Developer Controlled Wallets

Introduction

Circle’s Cross-Chain Transfer Protocol (CCTP) facilitates the transfer of USDC between distinct blockchains, providing a more streamlined experience. By integrating CCTP with Circle Wallets in your applications, you enable seamless USDC transactions across multiple chains. This reduces the need for users to manage separate wallets for different blockchains, potentially broadening your audience and providing increased liquidity and adaptability. It’s designed to provide users with a cohesive and efficient digital currency experience.

Prerequisites

Before you get started, ensure that you have:

Have a Developer Services account
Created your API key
(Optional) Install the applicable Server-side SDK (required if you register Entity Secret via SDK)

// Developer Controlled Wallets
npm install @circle-fin/developer-controlled-wallets --save
// User Controlled Wallets
npm install @circle-fin/user-controlled-wallets --save
// Contracts
npm install @circle-fin/smart-contract-platform --save

Setup your Entity Secret

The Entity Secret is an integral component in developer-controlled wallets, serving as a key element in bolstering security.

What is the Entity Secret?

The Entity Secret is a robust 32-byte key engineered to enhance the security mechanisms of developer-controlled wallets. Its value lies not only in its complexity but also in the specific security benefits it confers.

The importance of the Entity Secret

Balancing Power with Responsibility as a Developer

The Entity Secret embodies the level of trust and authority that our platform confers upon developers. It enables smooth access to the extensive capabilities of developer-controlled wallets, while simultaneously ensuring their security is maintained. However, great power necessitates equally great responsibility. The safeguarding, encryption, and periodic renewal of the Entity Secret are duties that rest with you, the developer. This dynamic of empowering developers while also entrusting them with critical security tasks reflects the core principles of decentralization intrinsic to the web3 ecosystem. As a developer, you’re more than a creator; you assume the role of a guardian of security and a proponent of distributed authority.

Should you sense the weight of this role, rest assured that guidance is at hand. We are here to support you in effectively managing and protecting your Entity Secret.

Generating the Entity Secret

import { generateEntitySecret } from "@circle-fin/developer-controlled-wallets";
// This will print a new entity secret in the terminal
generateEntitySecret();

⚠️ Generate your own Entity Secret

⚠️ ADD CODE SNIPPET HERE

It’s crucial to safeguard your Entity Secret akin to a key to your home—misplacing it or divulging it to others could have serious ramifications. Ensure you securely store the Entity Secret because you’ll require it shortly to create an Entity Secret Ciphertext. Just as the name implies, the Entity Secret is sensitive information; treat it with the utmost confidentiality and security to prevent unauthorized access or use.

With your Entity Secret now created, we’re ready to advance to a critical juncture. You’re about to convert the Entity Secret into Ciphertext and register it with the system. This process sets the stage for you to create your first wallet—a milestone to look forward to.

Retrieving Your Entity’s Public Key (Optional if registering with SDK)

Begin by acquiring your entity’s public key. This key is retrievable via our APIs and is instrumental in the upcoming steps. To obtain it, use your API key for authentication. The entity’s public key plays a crucial role as it encrypts your Entity Secret. Once encrypted, the Entity Secret remains secure, ensuring the information is shared exclusively between you and the platform, keeping it out of reach from outsiders.

⚠️ Fetching your public key

⚠️ ADD CODE SNIPPET HERE

Encrypting the Entity Secret and Encoding in Base64 (Optional if registering with SDK)

After obtaining the public key, the next step involves using RSA encryption to secure your Entity Secret. Follow these steps:

Encrypt the Entity Secret

Employ RSA encryption with the public key to encrypt your Entity Secret. This cryptographic process ensures that the secret is encoded in such a way that only someone with the private key can decrypt it.

Encode as Base64

After encryption, convert the encrypted data into Base64 format. Encoding in Base64 ensures the encrypted data can be safely conveyed and interpreted in various contexts, including those that may not handle binary data well.

Verify the Ciphertext Length

Ensure that the generated Ciphertext is 684 characters in length. This specific length confirms the encryption process has been executed properly and that the data will be maintained correctly upon receipt.

The code provided will assist in automating this encryption process, generating a unique Entity Secret Ciphertext every time it is executed. The resulting Ciphertext is what you’ll use to interact securely with the platform’s API when performing operations that require it.

// npm install node-forge -S

import forge from "node-forge";

const entitySecret = forge.util.hexToBytes('YOUR_ENTITY_SECRET');

const publicKey = forge.pki.publicKeyFromPem('YOUR_PUBLIC_KEY');

const encryptedData = publicKey.encrypt(entitySecret, 'RSA-OAEP', { md: forge.md.sha256.create(), mgf1: { md: forge.md.sha256.create(), }, });

console.log(forge.util.encode64(encryptedData))

⚠️ Generate Entity Secret Ciphertext

⚠️ ADD CODE SNIPPET HERE

Register the Entity Secret

You can register your Entity Secret in two ways: using the SDK, or using the Circle Console. The registration links your Entity Secret with your developer account, ensuring that you can confidently manage wallet creation and transactions with the assurance of robust security measures in place.

