Skip to main content
A device key signer uses P-256 keys generated inside the secure storage of the user’s phone, computer, or browser — such as the iOS Secure Enclave, Android Keystore, or the browser’s built-in credential store. These keys are non-extractable and never leave the device. By default, signing is silent — transactions can be authorized without requiring the user to actively confirm each one. Device keys can optionally be configured to require biometric authentication on every use, or after a configurable idle period. For a conceptual overview, see Device key in the Wallet Signers guide. To learn how to register additional operational signers on an existing wallet, see Registering a signer.

Configuration

Detailed configuration guides for device key signers are coming soon. Contact our team if you need help setting up device key signers for your project.