-5

We’re creating a decentralised app, in which we’ll create a crypto wallet for each user. In order to store the private key of each user’s wallet, we can encrypt the same using his password being used for sign-up/login. But, now we’re not using password for sign-up or login, neither we want to keep any extra efforts for the user for the creation of wallet. In this case, how should we store the private key securely of each user?

We are implementing robust security by storing private keys on the server with encrypted passwords.

Suhail Gour
  • 1
  • 1

1 Answers1

0

Good ser, for the love of god, do not store a user's private key - that's not how decentralized applications work. Do not try to create a wallet for the user, they do this themselves. The user keeps their own private key (emphasis on private, i.e. not shared with you). They login using a wallet, and sign transactions on your app. All you need to do is keep track of the users PUBLIC key, and associate that with any data in your database. There are methods of sign-in where you can ask a user to prove they have access to their private key.

joebuild
  • 536
  • 6
  • 19
  • To be fair, giving the user the option to have a managed wallet will GREATLY increase adoption, while always allowing the user to migrate to a self-managed wallet if they choose to. – Kartik Soneji Sep 02 '23 at 19:52