Generating and Managing User Private Keys

It is critical for users' and apps' private keys to be kept secure. While we are able to freeze and restore users with new addresses in case of security crisis or fraud, this is by no means a desirable situation; too many private key hacks and your application could be at risk for having production access revoked or diminished.

Some applications may want to leave it to the user to keep private keys secure and sign requests as needed, but for many use cases, the private key layer may be better left concealed from users. In that case, applications will need to generate private keys for each of their users.

Use HD (hierarchical deterministic) wallets if you are managing users' private keys.

  
wallet = sila.generateWallet()
from silasdk import EthWallet

EthWallet.create("provide some entropy for randomness")
// Generate wallet
$wallet = $client->generateWallet();
echo $wallet->getAddress(); // Wallet public address
echo $wallet->getPrivateKey(); // Wallet private key
// Generate wallet
Wallet wallet = api.generateWallet();
System.out.println(wallet.getBlockChainAddress()); // Wallet public address
System.out.println(wallet.getPrivateKey()); // Wallet private key
// Generate wallet
var wallet = api.GenerateWallet();
Console.WriteLine(wallet.Address); // Wallet public address
Console.WriteLine(wallet.PrivateKey); // Wallet private key

Private keys should be maintained in a Key Management Service platform to prevent loss or theft. For example, Amazon KMS, Google Cloud Key Management or Very Good Security, Vault by Hashicorp, meet Sila's security requirements for this purpose.

Private keys should never be transmitted over any network. Private keys can be generated by your application, or you may wish for your users to generate their own private keys and store them on a local device i.e. local storage on a mobile phone, or offline i.e. cold storage.

If you suffer a data loss or security breach, then immediately contact [email protected] for further instructions.


Did this page help you?