LogoLogo
SupportGithubSign InGet Access
  • Introduction
  • GETTING STARTED
    • SDK Quick Start
    • API Quick Start
  • Guides
    • Web
      • Create a wallet
      • Send tokens
      • Sign a transaction
      • Simulate a transaction
      • Back up a wallet
      • Recover a wallet
      • Cross-device sessions
      • Manage wallet lifecycle states
      • Web authentication methods
      • Perform swaps
      • Add custom signature hooks
      • MPC progress callbacks
      • Portal API methods
      • Configure a custom subdomain
      • Eject a wallet
      • Using the EIP-1193 Provider
      • Legacy documentation
        • Back up a wallet
          • Backup Options
        • Recover a wallet
    • iOS
      • Create a wallet
      • Send tokens
      • Sign a transaction
      • Simulate a transaction
      • Back up a wallet
      • Recover a wallet
      • Cross-device sessions
      • Manage wallet lifecycle states
      • Connect with WalletConnect
      • Build a WebView
      • Perform swaps
      • Add custom signature hooks
      • MPC progress callbacks
      • Portal API methods
      • Manage ERC20 tokens
      • Eject a wallet
      • Legacy documentation
        • Back up a wallet
          • Backup Options
          • Passkey + Enclave Storage
        • Recover a wallet
      • Troubleshooting Tips
      • Feature Flags
    • Android
      • Create a wallet
      • Send tokens
      • Sign a transaction
      • Simulate a transaction
      • Back up a wallet
      • Recover a wallet
      • Cross-device sessions
      • Manage wallet lifecycle states
      • Connect with WalletConnect
      • Build a WebView
      • Perform swaps
      • Add custom signature hooks
      • MPC progress callbacks
      • Portal API methods
      • Eject a wallet
      • Legacy documentation
        • Back up a wallet
          • Backup Options
        • Recover a wallet
    • React Native
      • Create a wallet
      • Send tokens
      • Sign a transaction
      • Simulate a transaction
      • Back up a wallet
      • Recover a wallet
      • Cross-device sessions
      • Manage wallet lifecycle states
      • Connect with WalletConnect
      • Build a WebView
      • Perform swaps
      • Add custom signature hooks
      • MPC progress callbacks
      • Portal API methods
      • Eject a wallet
      • Legacy documentation
        • Back up a wallet
          • Backup Options
        • Recover a wallet
    • Enclave MPC API
      • Create a client
      • Create a wallet
      • Send tokens
      • Sign Ethereum transactions
      • Sign Solana transactions
      • Sign Tron transactions
      • Sign Stellar Transaction
      • Concurrent Transactions
      • Back up a wallet
      • Eject a wallet
  • Reference
    • iOS
      • createWallet
      • backupWallet
      • recoverWallet
      • ejectPrivateKeys
      • registerBackupMethod
      • setGDriveConfiguration
      • setPasskeyConfiguration
      • setPasskeyAuthenticationAnchor
      • setPassword
      • availableRecoveryMethods
      • doesWalletExist
      • isWalletBackedUp
      • isWalletOnDevice
      • isWalletRecoverable
      • getBalances
      • getAssets
      • getNftAssets
      • getTransactions
      • sendSol
      • evaluateTransaction
      • buildEip155Transaction
      • buildSolanaTransaction
      • getWalletCapabilities
    • Android
      • Reference Documentation
    • React Native
      • @portal-hq/core
      • Storage adapters
        • Cloud storage
          • @portal-hq/gdrive-storage
          • @portal-hq/icloud-storage
        • Mobile storage
          • @portal-hq/keychain
          • @portal-hq/mobile-key-values
    • Enclave MPC API
      • V1 endpoints
    • Client API
      • V3 endpoints
      • V1 endpoints
    • Custodian API
      • V3 endpoints
      • V1 endpoints
    • Swaps API
      • V3 endpoints
      • V1 endpoints
  • Resources
    • Flutter
      • iOS
      • Android
    • Error codes
      • Overview
      • MPC errors
      • Network errors
      • General errors
      • Encryption errors
      • Portal Connect errors
    • Portal's MPC architecture
    • Authentication and API Keys
    • Self-Managed Backups
    • Alert Webhooks
    • Wallet lifecycle
    • Backup options
      • Password/PIN
      • GDrive
      • iCloud
      • Passkey + Enclave
    • WalletConnect metadata
    • Advanced security scanning
    • Account abstraction
    • Security firewall
    • Eject
    • Security
    • Blockchain support
    • Chain ID formatting
    • Testnet faucets
    • Going to Production
    • Rate Limits
    • Multi-backup migration guide
    • Multi-wallet migration guides
      • Migrating from Android SDK v3.x.x to v4.x.x
      • Migrating from iOS SDK v3.0.x to v3.2.x
  • Support
    • Changelog
      • Android
      • iOS
      • React Native
      • Web
      • Past Releases
        • 2024 Releases
        • 2023 Releases
    • Celo Hackathon Hub
    • Glossary
Powered by GitBook
On this page
  • Ejecting Your User's Wallets
  • With Portal-managed backups
  • With Backups from your server

