Wallet Integration Guidelines
Overview
Tweed SDK transforms any Web2 platform to a fully functional Web3 environment.
Tweed's solution balances user experience and the independence of the platform while protecting user funds. Tweed's embedded wallet offering is a true self-custody solution, which means three things:
2. No other party can sign transactions on the user's behalf
3. In case of a data breach the user's funds are kept protected
In addition, the user does not need to know or remember their recovery phrase in order to restore thier wallet. Instead, the user can configure a recovery kit that allows them to recover thier wallet using thier SSO or a password. If the user is using the recovery kit (optional), they never have to know or handle their with their recovery phrase.
In this way, the platform's sign-up and sign-in flows can stays the same as they were before the addition of the wallet and web3 tools, while the user can enjoys a recovery-phrase-free wallet.
If the platform chooses not to offer recovery kits to the user, or the user did not create their recovery kit, and then either (1) cleared their browser cache, or (2) wishes to change devices, the user would have to use their recovery phrase to sign in to their wallet again.
Sign-up flow
Tweed's solution does not require platforms to change their log-in flow or use a dedicated log-in provider, but integrates into the platform's existing sign-up / sign-in flow. Integrating into the existing flow does not add extra steps or friction for the user. The platform has an optional widget that allows the user to create a “recovery kit” (SSO + Password) as a backup to their wallet. If the user does not create the recovery kit, they can lose access to the wallet if they clear their browser cache. The user does not have to back up their wallet during the sign-up process, and can instead do it at a later time.
Tweed keeps the platform's sign-up flow the same as it was before without being a log in provider for the platform. The user will be able to configure his recovery kit right after the 1st log in or at any other time he will choose to do so.
Tweed keeps the platform's sign-up flow the same as it was before, without being a log-in provider for the platform. The user will be able to configure their recovery kit right after the 1st log-in or at any other time after the first login.
Normal Web2 log-in flow
Platform log-in with Tweed Web3 SDK
Regulatory Considerations
To prevent the platform from knowing the user's private key and from being considered a custodian, there are four widgets the platform needs to call:
1. Sign-up2. Sign-in
3. Sign Transaction
4. Sign Message
5. Create social log-in
These widgets ensure that the platform never knows the user's private key and is not able to sign transactions or messages on the user's behalf.
Sign up
A wallet is created when the platform calls the sdk.wallet.create() function. There are no more steps needed.
The widget is transparent.
Sign in
A logged-in user (to the platform) that lost access to thier wallet can regain access to the wallet by using
the sign-in widget. When the platform will calls the sdk.wallet.create() function, Tweed will identify that
the user is known to the platform and the sign-in widget will automatically open.
If the user created a recovery kit he will get a dedicated social sign-in modals, in other case he will
get a sign-in flow based on his recovery phrase.
Sign-in widget - The user did not used a recovery kit
Sign-in widget - The user used a recovery kit
Create a recovery kit
After the platform creates the wallet for the user by calling the sdk.wallet.create() method, the platform
can call this widget by calling the sdk.wallet.createRecovery() method. This will give the user the ability
to back up their wallet by using the recovery seed phrase or by using Tweed's proprietary Recovery Kit
technology. The user can decide not to back up their wallet and do it another time.
Sign Transaction
The user needs to approve transactions that require signing, such as selling crypto or sending crypto to another wallet. The user approves or rejects a transaction through the Sign Transaction widget. It also shows the transaction's financial and blockchain information.
Sign Message
The user needs to approve messages that require signing, such as connecting their wallet to another application. The user can approve or reject the message through the Sign Message widget. The widget shows the message that requires the signature.