As you proceed with the registration of your Entity Secret, pay close attention to the recovery file that will be generated. This file is a critical safety measure for your operations. In the event that your Entity Secret is ever lost, the recovery file will act as your fallback, enabling you to regain access to your developer-controlled wallets. Ensure that you store this file securely and in a location that you can access readily if needed.Note: If you use the SDK to register the Entity Secret, the function downloads a recovery file named recoveryfile*<timestamp>.dat*. Additionally, the function returns the content of the recovery file as a JSON response.

Registering your Entity Secret using the SDK

You can use the sample code below as a guide to register your Entity Secret Ciphertext using the SDK.

import { registerEntitySecretCiphertext } from "@circle-fin/developer-controlled-wallets";

const response = await registerEntitySecretCiphertext({
  apiKey: "<api-key>",
  entitySecret: "<new-entity-secret>",
});
console.log(response.data?.recoveryFile);

Registering Your Entity Secret Ciphertext in Developer Services Console

If you want to register the Entity Secret within our Developer Services Console, you need to safeguard your Entity Secret first by converting it to Ciphertext following the previous instructions.

You can use the Configurator Page in Developer Services Console to register your Entity Secret Ciphertext.

Register your Entity Secret Ciphertext

Guarding your secrets & building trust

By meticulously completing the registration and protection of your Entity Secret, you’ve not only guaranteed the security of your key but also laid down a bedrock of trust for all activities involving our developer-controlled wallets. We prioritize the safety of your data and are committed to providing a seamless and secure user experience.

Create a Wallet

Welcome to a foundational step in utilizing our Developer Services: initiating your first API call to construct a WalletSet. We’ll guide you through the process and clarify what a WalletSet entails within our platform.

Defining a WalletSet

A WalletSet within our ecosystem is a sophisticated grouping of wallets, securely tied together by a singular cryptographic key. Leveraging the Hierarchical Deterministic (HD) wallet technology, WalletSets offer an enhanced way to handle wallet management that spans multiple blockchain networks. This is particularly relevant for Ethereum Virtual Machine (EVM) compatible blockchains, where it is common for wallets on different networks to share the same address, thanks to the underlying technology.

Grasping the concept of idempotency

As we approach the creation of your inaugural WalletSet, it’s important to comprehend a critical aspect of our APIs: idempotency keys. Idempotency is a fundamental concept which guarantees that an operation is repeatable without changing the outcome. This concept is extremely important in API requests to make sure that if a request is accidentally sent more than once, it doesn’t result in duplicate operations. Consider situations like an unstable internet connection leading to multiple unintentional request submissions, or a user who accidentally activates a command several times. Without idempotency, such events might cause numerous unwanted operations. To prevent this, an idempotency key is used. Each request includes a distinct key that, when recognized by the server within a certain timeframe as a repeat submission, prevents the repeated processing of that request. This mechanism is crucial to preserving the integrity of your operations, ensuring that only intended actions are carried out.

Crafting Your WalletSet

Now that we’ve got the concept of idempotency covered, let’s look at creating your WalletSet.

Term	Definition
idempotencyKey	Think of this as a safety net. By using a unique UUID for every transaction request, you ensure no transaction is mistakenly processed more than once.
entitySecretCiphertext	Remember the encryption we discussed earlier? You’ll need to provide this encrypted string for security and authorization.
name	The name for your new WalletSet.

Let’s create our first wallet set!

⚠️ Create a WalletSet

⚠️ ADD CODE SNIPPET HERE

Ensure that your idempotency key is unique for every distinct request. Our APIs require the idempotency key to be of type uuidv4. Remember, its primary role is to ensure that the same request isn’t processed more than once.

Utilizing API Logs for Enhanced Monitoring

For a comprehensive overview of each transaction you execute with Circle’s Web3 APIs, the Developer Services Console provides detailed access to API logs. By examining these logs, you gain valuable visibility into how your application interacts with Circle APIs, which can be pivotal for various aspects including troubleshooting, performance optimization, and security oversight by highlighting any abnormal activities. For detailed records of your API interactions, please refer to the API Logs section. Within the scope of our Quickstart guide, the API log is indispensable for gaining insights into specific API calls and the objects that are created as a result. Think of the API log as a detailed record that allows you to retrieve the unique IDs of objects that have been generated, especially when these IDs are needed for subsequent API interactions. API logs are a crucial educational resource that simplify the debugging process and help you methodically comprehend the intricacies of the API’s operations. Hence, the API log is not only instrumental in improving operational workflows but also serves as a valuable asset for your development projects. Ah, the most exhilarating phase: shaping your very first developer-controlled wallet in the vastness of web3. With your prepped API key and Entity Secret Ciphertext, we’re only a few steps away from crafting a masterpiece. Let’s dive right in!

Understanding the Developer-Controlled Wallet

In web3, a wallet isn’t just a storage mechanism for digital tokens or NFTs, but the very essence of user interactions on the blockchain. Essentially, it’s a blend of a unique address and accompanying metadata stored on the blockchain. For developer-controlled wallets: With that foundational knowledge, let’s get to the hands-on part.

