Portal

Portal

Portal Team

Share the love

Want to stay updated? Subscribe below to keep in touch.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg"> <mask id="mask0_996_165" style="mask-type:luminance" maskUnits="userSpaceOnUse" x="2" y="1" width="46" height="46"> <path d="M47.2941 1.41177H2.11768V46.5882H47.2941V1.41177Z" fill="white"/> </mask> <g mask="url(#mask0_996_165)"> <path fill-rule="evenodd" clip-rule="evenodd" d="M16.2353 4.2353C16.2353 2.67591 17.4995 1.41177 19.0589 1.41177H44.4706C46.0301 1.41177 47.2941 2.67591 47.2941 4.2353V29.6471C47.2941 31.2065 46.0301 32.4706 44.4706 32.4706H38.8236V12.7059C38.8236 11.1465 37.5595 9.88236 36 9.88236H16.2353V4.2353ZM4.94121 15.5294C3.3818 15.5294 2.11768 16.7935 2.11768 18.353V43.7647C2.11768 45.3242 3.3818 46.5882 4.94121 46.5882H30.353C31.9124 46.5882 33.1765 45.3242 33.1765 43.7647V18.353C33.1765 16.7936 31.9124 15.5294 30.353 15.5294H4.94121Z" fill="currentColor"/> </g> </svg>
Product Updates
2 min read

Power of Eject

An important offering for business risk mitigation.

June 19, 2024

Power of Eject

For businesses to stay fully compliant, they need to ensure that user assets will not be lost or compromised in disaster scenarios, particularly in situations where the business or user is reliant on a third party such as Portal. Our eject feature is a critical offering that allows businesses and their users assets to access their wallets even if Portal were to cease to exist. 

How the Eject feature works

Eject reconstructs the key shares from the MPC wallet into a single private key that can then be imported into a self-custodial external wallet such as Metamask. The private key calculation operation happens on the user’s device and does not involve Portal's servers. 

Users will always have recourse to work with businesses to gain full custody of their wallets, including in a circumstance where Portal is unavailable. This feature protects users and businesses partnering with Portal as a signer or key management service.

Ways to implement Eject

Portal recommends businesses go one of two routes for implementing the eject feature:

1) Allowing users to eject at any time from the app but with sufficient warnings and two-factor authentication, or
2) Allowing users to eject only in extreme scenarios. 

Keeping eject as a last resort option is particularly beneficial for apps that have a preponderance of users new to Web3. By only allowing the operation to be performed after customer service has determined it is the only remaining option to resolve an issue, or by direct request from a customer and clear communication of the security consequences, a business prevents its users from accidentally diminishing their personal security posture. 

Apps that allow users to eject directly from their interface are encouraged to require two-factor authentication for that operation to ensure it is not done so accidentally. In addition, users are best served with warnings about the potential consequences of creating and using a single private key. Integrating this feature into the app requires greater design complexity but offers greater user autonomy.

For more details, review our docs on Eject today!