Was this helpful?

  1. Guides
  2. Android

Eject a wallet

The eject feature allows a user to construct a private key that can be imported into another wallet manager, such as MetaMask.

Warning: Providing the custodian backup share to the client device puts both MPC shares on a single device, removing the multi-party security benefits of MPC. This operation should only be done for users who want to move off of MPC and into a single private key. Use portal.eject() at your own risk!

Ejecting Your User's Wallets

With Portal-managed backups

To eject the private keys for your users' wallets, their two matching backup shares need to be combined. Since both of these shares are stored on the Portal backend encrypted at rest, we first need to verify that the upcoming request to eject the wallet is not an attack. In order to do this, we make this a two-step process:

  1. Make a Custodian-authed POST request using your Custodian API Key (the same API key you use to create new users) to the /api/v3/custodians/me/clients/${clientId}/prepare-eject endpoint to allow for this client to perform an eject operation

  2. Call the portal.ejectPrivateKey() function from your application

Making the `prepare-eject` request

This endpoint requires a walletId in the POST body. This can be found in the wallets property of the /api/custodians/me/clients/${clientId} GET request.

If you are planning on ejecting multiple wallets for a user, you'll need to make multiple separate requests to "unlock" all requires wallets.

const response = await axios.post<string>(
  `https://api.portalhq.io/api/v3/custodians/me/clients/${clientId}/prepare-eject`,
    { walletId: 'YOUR_CLIENTS_WALLET_ID' },
    { 
      headers: {
        'Authorization': `Bearer ${YOUR_CUSTODIAN_API_KEY}`
      } 
    },
)

Ejecting the wallets


val privateKey = portal.ejectPrivateKey(
    null, // No input backup shares are required
    null, // No input backup shares are required
    
    // Provide the appropriate backup method for your client's wallet
    backupMethod = BackupMethods.Password,
    backupConfigs = backupConfigs,
)

This function will perform the combining of shares from our server and the cryptographic operation required to build a private key for the wallet. The return value is the string literal of the private key.

With Backups from your server

To eject the private keys for your users' wallets, their two matching backup shares need to be combined. This requires providing the following two shares to portal.eject():

  • User Backup Share - Encrypted backup share received from portal.backup().

  • Custodian Backup Share - Raw backup share received from the POST /backup webhook.

  • Custodian Backup Solana Share - Raw backup share received from the POST /backup webhook.

Here's an example implementation:

// Create a backup config for portal.eject().
val backupConfig = BackupConfigs(PasswordStorageConfig(password = "USERS_PASSWORD"))

// Fetch the user's backup share from your API.
val userBackupShare = yourAPI.fetchUserBackupShare(userId)

// Fetch the custodian backup share for the user from your API.
val custodianBackupShare = yourAPI.fetchCustodianBackupShare(userId)

// Fetch the custodian backup share for the user from your API.
val custodianBackupSolanaShare = yourAPI.fetchCustodianBackupSolanaShare(userId)

// Obtain the private key for the user's SECP256K1 and ED25519 wallet.
val privateKeys = portal.ejectPrivateKeys(
  userBackupShare,
  custodianBackupShare,
  custodianBackupSolanaShare,
  BackupMethods.Password,
  backupConfig,
)

SECP256K1 is the curve used by Ethereum and ED25519 is the curve used by solana.

And that's it!

PreviousPortal API methodsNextLegacy documentation

Last updated 4 months ago

Was this helpful?

You can learn more about signing algorithms and curves .

here