Session keys

Session keys are special cryptographic keys with limited, programmable permissions that are verified on-chain. They’re the cornerstone of how goodcryptoX enables non-custodial trading for conditional orders and fully-automated bots.

Unlike your wallet's private key, which can sign any transaction, session keys are constrained: they can only authorize specific actions that your Smart Contract Wallet recognizes as valid. This gives you the flexibility of automated trading without exposing your private key.

Why they matter

To trade on decentralized exchanges (DEXs) non-custodially, we need a way to sign transactions on your behalf — even when you’re offline. Otherwise, features like:

  • limit and trailing orders

  • take-profits and stop-losses

  • automated bots (e.g., a DCA bot closing dozens of trades daily)

…would be impossible without either asking for your private key or using session keys.

Session keys make the latter option possible. They allow goodcryptoX to sign swap transactions on your behalf — and nothing else.

How they work in goodcryptoX

When you create an EVM wallet in goodcryptoX:

  • We issue session keys for each supported EVM chain (Ethereum, Arbitrum, Base, BNB Chain, etc.).

  • Each session key has strictly limited permissions:

    • Sign swaps on the 1inch router (all supported chains)

    • Sign swaps on Uniswap (Ethereum, Arbitrum, Base — legacy support)

    • Sign swaps on PancakeSwap (BNB Chain — legacy support)

  • These keys cannot withdraw funds or perform any other actions.

From the moment your wallet is set up, all swaps you make through goodcryptoX are signed by session keys. Your private key is never used for swaps — it is only used by you when making a withdrawal.

The first transaction on each chain batches multiple steps into one: deploying your Smart Contract Wallet, validating your session keys on-chain, and executing your initial trade.

Security model

Session keys are handled with the same security model we’ve used for years with centralized exchange API keys:

  • Encryption & sharding: keys are encrypted, split, and stored separately.

  • Backend protections: firewalled, compartmentalized infrastructure with a proven track record (billions in CEX trading volume secured without incidents).

  • Withdrawal safety: session keys can never authorize withdrawals. Any withdrawal requires reconstructing your private key via MPC.

  • Revocability: if needed, you can revoke a session key.

In short: even if a session key were compromised, it cannot be used to drain your wallet.

Looking ahead

The next step for session keys is enabling Bring Your Own Wallet functionality:

You’ll be able to connect an existing wallet — like MetaMask — and trade on goodcryptoX non-custodially, without creating a new wallet, moving funds, or giving up control.

Behind the scenes, we’ll use EIP-7702 to upgrade your EOA wallet into a Smart Contract Wallet. You’ll sign a single transaction to activate this — nothing else changes. Your wallet stays yours.

Once upgraded, we’ll issue session keys to your wallet and store them securely on your behalf. That allows our bots and orders to execute trades on your behalf, while your private key stays entirely under your control and is never shared with us.

And if you ever want to roll things back, you can:

  • revoke the session keys at any time

  • fully disable smart contract functionality and return to a standard EOA wallet

👉 Session keys are the silent engine behind non-custodial automation in goodcryptoX. They give you safety, flexibility, and full access to advanced trading strategies — without ever handing over your private key.

PreviousSmart Contract WalletsNextTransaction batching

Last updated