- Flexibility: A single wallet primitive that supports many use cases — end-user wallets, treasury management, disbursements, and more.
- High throughput and availability: Wallets scale to the maximum throughput available per chain, at the fastest speeds possible.
- True ownership: You and your users fully own every wallet. Even if Crossmint were to disappear, wallets continue to function — no vendor lock-in, no dependency on Crossmint infrastructure.
Dual Layer Architecture
Crossmint achieves this by separating two concerns: the wallet itself and the signers that control it.
The Core: Smart Contract Wallets
On EVM chains, Crossmint wallets are smart contract wallets implementing ERC-4337 with ERC-7579 modular extensions. Because the wallet is a smart contract, it lives natively on the blockchain — not in a private third-party server that you cannot audit or control. On Solana, wallets use program-derived addresses (PDAs) with equivalent programmatic control. On Stellar, wallets use Soroban smart contracts, with equivalent functionality and additional cost and developer experience improvements around the use of trustlines. This smart contract foundation enables:- Seamless provider migration: If you wish to migrate, you can update the wallet’s recovery signers without changing the wallet address. Your users keep their address, balances, and transaction history regardless of infrastructure changes.
- Programmable authorization logic: Add multiple operational and recovery signers, with optional scoped permissions, with logic fully auditable onchain.
- Flexible gas sponsorship: Wallets can pay gas in USDC, native token, or billed to your Crossmint account.
- Easier post-quantum migration: Unlike wallets that couple wallet address with the underlying signer, Crossmint wallets will continue to operate with the same address once keys are upgraded to post-quantum cryptography.
Because the wallet is a smart contract on a public blockchain, it does not depend on Crossmint’s servers to function. If Crossmint were to stop operating, you can interact with the wallet’s smart contract directly — adding new signers, transferring assets, or migrating to another provider — using standard blockchain tools.
The Control Layer: Signers
A signer is a digital identity — such as a passkey, external wallet, or cloud key — authorized to approve actions on the wallet’s behalf. By decoupling signers from the wallet, Crossmint obtains higher performance signing with equivalent security, while reducing cost and lock-in significantly compared with cloud-TEE based systems. For end-user wallets, Crossmint uses the native key enclaves already present on your users’ devices: the Secure Enclave on iOS and the Keystore on Android. Signatures happen directly on user hardware with no network round-trip to Crossmint or any third-party server. This means signing adds zero latency compared to a direct blockchain transaction — unlike MPC-based architectures that require key reconstruction across distributed infrastructure before every signature, or cloud TEEs which require a network round trip. For company and treasury wallets, Crossmint integrates with your existing cloud infrastructure — AWS KMS, Azure Key Vault, or GCP Cloud HSM. These are the same signing services trusted across tens of thousands of companies outside of crypto, supporting up to 1,000 cryptographic signing operations per second per key. For recovery, Crossmint provides additional signers based on email, phone number, or social login. These recovery signers are added to the wallet’s onchain signer set, meaning recovery is enforced by the smart contract itself — not by Crossmint’s backend. See Wallet Signers for recovery signer types and Custody modalities for the custody implications.What This Means in Practice
For end-user wallets, this architecture enables completely invisible, self-custodial wallets. Users sign transactions on their own device hardware without knowing a blockchain is involved. Gas is fully sponsored. There is no dependency on a third-party server to sign in or transact. And because the wallet is a smart contract, you have a clear migration path away from any provider — update the recovery signer and move on, keeping the same wallet address and all its assets. For company and treasury wallets, you get bank-grade signing infrastructure at a fraction of the cost of specialized custody providers. An AWS KMS signer costs pennies per signing operation and supports throughput that exceeds what most chains can settle. Compare this to custody providers that charge thousands per month for equivalent functionality.Why smart contract wallets?
Learn why Crossmint chose smart contract wallets over MPC and off-chain key storage.