Exporting private keys
Privy enables your users to export the private for their embedded wallet. This allows them to use their embedded wallet address with another wallet client, such as MetaMask or Phantom.
Due to the sensitive nature of key export, this feature is only available in web environments (React SDK) where the operation can be secured with strict browser security guarantees. If using mobile or non-web SDKs, direct users to a browser or implement a webview with the React SDK for secure key export.
To have your user export their embedded wallet’s private key, use Privy’s exportWallet
method:
When invoked, exportWallet
will open a modal where your user can copy the full private key for their embedded wallet. The modal will also link your user to a guide for how to load their embedded wallet into another wallet client, such as MetaMask or Phantom.
If your user is not authenticated
or has not yet created an embedded wallet in your app, this method will fail.
As an example, you might attach exportWallet
to an export wallet button in your app:
If your application uses smart wallets on EVM networks, exporting the wallet will export the private key for the smart wallet’s signer, and not the smart wallet itself. Users can control their smart wallet via this private key, but will be required to manually use it to sign calls to the contract for their smart wallet directly to use the smart wallet outside of your app.
Exporting HD wallets
If your user has multiple embedded wallets, you can export the private key for a specific wallet by passing the address of your desired wallet as an address
parameter to the exportWallet
method:
If no address
is passed to exportWallet
, Privy will default to exporting the wallet at walletIndex: 0
.
When your user exports their embedded wallet, their private key is assembled on a different origin than your app’s origin. This means neither you nor Privy can ever access your user’s private key. Your user is the only party that can ever access their full private key.
To have your user export their embedded wallet’s private key, use Privy’s exportWallet
method:
When invoked, exportWallet
will open a modal where your user can copy the full private key for their embedded wallet. The modal will also link your user to a guide for how to load their embedded wallet into another wallet client, such as MetaMask or Phantom.
If your user is not authenticated
or has not yet created an embedded wallet in your app, this method will fail.
As an example, you might attach exportWallet
to an export wallet button in your app:
If your application uses smart wallets on EVM networks, exporting the wallet will export the private key for the smart wallet’s signer, and not the smart wallet itself. Users can control their smart wallet via this private key, but will be required to manually use it to sign calls to the contract for their smart wallet directly to use the smart wallet outside of your app.
Exporting HD wallets
If your user has multiple embedded wallets, you can export the private key for a specific wallet by passing the address of your desired wallet as an address
parameter to the exportWallet
method:
If no address
is passed to exportWallet
, Privy will default to exporting the wallet at walletIndex: 0
.
When your user exports their embedded wallet, their private key is assembled on a different origin than your app’s origin. This means neither you nor Privy can ever access your user’s private key. Your user is the only party that can ever access their full private key.
To export a wallet’s private key via the REST API, use the /v1/wallets/{wallet_id}/export
endpoint. This endpoint uses Hybrid Public Key Encryption (HPKE) to securely transmit the private key.
Server-side export is only enabled for wallets created and managed fully via server-side APIs. User wallets created using client-side SDKs, regardless of provisioned session signers, cannot be exported via REST API.
Wallet export is restricted to wallet owners and enabled by default, unless explicitly disabled by
a DENY
policy. For wallets that are NOT assigned an
owner, they can only be exported if they are assigned a DENY
policy.
The endpoint will return the encrypted private key along with the encapsulation information needed for decryption:
Decrypting the Private Key
The exported private key is encrypted using Hybrid Public Key Encryption (HPKE) with the following configuration:
- KEM: DHKEM_P256_HKDF_SHA256
- KDF: HKDF_SHA256
- AEAD: CHACHA20_POLY1305
- Mode: BASE
To decrypt the private key, you’ll need to use these same parameters along with your recipient private key. Here’s how to implement the decryption in several languages: