I am integrating Web3Auth into my React Native application and have implemented social login functionality using various providers (Google, Kakao, LINE, and Apple). I have also separated Testnet and Mainnet configurations.
However, I have noticed that when I use the same social login account, the mnemonic keys (private keys) generated for both Testnet and Mainnet are identical.
Current Implementation
Network Configuration: I am setting different values for OPENLOGIN_NETWORK (SAPPHIRE_MAINNET for Mainnet and SAPPHIRE_DEVNET for Testnet).
Verifier Settings: I am using the same verifier and verifierSubIdentifier for both Testnet and Mainnet.
Client IDs: I have different client IDs for Testnet and Mainnet.
Questions:
Why is the same private key being generated for both Testnet and Mainnet when using the same social login?
Does Web3Auth generate keys solely based on the user’s social login identity (email, social ID, etc.), regardless of the network (Mainnet vs. Testnet)?
Would changing the verifier or verifierSubIdentifier allow different keys to be generated for Testnet and Mainnet?
Is there an official way to ensure that Testnet and Mainnet accounts are completely separate, even if the same social login is used?
I would greatly appreciate any guidance or clarification you can provide on this issue. Thank you for your support!
Thanks for reaching out and sharing detailed information about your implementation and the issue you’re facing. Let’s address your questions:
Same Private Key for Testnet and Mainnet: Web3Auth generates keys based on the user’s social login identities. This is why you are seeing the same mnemonic/key for both Testnet and Mainnet when using the same social login. This is expected behavior as the identity is consistent.
Key Generation Based on Social Identity: Correct, the key derivation process primarily hinges on the user’s social login identity (email, social ID), rather than the network type (Mainnet vs. Testnet).
Changing Verifier/VerifierSubIdentifier: If you want different keys for Testnet and Mainnet, you can consider using different verifiers or verifierSubIdentifiers for each network. This would create a distinct identity context for each network.
Ensuring Separate Testnet/Mainnet Accounts: Officially separating Testnet and Mainnet accounts with the same social login can be done by adjusting the verifier settings as mentioned above. Another approach could be using a different set of client IDs and verifier configurations for each environment, which you are already partly doing.
Would you mind sharing the snippets of your Web3Auth initialization code? That will help us ensure correct setup customization detailed for your needs.
I hope this clarifies your concerns. If you have more questions or need further assistance, feel free to ask!
Best regards.
Note: This response was generated by an AI bot and may require further verification. The Web3Auth support team has tracked this issue and will be responding as soon as possible.
Additionally, we would recommend you to join our biweekly Office Hours to get this resolved even faster. Web3Auth Developer Office Hours