Private key storage in react native

Help - Plug n Play
1

hey @shahbaz I’m using the web3auth with react native and firebase google as aggregate verifier, I wanted to know if the private keys are supposed to be constructed on every app reload? or are thery supposed to be stored in local storage of app? or keychain in Android?

If the key is to be reconstructed on every app reload, how do I do that? are there any examples?

2

also is there an example of how do I persists the login of user once logged in?

cc @shahbaz

3

@shahbaz just bringing this to your notice

4

@shahbaz just bringing this thread up if you missed

5

is there a way to refresh tokens or reconstruct key when google refreshes the access token without opening the webview?

cc @shahbaz @yashovardhan

6

@yashovardhan @shahbaz this query has been unanswered for more than 2 weeks now, This is a blocker for us to release our app? can we get some help here?

7

Hey @devesh.b

Sorry for the delayed reply, somehow due to some internal settings of the portal, we missed your thread. Talking about your questions:

  • We will be releasing a new version of the react native SDK within the next two weeks, where there will be session management support. This means that the key reconstruction will not be needed for a maximum of 7 days after the login has happened.
  • For now, you can create another session key (a random big number), which can be used to encrypt the user’s private key and and store the result in the keychain. You can store the session key in your database with an expiration defined. As long as your session is not expired, you can use the session key to decrypt your private key in the frontend.
  • Talking about refresh tokens, you can have a look at this particular thread: Using Auth0 with Web3Auth
8

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.