Note that this guide is for legacy (V2) embedded wallets. If you are looking for current embedded wallet documentation, please go here.

This page explains the Dynamic-powered embedded wallet reveal and export process, allowing end-users to retrieve, back up, and delete their wallet credentials.

Revealing a Private Key/Seed Phrase

When implementing Dynamic in headless mode, please ensure you are surfacing this flow to your end-users, so that they always maintain control of their wallet.

Revealing a wallet’s private key or seed phrase allows end-users to back up their credentials or migrate to another wallet or service. This process is essential for ensuring users maintain control of their wallet in case they lose access to the original provider, need to recover their wallet, or choose to use a different wallet provider.

End User Experience

The Dynamic export flow reveals the private key/seed phrase in an secure isolated iFrame to limit the ability of Dynamic, the developer, or anyone in the flow to view the exported key. For more details on the security of the iFrame and cryptographic flows go to our FAQs.

Programmatically Triggering Wallet Export Flow

To ensure a user maintains control of their wallet, in case a user loses access to the provider service, we recommend using our hook to place the export flow immediately after creating the account.

To open the export wallet flow on behalf of your users, you can call the initExportProcess method from the useEmbeddedReveal hook. This will open the flow described above. Only the end-user will be able to see the private key or seed phrase.

import { useEmbeddedReveal } from "@dynamic-labs/sdk-react-core";


const { initExportProcess } = useEmbeddedReveal();


<button onClick={() => initExportProcess()}>Export Wallet</button>;

You can see the experience by going to demo.dynamic.xyz and creating an embedded wallet.

Risks and Considerations

You should always provide your end-users with a path to reveal and replicate their keys from their embedded wallet. When using the headless embedded wallet flow, please ensure you add a path for users to complete this step using the programmatic option described above.

End-users should be aware that replicating their wallet credentials can expose their wallet to risk if the credentials are not stored securely. Users are advised to store their credentials in a secure location and not share them with anyone. When implementing Dynamic in headless mode, we recommend communicating these warnings to users.

FAQs

Q. What is the security of the iFrame and how do you ensure only the end-user can access these credentials? A. We leverage joint architecture with Turnkey to secure this flow, and you can dive into the cryptographic flows here: https://docs.turnkey.com/features/export-wallets#cryptographic-details

Q. What happens if user reveals and replicates their private key and loses it? A. Users can return to use the application service. If they unlinked their account from the application service during export and then lost their private key, they would not be able to retrieve that wallet.