Onboarding

1. User selects a SafleID of choice

2. User enters a password

3. Client application generates PDKeyHash, encryptedEncryption key with users inputs.

   1. Client application generates a random 64 bytes string. This is stored as encryption key.

   2. Client application generates PDKey using SafleID & password using pbkdf2 algorithm

   3. Client application hashes PDKey using SHA512

   4. Client application encrypts encryption key using PDKey using aes.cbc algorithm

   5. Client application hashes plain password using PDKey using pbkdf2 algorithm

   6. Send encrypted encryption key, hashed password and PDKeyHash to server

4. Client app initialises safle vault SDK

   Installation, package import & initialisation: :

   Copy

   npm install @getsafle/safle-vault
   
   const Vault = require('@getsafle/safle-vault');
   const vault = new Vault();

5. Client app generates 12 word seed phrase using Safle Vault

   Copy

   const mnemonic = await vault.generateMnemonic(entropy);

   • entropy (optional) - The entropy used to generate the 12 word seed phrase. (Uses crypto.randomBytes under the hood). Defaults to 128-bits of entropy.

6. User enters 6 digit Pin used to encrypt private data and methods of vault. This pin is never stored on Safle’s end

7. Client app generates users vault.

   Copy

   	const userVault = await vault.generateVault(encryptionKey, pin, mnemonic);

   • encryptionKey - 64 bytes Uint8Array used to encrypt the vault.

   • pin - The pin to access the vault's private functions.

   • mnemonic - The mnemonic to generate the vault from.

8. Register user’s safleID on blockchain - User’s safleID is registered using safle relayer where gas fee for the transaction is paid by safle registrars

💡The encrypted vault string is persisted in the mobiles keyring storage to access other wallet related operations.