This page details the Dynamic-powered embedded wallet reveal and export process, which enables end users to retrieve and backup their wallet credentials, as well as delete them from the Dynamic-powered embedded wallet.

Revealing a Private Key/Seed Phrase

When implementing Dynamic in headless mode, please ensure you are surfacing this flow to your end users, so that they always maintain control of their wallet.

Revealing a wallet private key/seed phrase allows end users to retrieve their wallet credentials for backup or migration to another wallet or service. This is critical to ensure a user maintains control of their wallet, in case a user loses access to the provider service, needs to recover their wallet, or wants to use a different wallet provider with their existing wallet.

End User Experience

The Dynamic export flow reveals the private key/seed phrase in an secure isolated iframe to limit the ability of Dynamic, the developer, or anyone in the flow to view the exported key. For more details on the security of the iframe and cryptographic flows go to our FAQs.

Programmatically Triggering Wallet Export Flow

To ensure a user maintains control of their wallet, in case a user loses access to the provider service, we recommend using our hook to place the export flow immediately after creating the account.

To open the export wallet flow on behalf of your users, you can call the initExportProcess method from the useEmbeddedReveal hook. This will open the flow described above. Only the end-user will be able to see the private key or seed phrase.

import { useEmbeddedReveal } from "@dynamic-labs/sdk-react-core";


const { initExportProcess } = useEmbeddedReveal();


<button onClick={() => initExportProcess()}>Export Wallet</button>;

You can see the experience by going to demo.dynamic.xyz and creating an embedded wallet.

Unlinking customer’s embedded wallet from your app

This feature is in development. If you’re interested in learning more, reach out to us in slack.

Once an end-user has revealed their private key/seed phrase, they can choose to unlink it from your site, maintaining full control over the interfaces on which their private key exists. To do this, Dynamic provides a checkbox option and confirmation screen to complete this flow.

If an end user chooses to complete this flow, their embedded wallet will no longer work within your application. They will be issued a new embedded wallet if they log in again.

Risks and Considerations

You should always provide your end users with a path to reveal and replicate their keys from their embedded wallet. When using the headless embedded wallet flow, please ensure you add a path for users to complete this step using the programmatic option described above.

End users should be aware that replicating their wallet credentials can expose their wallet to risk if the credentials are not stored securely. Users are advised to store their credentials in a secure location and not share them with anyone. When implementing Dynamic in headless mode, we recommend communicating these warnings to users.

FAQs

Q. What is the security of the iFrame and how do you ensure only the end-user can access these credentials? A. We leverage joint architecture with Turnkey to secure this flow, and you can dive into the cryptographic flows here: https://docs.turnkey.com/features/export-wallets#cryptographic-details

Q. What happens if user reveals and replicates their private key and loses it? A. Users can return to use the application service. If they unlinked their account from the application service during export and then lost their private key, they would not be able to retrieve that wallet.