Understanding the Entity Secret in Developer-Controlled Wallets

The Entity Secret is an integral component in Developer-Controlled Wallets, serving as a key element in bolstering security.

What is the Entity Secret?

The Entity Secret is a robust 32-byte key engineered to enhance the security mechanisms of Developer Controlled Wallets. Its value lies not only in its complexity but also in the specific security benefits it confers.

The importance of the Entity Secret


The Entity Secret is generated by you and remains known exclusively to you. Consider it as your private password or a cryptographic signature that distinguishes your activities.

Enhanced Security for Critical API Requests

For critical actions such as wallet creation or initiating transactions, the Entity Secret comes into play. Attaching an encrypted version of the Entity Secret to these API requests provides an added authentication factor, reinforcing the security infrastructure.

Dynamic Protection

With a requirement to re-encrypt the Entity Secret for each API request, you avoid the risks associated with having a static key, which could be vulnerable to security breaches. This dynamic approach means that every request is identifiably distinct, providing fortified protection against potential attacks.

Sole Authority

While our platform enables operations using the Entity Secret, it does not store it. This design choice comes with dual implications: First, it ensures you are the sole entity capable of using your private keys, thus preserving absolute control over them. Second, it places the responsibility squarely on your shoulders to secure the Entity Secret conscientiously, as its security is paramount to the overall protection of your Developer-Controlled Wallets.

Balancing Power with Responsibility as a Developer

The Entity Secret embodies the level of trust and authority that our platform confers upon developers. It enables smooth access to the extensive capabilities of developer-controlled wallets, while simultaneously ensuring their security is maintained. However, great power necessitates equally great responsibility. The safeguarding, encryption, and periodic renewal of the Entity Secret are duties that rest with you, the developer.

This dynamic of empowering developers while also entrusting them with critical security tasks reflects the core principles of decentralization intrinsic to the web3 ecosystem. As a developer, you're more than a creator; you assume the role of a guardian of security and a proponent of distributed authority.

Should you sense the weight of this role, rest assured that guidance is at hand. We are here to support you in effectively managing and protecting your Entity Secret.

Generating the Entity Secret

const crypto = require('crypto')
const secret = crypto.randomBytes(32).toString('hex')

Try it out:Generate your own Entity Secret

It's crucial to safeguard your Entity Secret akin to a key to your home—misplacing it or divulging it to others could have serious ramifications. Ensure you securely store the Entity Secret because you'll require it shortly to create an Entity Secret Ciphertext. Just as the name implies, the Entity Secret is sensitive information; treat it with the utmost confidentiality and security to prevent unauthorized access or use.

Need help or have questions?

Here are some helpful links:

🎮Join our Discord Community: Engage, learn, and collaborate.
🛎Visit our Help-Desk Page: Dive into curated FAQs and guides.
📧Direct Email: We're always a message away.
📖Read docs: Check out our developer documentation.
© 2023 Circle Technology Services, LLC. All rights reserved.