Tomo Docs
Tomo Docs
  • Overview
    • Introducing Tomo
    • Tomo's Key Management
  • Tomo SDK
    • TomoEVMKit
      • Quick Start
      • Use with Ethers.js
      • Migration from RainbowKit
      • Migration from Blocknative
      • Internal Wallet Services
      • Supported Chains
    • Tomo Web SDK
      • Quick Start
      • Solana Provider
      • EVM Provider
      • Bitcoin Provider
      • Tron Provider
      • Movement Provider
      • Sui Provider
      • Internal Wallet Services
    • Tomo Telegram SDK
      • Quick Start
      • Wallet Provider
        • EVM Provider
        • Solana Provider
        • Sui Provider (Beta)
        • TON Provider
      • Partners
    • Tomo Enterprise SDK
      • For Babylon
        • Install the SDK
        • Tomo Wallet Provider
        • Bitcoin Provider
        • Cosmos Provider
        • Multiple Connection Mode
        • Integrate Extension Wallet
          • Submit Wallet PR
          • Extend the SDK
          • Q & A
        • Integrate Mobile Wallet
  • TOMO WALLET
    • Tomo Wallets
    • Mobile Wallet
      • Tomo Keys
        • Bonding Curve Explained
        • How to: Tomo Keys
      • TomoID
        • How to: TomoID
        • How to: Connect Instagram
      • Tomo Socials
      • Tomo Android App
      • Tomo iOS App
    • Extension Wallet
      • Developer Manual
        • EVM Integration
        • Bitcoin Integration
      • Example of User Flows
        • Claiming Signet BTC
        • Staking at Testnet
      • Install Link
    • Telegram Wallet
      • Quick Start
      • Chains/Networks
      • User Manual
        • Account Security
        • Gift feature
        • FAQ
        • Transaction
        • Swap
  • ABOUT US
    • Brand Assets
    • Privacy Policy
Powered by GitBook
On this page
  1. Overview

Tomo's Key Management

Tomo Social Wallet uses OAuth and TEE to provide secure service.

PreviousIntroducing TomoNextTomoEVMKit

Last updated 10 months ago

OAuth

(Open Authorization) is a widely adopted standard for authorization that allows users to grant websites or applications access to their information without exposing their passwords. OAuth uses established social media platforms with robust security measures, such as two-factor authentication (2FA) and continuous monitoring for suspicious activities. As long as the social account is secure, you don't need to worry about losing your private key.

TEE

OAuth provides authentication to the wallet, and hardware wallets based on the Trusted Execution Environment (TEE) provide rock-solid security for your private key. TEE is a secure area within a device's main processor that ensures sensitive data is stored, processed, and protected in an isolated environment. Hardware wallets based on TEE leverage this technology to manage private keys and execute cryptographic operations securely. No matter who owns the device, a wallet in TEE is always owned and can only be operated by you. TEE protects against attacks, ensuring that private keys are securely stored and never exposed outside the secure environment. Hardware wallets with TEE are designed to resist physical tampering, adding an extra layer of security. Any access to the private key requires the user to use MFA to confirm the operation. Users can have greater confidence in the security of their wallets, knowing that hardware-level security measures protect their private keys.

Integration

Integrating social login with OAuth and hardware wallets based on TEE into a single social wallet combines the strengths of both approaches. Using social login with OAuth, users can quickly and easily connect their wallets through familiar social media accounts and enjoy wallet recovery if the old device is inaccessible. The TEE-based hardware wallet ensures that private keys and cryptographic operations are securely managed, providing robust protection against unauthorized access and attacks.

Control the key yourself.

We fully understand users may want to control their keys themselves. Therefore, Tomo allows users to export their private key to their social wallet anytime. The user needs to download a Tomo mobile wallet or Tomo Extension wallet to verify their identity and intention to export the key. With all confirmations accomplished, the client (mobile / extension wallet ) can directly access the hardware wallet, retrieve the private key to the local environment, and keep it safe. In summary, Tomo social wallet presents a powerful solution that addresses the dual challenges of security and user experience. This integrated approach between OAuth and TEE ensures that users can enjoy the convenience of social logins while benefiting from the robust security offered by edge hardware wallet technology, ultimately fostering broader adoption and trust in blockchain-based applications.

OAuth
Security guarantee of Tomo social wallet