing Device Auth Key
      • Securing the Seed Phrase
        • API only: Choosing encryption factors for the seed phrase
  • Capabilities
    • Core Wallet
      • Wallet Creation
      • Wallet Recovery
      • Wallet Export
      • Wallet Import
      • Seed Phrase Recovery (Beta)
    • Wallet Services
      • Asset Listings By Wallet Holders
      • Transfers
      • Spending Authorization
    • Wallet Data
      • View Assets, Addresses, & Balances
      • Transaction History & Status
      • Service Availability
  • Consumer Application SDK
    • SDK Quick Start
    • Authentication with the SDK
      • Account Creation
      • Login
      • Refresh Access
      • Update Client Public Key
    • Core Wallet SDK
      • Creating a wallet with the SDK
      • Recovering a wallet with the SDK
      • Exporting a wallet with the SDK
      • Importing a wallet with the SDK
    • Wallet Services SDK
      • Spending Authorization (Allowance) with the SDK
      • Transfers with the SDK
        • Use Case: Preparing a Transfer
    • Wallet Data SDK
      • Assets, Addresses, & Balance Fetching with the SDK
      • Transaction History with the SDK
      • Transaction Status with the SDK
      • Service Availability with the SDK
  • Consumer Application APIs
    • API Quick Start
    • API Authentication
      • Sign Up
      • Sign In
    • Core Wallet APIs
      • Creating a wallet with APIs
      • Recovering a wallet with APIs
      • Export a wallet with APIs
      • Import a wallet with APIs
    • Wallet Data APIs
      • Assets, Addresses, & Balance Fetching APIs
      • Transaction History APIs
      • Transaction Status APIs
    • Wallet Services APIs
      • Asset Listings By Wallet Holders API
      • Transfer API
      • Spending Authorization (Allowance) API
      • Algorand Opt In
    • Blockchain Specific APIs
      • Algorand Only APIs
      • EVM Only APIs
    • Error Codes
  • Wallet Administration
    • Admin Applications
      • Admin Authentication
      • Admin Security
      • Programmatically Listing Assets with the SDK
      • Programmatically Listing Assets as a Business
    • Admin Portal
      • Asset Listings By Your Business
        • Manually List Assets
        • Automate Listing Assets
Powered by GitBook
On this page
  • Non-custodial Design
  • Storage
  • Access
  • Core Key Architecture Design
  • Wallet Keys
  • Authentication Keys
  1. Introduction

Key Architecture Overview

Non-custodial Design

"Not your keys, not your crypto!"

What really is the difference between custodial and non-custodial when dealing with digital funds? With more and more non-custodial WAAS products rolling out, you will want to throughly evaluate their key architecture in order to ensure that the product meets your standards for non-custodial. Custody comes down to two core criteria: where are wallet keys stored and who can access them?

Storage

Before developing Wallaby, we found most wallet providers were comfortable storing private keys if they were encrypted first and stored in a secure environment. Our team felt strongly about avoiding the scaling security risk associated with centralized key storage, but still wanted to enable all the same out of the box capabilities of standard noncustodial wallet providers.

Access

Some wallet providers identify as non-custodial based on the premise that they are unable to access your private keys without your involvement. However, in some designs you may also find that wallet holders are unable to access their own keys independently of the provider.

We've designed a system without product lockup and with interoperability at core. We believe that a system where the wallet holder is unable to access their private keys independently falls into a gray area and has the potential to introduce unnecessary risks.

Core Key Architecture Design

Our architecture combines two cryptographic standards:

  1. Our key architecture for transaction signing is based on BIP-32: A hierarchical deterministic wallet standard that ensures interoperability between wallet providers

  2. Our authentication and key transport is based on the secure remote password (SRP) protocol which is a form of zero knowledge authentication allowing the wallaby backend system to authenticate clients/frontends without needing them to reveal any form of private data.

Together these two standards enable us to provide wallet capabilities without storing any private keys, not even in an encrypted format.

Wallet Keys

To provide multichain capabilities while preserving interoperability with other wallet providers, we chose to follow BIP-32: a hierarchical deterministic wallet standard. This standard utilizes a mnemonic to generate a root parent key. This root parent key is used to generate child keys used for transaction signing.

When creating a wallet, we create child keys for supported blockchains that share a single master seed phrase. When signing, we generate the keys on demand from the seed phrase in a secure enclave.

In addition to interoperability and multichain capabilities, this structure also results maximizes flexibility with regards to account design for your end user. We can generate new addresses as needed, introduce additional blockchains over time, and roll external accounts up into our existing structure where it makes sense.

Authentication Keys

To authorize the user's device to use our system and secure the seed phrase in transport and storage, we utilize the secure remote password (SRP) protocol.

This protocol utilizes two key pairs generated when authenticating with Wallaby:

  1. one pair generated by your application held on the wallet holders' device referred to as the "client auth keys"

  2. one pair generated on our platform held within our secure enclave referred to as the "Wallaby auth keys"

When signing up or signing in to our platform, you provide us with the "client auth public key" to enable us to transport data FROM our system. In return, we will provide you with the "Wallaby auth public key" used for transporting data TO our system.

When creating a wallet or recovering a wallet, we send you the seed phrase encrypted with the "client auth public key" that was originally generated client side. When it is received, you can decrypt with the "client auth private key" to present it to the end user. When it is no longer needed, you can encrypt it with the "Wallaby auth public key" and any additional encryption factors. Then store it as needed.

When signing, we require you return the seed phrase encrypted with the "Wallaby auth public key" and when it arrives in our secure enclave, we will decrypt it to generate the signing keys needed to perform the requested tx.

PreviousGetting StartedNextSDK vs API

Last updated 10 months ago

Page cover image