ecosystems overview

Why ecosystems adopt this solution

  • One wallet across all your apps on your domain and branded for your ecosystem.
  • Smart Sessions remove security risks by sandboxing permissions for each app.
  • Passkeys provide strong, phishing-resistant auth without seed phrases.
  • Timed recovery keys provide private passphrase support with time-based recovery for best-in-class security.
  • Attested identity using a TEE service that signs session attestations and keeps social auth secrets out of reach from any app.
  • Ecosystem Admin in Builder to configure chains, branding, session policies, and integrations.

Deployment options

Architecture basics

  • Smart Sessions: scoped permissions that enable apps to execute under sandboxed rules. See Smart Sessions.
  • Identity Instrument: a Nitro-enclave service that validates IdP logins and signs session attestations. Your apps never handle raw IdP client secrets. See Identity Instrument.
  • Merkleized wallet configuration: a single on-chain root covers signers, sessions, recovery, and extensions. See Wallet Configuration.
  • Guard Firewall: reviews every transaction for malicious activity, and enforces ecosystem-level blacklists and policies. See Guard Firewall.

ecosystem wallet

Next steps