Skip to content

Wallet Creation and Recovery

Creating embedded wallets

To create wallets for your users as part of the login flow you need use one of the following methods of embeddedWallet:

  • configure: will create the wallet if it does not exist (where AccountTypeEnum.SMART_ACCOUNT is default), otherwise it will return the existing wallet.
  • create: will always create a new wallet, of the specified type.
  • recover: will recover the wallet given a specific account id. To get a list of account ids you can use embeddedWallet.list().
Make sure to wait for the embedded state ready before using the embedded wallets. Learn more about how to check the embedded state.

Decide a recovery method

Recovering the embedded wallet is needed when a user logs into a new device or when access to the embedded wallet is lost.

Openfort embedded wallets have two core recovery modes: automatic recovery and password recovery. At a high-level, this setting modulates how the embedded wallet's recovery share is encrypted and stored.

  • Automatic recovery: The recovery share is encrypted with a combination of project entropy and Openfort's entropy. When logging into a new device, users can immediately access their embedded wallet.
  • Password recovery: The recovery share is encrypted by user-provided entropy. When logging into a new device, users must enter in their password to recover the embedded wallet on the new device. Once the embedded wallet has been recovered on a device, users will not need to enter their password on that devices again.

Automatic recovery

From your backend, you should have an endpoint that generates an encryption session for the user. This endpoint should be protected and only accessible by the user who is requesting the encryption session (i.e. the user who is logging in). Learn how to set up this endpoint and request an encryption session in our automatic recovery session guide.

Password recovery

Require that users set a password when the wallet is created. Only the user can decrypt the recovery share. Openfort never sees the user's password.

Wallet Pre-generation

Openfort also allows you to pre-generate embedded wallets for your users, even before they first login to your app. Please see our pregeneration guide for more.