Custodial vs. Non-Custodial
This page describes the difference between custodial and non-custodial wallets.
Custodial vs. Non-Custodial Wallets
Introduction
With the Wallet-API solution, Venly is considered the technology provider. As a client, you have the option to create wallets (custodial or non-custodial wallets).
Non-custodial wallets emphasize user control and ownership. You or your users have direct control over the assets, particularly the private keys. Only you or your user can access the private key.
Custodial Wallets
As custodial you take custody of the private key needed to access the user's wallet.
From a technical viewpoint, Venly provides all the services and security needed to store and manage the private keys of your users. You will not need to store the keys yourself.
Advantages
Usability
In the custody solution, users can be assisted when they lose access to their wallet (e.g. they forgot their PIN code). Venly can recover the private keys in this case and reset the PIN codes for the user.
Full control
As you are considered the owner of the created wallets, you have full control over them. The custody solution allows for flows and use cases where you need to access the user's-wallets, without their interaction.
Click here for some example use cases on how to manage the PIN codes.
Consequences
Compliance
You are considered the custodian of the wallets and are therefore required to comply with the necessary AML/KYC regulations (if applicable).
Non-Custodial Wallets
In a non-custodial solution, the end-user has sole responsibility for protecting their holdings.
The user's wallets are not accessible by Venly or you, without user interaction.
From a technical point of view, Venly will still be in charge of storing and managing the private keys. Venly is however never able to access these keys.
Advantages
Faster go-to-market
Compliance regulations are lighter, therefore allowing you to setup a solution faster.
Control Over Private Keys
In a non-custodial wallet, you retain full control over access to your private keys. This reduces the risk of unauthorized access or loss.
Enhanced Security
Since you or your user are the sole custodian of your private keys, the risk of hacking or breaches is significantly reduced.
Consequences
Wallets are unrecoverable (unless user has another signing method)
If a user loses access to their wallet, you, nor Venly, is able to recover these wallets, unless they have another signing method such as emergency_code
or biometrics
.
Wallet access will become the sole responsibility of the end-user.
Click here to read more about signing methods and how to recover a lost PIN.
User interaction needed
For each wallet interaction (e.g. initiating a transfer), user interaction is needed. The user is required to enter their PIN code / sign for the request before it can be executed.
The raw PIN Code can therefore never be stored in your system, it should always be provided by the user.
Click here for some example use cases on how to manage the PIN codes.
Setup of Wallets
By default, all wallets created will be non-custodial. You can create custodial wallets in the sense that you take control and ownership of the
pincode
on behalf of your users.
To create a wallet, call the following endpoint:
Request Endpoint: reference
POST /api/wallets
Parameter | Param Type | Value | Description | Example Value |
---|---|---|---|---|
Signing-Method | Header | id:value | id : This is the ID of the signing methodvalue : This is the value of the signing method | 756ae7a7-3713-43ee-9936-0dff50306488:123456 |
Parameter | Param Type | Description | Data Type | Mandatory |
---|---|---|---|---|
secretType | Body | The blockchain on which to create the wallet | String | ✅ |
userId | Body | The ID of the user who you want to link this wallet to | String | ❌ |
pincode (Deprecated) | Body | The pin that will encrypt and decrypt the wallet | String | ❌ |
Request Body:
{
"secretType": "MATIC",
"userId": "6a5a9020-e969-4d9a-ae4b-fcd91a75769d"
}
Updated 8 months ago