⏏️Eject a private key

The eject feature allows a user to construct a private key that can be imported into another wallet manager like Metamask.

To learn more about how eject works check out the reference documentation.

Providing the organization backup share to the client device puts both MPC shares on a single device. This removes the multi-party security benefits of MPC. This operation should only be done for users who want to move off of MPC and into a single private key.

Ejecting a private key

In order to eject a private key, the two MPC share pairs need to be combined. It's required to fetch the:

Client Backup Share Ciphertext - this is the same value stored on backup.
Organization Backup Share - this is the value stored via the Portal Webhook.

Pass both of those values and the user's backup method into the ejectPasskey function to construct the private key.

// same endpoint used for recovery
const clientBackupShareCiphertext = await callToYourBackendToFetchClientBackupShareCipherText()

// dangerous endpoint that should require extra authentication
const organizationBackupShare = await apiCallToYourBackendToFetchOrganizationBackupShare()

const result = await portal.mpc.ejectPrivateKey(
                                clientBackupShareCiphertext, 
                                method, 
                                options, 
                                organizationBackupShare)

PreviousPortal API methods NextLegacy Documentation

Last updated 3 months ago