🔬Wallet architecture

tl;dr We create two wallets for EVM chains: a signer wallet (EOA) and a Smart Contract Wallet (SCW). Your funds are held in the SCW. The signer wallet authorizes SCW transactions and is protected by enterprise-grade MPC security. Both wallets are fully non-custodial.

For Solana users, we create a single non-custodial MPC wallet. It does not have a smart contract component (as Solana does not yet support SCWs). Security principles are the same.

Ethereum and EVM chains (Base, BNB Chain, Arbitrum)

In simple terms, a "traditional" Ethereum wallet is just a private/public key pair. The private key signs transactions; the public key is your wallet address.

These traditional wallets are called Externally Owned Accounts (EOAs). Only EOAs can sign transactions directly on EVM blockchains.

Smart Contract Wallets (SCWs) are on-chain smart contracts that look like wallets, but can't sign transactions. To solve this, SCWs delegate signing to a paired EOA wallet.

When you set up an EVM wallet in goodcryptoX, we create:

  • Wallet 1 (signer) — a traditional EOA wallet. It signs transactions for your Smart Contract Wallet.

  • Wallet 2 (wallet) — a Smart Contract Wallet (Kernel) deployed by ZeroDev. This wallet holds your funds.

The EOA wallet (Wallet 1) is created and secured by web3auth - one of the leaders in web3 wallets infrastructure, powering Trust wallet and many others.

This wallet has a private key, but the key is split and encrypted across two independent parties:

  • Shard 1: encrypted and tied to your goodcryptoX account

  • Shard 2: held by Web3Auth

As we use full-MPC technology, the private key is never reconstructed, not even during signing. Instead, both encrypted factors jointly authorize signatures via MPC. This offers cold-wallet level security.

Your Smart Contract Wallet (Wallet 2) is deployed using ZeroDev, based on the Kernel smart contract — currently the most gas-efficient, secure SCW implementation.

The SCW has no private key. It is controlled entirely by your signer wallet.

As a result:

  • You never have to manage or see a private key

  • The system is fully non-custodial

To enable advanced trading, we issue session keys: limited-permission keys that can only execute swaps via 1inch on your behalf. These keys are signed once by your wallet, encrypted, and used server-side to automate trading.

Only swaps use session keys. Transfers always require direct wallet signature.

Your SCW is deployed at the moment of the first outgoing transaction (transfer or swap). Until deployment, the address appears like a regular EOA on explorers. The first transaction will cost slightly more gas to cover deployment.

Wallet password

Initially, your signer wallet is a 2/2 MPC wallet: goodcryptoX and web3Auth each hold a shard. To go fully non-custodial, you can set a wallet password, converting your signer wallet to 2/3 MPC:

  • Shard 1: tied to your goodcryptoX account — encrypted and stored by our infrastructure

  • Shard 2: the wallet password you set

  • Factor 3: derived from password and stored on your device, so that you don't have to enter the password each time you open the app

This ensures that no third party can ever access your private key — not even in theory.

This also means that if you lose both your password and device, the wallet becomes inaccessible. Use only if you understand the risks.

Upcoming changes

We are transitioning to a single-wallet architecture on EVMs using EIP-7702:

  • The signer EOA wallet will also function as a Smart Contract Wallet

  • Session keys and advanced functionality will be available without needing two wallets

  • You will be able to export your private key from the app

This will simplify the setup while preserving the same MPC-level security.

You will also be able to bring your own EOA (e.g. MetaMask) to use as signer instead of the goodcryptoX-generated wallet.

Solana wallet

On Solana, smart contract wallets are not yet supported. Therefore, we create a single MPC-secured wallet (an EOA equivalent).

The wallet is created using the same MPC setup:

  • Factor 1: tied to your goodcryptoX account

  • Factor 2: held by web3Auth

The private key is never reconstructed during usage. Instead, MPC-based signing is used to authorize transactions.

You can optionally set a wallet password to convert your Solana wallet to 2/3 MPC. Same benefits and risks apply as on EVM chains.

Unlike EVM, your Solana wallet’s private key can be exported directly from the app using the Export key option in the Wallet tab.

PreviousWallet recoveryNextSmart Contract Wallets

Last updated