Wallet Generation

Overview

We provide a 1-click solution to onboard users from a variety of different chains. These wallet's private keys can later be exported to use outside of the Clusters ecosystem.

Bitcoin

Ton

Aptos

Litecoin

EVM

Cosmos

Ripple

Algorand

Solana

Dogecoin

Tron

Security

Authentication

Signing into your cluster starts with verifying wallet ownership using off-chain authentication via signature signing. All users must sign an off-chain signature to prove they own their cluster.

Passphrase: Users may choose to opt in for an additional layer of security by adding a passphrase. We recommend users enable this feature when storing significant amount of funds on generated wallets.

Clusters does not store this passphrase. It is impossible to recover if lost and will result in forfeiting the ability to recover private keys of wallets generated on the users account.

  • Passphrases are used as the encryption key for private key shards.

  • Users will need to enter their passphrase in order to export their wallet's private keys.

Private Key Storage

Key's are split up into 3 different shares using the Shamir's secret sharing. It is split between user and cloud encrypted storage. In order to reveal the private key, 2 out of the 3 shares need to be present. Full keys are never sent over the air or stored in Clusters infrastructure.

  1. User device share — Stored on the users device via local storage. This share will be stored encrypted using the passphrase if opted in.

  2. Recovery share This share is encrypted at rest by default and stored by Clusters. This share is encrypted using the users passphrase if they opt in for this additional security later.

  3. Backup share — Encrypted at rest and stored by Clusters. It's used, in conjunction with the recovery share, to generate an additional compatible user device share if it's lost or moving to another device.

Last updated