Skip to main content
WARNING: Ejecting private keys exposes the full private keys of your wallet. Once ejected, the security guarantees of MPC are lost. This operation should only be used when absolutely necessary, such as migrating to a different wallet provider.

Private Key Ejection

The ejectPrivateKeys method exports the full private keys from the MPC system. This requires authentication using one of your backup methods.

Eject with Password

import 'package:portal_flutter/portal_flutter.dart';

final portal = Portal();

// Eject private keys using password authentication
final privateKeys = await portal.ejectPrivateKeys(
  method: PortalBackupMethod.password,
  password: 'YOUR-PASSWORD',
);

// privateKeys is a Map<String, String> with namespace -> private key
print('EVM private key: ${privateKeys['eip155']}');
print('Solana private key: ${privateKeys['solana']}');

Eject with Passkey

// Configure passkey storage first
await portal.configurePasskeyStorage(
  relyingPartyId: 'portalhq.io',
  relyingPartyOrigins: ['https://portalhq.io'],
);

// Eject private keys using passkey authentication
final privateKeys = await portal.ejectPrivateKeys(
  method: PortalBackupMethod.passkey,
);

Eject with Google Drive

// Configure Google Drive storage first
await portal.configureGoogleStorage(
  clientId: 'your-google-client-id',
);

// Eject private keys using Google Drive authentication
final privateKeys = await portal.ejectPrivateKeys(
  method: PortalBackupMethod.googleDrive,
);

Eject with iCloud (iOS only)

// Configure iCloud storage first
await portal.configureICloudStorage();

// Eject private keys using iCloud authentication
final privateKeys = await portal.ejectPrivateKeys(
  method: PortalBackupMethod.iCloud,
);

Security Considerations

After ejecting private keys:
  1. Store them securely - Never share or expose your private keys
  2. Consider the wallet compromised - The MPC security model no longer applies
  3. Create a new wallet if needed - For continued use with Portal, create a new MPC wallet

Use Cases

Private key ejection should only be used in specific scenarios:
  1. Migration - Moving to a different wallet provider
  2. Advanced users - Who need direct access for specific operations
  3. Compliance - Regulatory requirements that mandate key access

Self-Managed Backups with Cipher Text

If you’re using self-managed backups and have stored the cipher text yourself: 
final privateKeys = await portal.ejectPrivateKeys(
  method: PortalBackupMethod.password,
  password: 'YOUR-PASSWORD',
  cipherText: 'YOUR-STORED-CIPHER-TEXT',
);
Related Documentation