Crafting your wallet

To create a wallet you use the following parameters:

Term	Definition
idempotencyKey	Ensures that a request is executed only once, even if it’s received multiple times.
entitySecretCiphertext	The encrypted form of your Entity Secret, ensuring robust security for your API requests.
walletSetId	The ID of the wallet set that you created in the preceding step.
blockchains	Specifies the blockchains on which the wallet should be manifested.
count	The number of wallets you aim to create. Note: The parameter should not exceed 20.
accountType	The type of account you want to create. For this guide, you will use SCA, which represents developer-controlled wallets.

To ensure the best possible experience, the quickstart will automatically create and fund two wallets with testnet tokens. Each wallet will be funded with 10 USDC, allowing you to dive right into the Quickstart without delay. Rest assured, this amount will be sufficient for you to initiate your first transaction.The funding process will only be completed if you use the Try it out panel. If you are following the quickstart using code snippets, you will need to first create your wallets, then fund them manually using the testnet faucet.

⚠️ Create your first wallets

⚠️ ADD CODE SNIPPET HERE

Note: Smart Contract Account wallets are not availabe for Solana Devnet. A similar workflow can be accomplished on Solana Devnet with EOA wallets and the Circle Gas Station.

And there you have it! By the end of this step, you’ll have fully functional developer-controlled wallets, ready to shape web3 experiences.

Initiate a Transaction

Now that you have a wallet that contains some Testnet tokens, let’s dive into initiating your first transaction. It’s simpler than you might think, especially with our streamlined approach.

Cross-Blockchain Transfers: Tokens are native to specific blockchains, meaning they can’t be sent directly across different chains. For instance, Ethereum tokens stay on the Ethereum network unless other mechanisms, like bridges, are used.

Getting the tokenId

Before we can proceed, we need to determine the tokenId. You can do this by retrieving the token balances for your wallet.

⚠️ Get your wallet balance

⚠️ ADD CODE SNIPPET HERE

Key Transaction Parameters:

Term	Definition
idempotencyKey	A unique string that ensures your transaction isn ‘t processed more than once even if sent multiple times. A critical measure to prevent duplicates.
amounts	Specify the amount of tokens you’re transferring.
destinationAddress	The wallet address where you’re sending the tokens.
entitySecretCiphertext	A crucial security layer, this encrypted string ensures only authorized transactions go through.
tokenId	This is the id we just extract from your wallet balance. It is the unique identifier for the specific token type you’re moving. This id is unique.
walletId	Indicates the source of the transaction, i.e., from which wallet you’re sending the tokens.

The preceding parameters are just the essentials for initiating a transaction. The endpoint offers a richer, more detailed configuration to cater to a variety of transaction types. For a comprehensive list of the supported parameters, see the official documentation.

⚠️ Initiate your transaction

⚠️ ADD CODE SNIPPET HERE

Blockchain transactions pose a challenge with gas fees. Gas fees are charges in blockchain networks, typically paid with native assets like Ether (ETH) on Ethereum. This complicates the user experience as it requires users to hold these assets. However, with Developer-Controlled smart contract wallets, you can sponsor gas fees, removing the need to possess native assets. The Gas Station acts as an intermediary, allowing you to cover fees for your users, improving their transaction experience. In testnet, the Gas Station is already setup for you, ready for testing. In the Production phase, you gain more control with spending limits and configuration options. Learn more here.

Once you’ve validated your transaction and everything checks out, you’re all set. Transactions on the blockchain are immutable, meaning once they’re validated, they cannot be reversed or altered. So, always double-check before sending! After initiating a transaction through our API, you can look up the transaction hash on the Dev Controlled Wallets Transactions page for in the Developer Services Console. The transaction hash is a unique identifier for your transaction. You can validate transactions in multiple ways:

Developer Services Console
Blockchain Explorer

This is the preferred method. It enables you to inspect the transaction state directly.

Make sure you’re logged in to our Developer Services Console.

Open the transactions page

Open the Dev Controlled Wallets Transactions page.You can see the state of your transaction directly in the table.

Open Transaction Details

For more details about your transaction, click on the relevant line in the transaction details.

Congratulations on your Progress!

Throughout this process, you’ve successfully:

Stay connected & Explore more

Your journey with us doesn’t stop here. There’s so much more to discover und dive into: Engage, Build, Share! Dive into our forums, share your feedback, and keep an eye out for exciting challenges and hackathons. Your unique perspective and skills are valuable, and we’re eager to see the innovations you’ll introduce to our growing ecosystem.

Your feedback matters

Before you embark further on your journey, we’d love to hear from you. Your feedback shapes the future of our platform and helps us provide a better experience for all developers. What did you love about the process? Was there something you wish was different? Every insight, no matter how small, matters to us. Thank you for your trust, dedication, and enthusiasm. Here’s to the next chapter in your web3 journey and the marvelous innovations you’ll bring forth. Happy Building! 🚀 Next: Explore more Quickstarts