Raydius Litepaper
  • Introduction
    • Overview
    • Mission & Vision
    • What is Raydius?
  • Core Concepts
    • Chain Abstraction
    • Raydius SDK
      • Social Login SDK
        • Raydius React SDK
          • Prerequisites
          • Installation
          • Get Your Raydius App ID
          • Set Up Your App with Raydius React SDK
          • Using the useRaydius Hook
          • Wallet Security
          • Setup
          • Advanced Usage with wagmi
          • Example Scenarios
        • Raydius Vue SDK
          • Prerequisites
          • Installation
          • Get Your Raydius App ID
          • Set Up Your App with Raydius Vue SDK
          • Using the useRaydius Hook
          • RaydiusVuePlugin Config
          • Wallet Security
      • User Loyalty Toolkit
      • Analytics Dashboard
    • Raydius Extension Store
    • Raydius Express
  • Technical Architecture
    • Tech Stack Overview
    • Multi-Chain Support
    • Security & Compliance
  • Getting Started
    • Setting Up Your Development Environment
    • Using the Raydius SDK
    • Creating and Managing Extensions
    • Integrating Raydius Express
  • Tokenomics
    • Overview of $RAYS
    • Token Utilities
    • Token Demand and Supply
  • Ecosystem and Community
    • Community Hub
    • Partnerships & Integrations
    • Developer & User Incentives
  • FAQs
    • General Questions
    • Technical Questions
    • Token-Related Questions
Powered by GitBook
On this page
  1. Core Concepts
  2. Raydius SDK
  3. Social Login SDK
  4. Raydius Vue SDK

Wallet Security

There are two ways to onboard users in Raydius:

  1. Social login, which generates an EOA wallet for users.

  2. External wallet login, which stores the metadata of users' own wallets.

Social Login

Raydius will create an EOA wallet for users during social login and help with the security and recovery of the newly created wallet. It works as follows:

  • The wallet's public and private keys are generated in your user client.

  • The wallet's private key is split into three key shares using Shamir's secret sharing.

  • The three private key shares are encrypted by a strong password set by the user and split across the user device, Raydius, and a third-party storage provider trusted by users (Raydius provides a default - Google Drive, but the user can choose another).

  • When an authenticated user attempts to sign a message, keys are reconstructed in an iframe on your site to generate the signature. This iframe's origin is isolated from your site, meaning your application never has access to private keys.

  • If a user logs in to a new device, or loses an existing device, they can utilize their recovery key shares to regain access to their wallet.

External Wallet Login

Wallets owned by users previously are just linked to Raydius, which means Raydius only embeds the metadata (wallet address, wallet client, etc.) of those external wallets for ease of use. Therefore, Raydius cannot help with the security and recovery of those wallets.

PreviousRaydiusVuePlugin ConfigNextUser Loyalty Toolkit

Last updated 8 months ago