Secure Wallets

Set up and manage a self-custodial Secure Wallet.

Create and manage Secure Wallets

You can and should create self-custodial Secure Wallets on our platform using passkeys. You are the only one in full control of those wallets, and only you can authorise TokenSight to perform limited activities, such as trading, on your behalf.

Passkeys are a safer and easier alternative to passwords. With passkeys, you can sign in to apps and websites with a biometric sensor (such as a fingerprint or facial recognition), PIN, or pattern, freeing you from having to remember and manage passwords. You can sync your passkeys across different devices you own, and store them securely on the cloud. Largest companies like Apple, Google etc. allow you to manage passkeys and sync across devices in a very simple way so you never lose them. Learn more about passkeys: https://developers.google.com/identity/passkeys https://it-training.apple.com/tutorials/support/sup540 https://www.youtube.com/watch?v=2xdV-xut7EQ

We have partnered with Turnkey to enable self-custodial Secure Wallets on our platform. Turnkey provides a cloud-based private key management infrastructure, where the private keys are stored in Secure Enclaves and only you can sign transactions using those private keys by submitting a valid signature to Turnkey from a passkey that you own.

TokenSight or any third party can never access your private key. This means that even if TokenSight suffers a malicious attack, your private key is always intact and only accessible by you.

Creating a Secure Wallet in the platform takes ~1 minute and consists of 3 simple steps:

1. Create a Secure Wallet

You can generate a Secure Wallet by assigning a user-friendly name. The generated passkey will have the same name as the wallet. You can rename the wallet afterwards, but note that the name of the passkey will stay the same.

The recovery e-mail (optional) doesn't need to be the same as the email you use to login into the platform in case you have signed up with an email. It will be used in cases when you need reset the passkey on the application.

Creating a Secure Wallet can be done only with a passkey

Once you click Generate Wallet, you will be prompted to create a passkey. You have different options to create a passkey - using your browser profile (Brave, Chrome etc), your iPhone or Android device, or a hardware security key (ex. YubiKey).

The following table shows a summary of the different devices, operating systems, browsers and their support for passkeys.

If your device doesn't support passkeys, you cannot create a secure wallet.

Apple

MacOS and iOS versions have a strong support for passkeys, which can be synced in your iCloud account across all your devices.

Select the right option for creating a passkey

You have the option to create a passkey using the following:

• Touch ID on your Mac: Place your finger on the Touch ID sensor.

• Scan a QR code with your iPhone or iPad: Click Use a phone, tablet or security key. Use the FaceID to generate a passkey on your iPhone.

• Your Brave/Chrome profile: The passkey will be stored using your Touch ID in your brave or chrome profile.

• External security key: You can use an external hardware device, like YubiKey to generate a passkey.

You can save passkeys in your Chrome profile, where they’re protected by a macOS Keychain.

Important: Chrome can’t save or use passkeys stored in iCloud Keychain. If your computer is lost or the Chrome profile is deleted, you can’t recover your passkeys.

Official Guides:

• https://developer.apple.com/passkeys/

• https://support.apple.com/en-gb/guide/iphone/iphf538ea8d0/ios

• https://support.apple.com/en-gb/guide/mac-help/mchl4af65d1a/mac

Android

You can create a passkey using your android device using the biometrics (touchID, faceID) that are supported by your phone.

Creating a passkey on Android

Sign actions with your saved passkey

Official Guides:

• https://developer.android.com/design/ui/mobile/guides/patterns/passkeys

Windows

If you have Windows 10 or up, you can use passkeys. To store passkeys, you must set up Windows Hello. Windows Hello doesn’t currently support synchronization or backup, so passkeys are only saved to your computer. If your computer is lost or the operating system is reinstalled, you can’t recover your passkeys.

To use passkey management and passkey autofill, your computer must have Windows 11, version 22H2 or later.

In order to create a Secure Wallet on TokenSight, you need to first setup Windows Hellp, which you can do using your faceID or touchID (subject to device support) or a PIN code. In this example, we show setting up a PIN first on Windows Hello.

When you setup Windows Hello PIN, you will use that PIN to sign in to your computer.

Setup Windows Hello PIN

After setting up Windows Hello PIN, you are ready to create a Secure Wallet on TokenSight, using a PIN. Note that based on the Windows version and its capabilities, the PIN might be stored locally on the device, and losing the device means losing your key. For that reason we recommend adding a recovery email to reset the passkey, as well as taking backup of the wallet.

Setup a Secure Wallet using Windows Hello PIN

Official Guides:

• https://support.microsoft.com/en-us/windows/passkeys-in-windows-301c8944-5ea2-452b-9886-97e4d2ef4422

Linux

Passkeys are supported on Ubuntu and other distributions. When creating a passkey, you need to have the device Bluetooth turned on, and you can create the passkey via a mobile device (ex. iOS, Android) or with a USB security key (ex. YubiKey)

Password Manager

You can use a commercial password manager like 1Password or an open source one like KeyPassXC to store passkeys locally without device limitations.

When using 1Password, the passkey will be synced across your devices where you are using 1Password.

Store passkey in 1Password

The wallet will be created once you create the passkey using the desired method.

2. Grant TokenSight read permissions

Once the wallet is created, you can see the associated address. You can deposit ETH or any ERC20 token on that wallet straight away, however it is not yet ready for trading on TokenSight as you haven't provided any trading permission yet. You need to first grant permissions to TokenSight to read your wallet data, and in this step you need to provide another signature with your wallet's passkey and authorise this operation.

Grant TokenSight read only permissions to your wallet

3. Allow TokenSight to trade on your behalf

Trading with the wallet is disabled by default after setting it up.

As a last step, you need to authorise TokenSight to submit trades on the platform with your wallet. You can manage granular trading permissions, which you can enable or disable anytime, thus giving you full control over your trading experience. This operations act in a similar way to on-chain approvals, except that those approvals are recorded off-chain. You can manage the following permissions:

Authorise trading operations

1. Trade via TokenSight Router V1 on Ethereum

Most trades on Ethereum are routed to TokenSight Router V1 smart contract. By enabling & signing this operation with your wallet's passkey, you authorise only the following operation:

Allow TokenSight platform to only swap tokens via the TokenSight Router smart contract on Uniswap V2 and V3 and submit approvals to it for selling those tokens.

2. Trade via Aggregators on all supported EVM chains

Specific trades on Ethereum (like selling tokens with whale protection mechanisms or sell tax), as well as trades on other supported EVM chains (Arbitrum, Optimism, Base, Avalanche, BSC, Polygon) are routed to Kyber Aggregator smart contract. By enabling & signing this operation with your wallet's passkey, you authorise only the following operation:

Allow TokenSight platform to only swap tokens via the Kyber Meta Aggregator V2 smart contract and submit approvals to it for selling those tokens.

3. Trade on Solana

To trade on Solana, you need to authorise TokenSight to perform any operation on your behalf (including transfers). This is done to ensure TokenSight finds the best route for perform the swap, and collecting fees. By enabling & signing this operation with your wallet's passkey, you authorise only the following operation:

Allow TokenSight to perform any operation with your Solana wallet. This includes transferring native tokens and any other SPL token.