SSP Wallet
  • Welcome to SSP Wallet
  • Getting Started with SSP Wallet
    • Change Language
    • Switch Chain
    • Wallet
      • Retrieve SSP Wallet Seed Phrase
      • Create a New Wallet
      • Restore Wallet Using Seed Phrase
      • Create Multiple Wallet
      • Delete a Wallet
      • Retrieving Your Wallet Address
    • Transaction
      • Buy / Sell
      • Swap
      • Send
      • Receive
      • Export Transactions
      • View Transactions
    • Token
      • Add Token to Main Screen
      • Remove Token from Main Screen
    • Custom Tokens
      • Add Custom Token
      • Delete Custom Token
    • Contacts
      • Create New Contact
      • Edit Contact
      • Delete Contact
    • Logout Your SSP Wallet
  • GETTING STARTED WITH SSP KEY
    • Install SSP Key
    • Create a New Key and Syncing to SSP Wallet
    • Restore Key Using Seed Phrase and Syncing to SSP Wallet
    • Retrieving Your SSP Key Seed Phrase
    • Using Your SSP Key For Syncing
  • GETTING STARTED WITH SSP RELAY DEVELOPMENT
    • Overview
    • Environment Requirements
    • Project Installation
    • Project Structure 0verview
    • Project Folders
      • Config
      • Helpers
      • Logs
      • Src
        • apiServices
        • lib
        • services
        • routes.ts
          • GET /v1/sync
          • GET /v1/action
          • POST /v1/sync
          • POST /v1/token
          • POST /v1/action
          • GET /v1/rates
          • GET /v1/networkfees
          • POST /v1/ticket
          • GET /v1/tokeninfo
          • GET /v1/services
          • POST /v1/sign
      • Tests
        • unit
  • GETTING STARTED WITH SSP WALLET DEVELOPMENT
    • Overview
    • Environment Requirements
    • Project Installation
    • SSP Wallet API
    • Project Structure Overview
    • Project Folders
      • Public
        • scripts
      • Patches
      • Src
        • assets
        • components
        • contexts
        • hooks
        • lib
        • pages
        • storage
        • store
        • translations
      • Tests
        • lib
  • GETTING STARTED WITH SSP KEY DEVELOPMENT
    • Overview
    • Environment Requirements
      • For Mac Users Only
    • Project Installation
    • Project Structure Overview
    • Project Folders
      • Types
      • Src
        • assets
        • components
        • contexts
        • hooks
        • lib
        • navigators
        • screens
        • storage
        • store
        • themes
        • translations
      • Tests
        • lib
Powered by GitBook
On this page
  • SSP Wallet
  • Secure. Simple. Powerful.
  • Why SSP Wallet?
  • Technical Details
  • Open Source Transparency
  • Documentation
  • SSP Assets
  • Translation
  • Additional Repositories
  • Disclaimer
  • Developer Information
  • 🔒 Security Audits

Welcome to SSP Wallet

NextChange Language

Last updated 2 months ago

SSP Wallet

Secure. Simple. Powerful.

Visit us at:

Download SSP Wallet:

  • Google Chrome Extension:

Download SSP Key:

  • iOS:

  • Android:


Why SSP Wallet?

SSP Wallet is not just another crypto wallet. It is a true two-factor authentication wallet designed with security and self-custody at its core. Here's how it works:

  1. Two Devices, Two Keys:

    • Your SSP Wallet contains one private key.

    • Your SSP Key (on your mobile device) contains a second private key.

  2. 2-of-2 Multisignature:

    • Transactions are constructed and signed by the SSP Wallet and then signed again by SSP Key.

  3. Enhanced Security:

    • Keys, seeds, and sensitive data are never shared between devices, making it impossible to compromise without access to both devices.

This design ensures that both devices are required to authorize any transaction, making the wallet incredibly secure and user-friendly.


Technical Details

Key Derivation

  • SSP Wallet adheres to the BIP48 derivation scheme for generating hierarchical deterministic keys supporting P2SH, P2SH-P2WSH, and P2WSH addresses.

  • Example derivation paths for popular chains:

    • Bitcoin: m/48'/0'/0'/2'/0/0

    • Flux: m/48'/19167'/0'/0'/0/0

  • Extended functionality includes support for additional chains and constructing multiple external addresses per chain as needed.

Synchronization Process

Initial Setup:

  1. SSP Relay Server:

    • Simplifies the synchronization process by facilitating communication between SSP Wallet and SSP Key.

    • Synchronization starts when the SSP Key scans a Hardened Extended Public Key QR code from SSP Wallet.

    • A special identity path (m/48'/0'/0'/2'/10/0) reserved for SSP Wallet verifies unique wallet instances.

  2. Public Key Exchange:

    • SSP Key sends its hardened extended public key (e.g., m/48'/0'/0'/2') to the SSP Relay Server along with a constructed 2-of-2 multisignature address.

    • SSP Wallet validates the received address, ensuring integrity.

  3. Validation and Confirmation:

    • Both SSP Wallet and SSP Key confirm matching derived addresses to finalize synchronization.

Transaction Signing:

  • Transactions are signed in two steps:

    1. SSP Wallet constructs the transaction and signs it with its private key.

    2. SSP Key receives the partially signed transaction via the relay server, signs it with its private key, and returns the fully signed transaction for broadcast.

Offline Functionality:

  • Transactions and synchronization can bypass the relay server through manual QR code scanning, maintaining security in environments with restricted connectivity.

Encryption and Storage Security

Sensitive Data:

  1. Encryption Layers:

    • PBKDF2-based password derivation generates keys for AES-GCM encryption.

    • Secondary encryption uses device and browser fingerprints to restrict data access to the originating environment.

  2. Local Data Management:

    • Serialized sensitive data (e.g., keys, seeds) is stored as JSON blobs with base64-encoded fields (data, iv, and salt).

    • This approach prevents brute-force attacks and unauthorized migration between devices.

Session Management:

  • Encrypted passwords are stored temporarily in session storage, ensuring convenience without compromising security.

  • No sensitive data is ever retained in unencrypted form, even within the application’s runtime memory.

Non-Sensitive Data:

  • Information such as transaction history and balance data is stored using LocalForge, prioritizing performance without compromising sensitive details.

Attack Mitigation Strategies

  • Anti-Phishing Measures:

    • The wallet and key validate each other's public keys and derived addresses during setup.

  • Server Security:

    • SSP Relay Server only facilitates communication and cannot access private keys or sensitive data.

  • Brute Force Protection:

    • Physical possession of both devices and knowledge of passwords are required to compromise the wallet.


Open Source Transparency


Documentation


SSP Assets


Translation


Additional Repositories


Disclaimer


Developer Information

  • Built With: React 18, TypeScript, Vite

  • Node Version: 20+

  • Run Development Mode: yarn dev

Key Development Features:

  1. Modular Codebase:

    • Separation of concerns for wallet UI, cryptographic operations, and relay server communication.

  2. Strong Typing:

    • TypeScript ensures type safety and prevents runtime errors.

  3. Test Coverage:

    • Unit tests of library ensures reliability of critical functions.

Join us in building a secure, simple, and powerful wallet for the crypto community!


🔒 Security Audits

  • SSP Wallet, SSP Key, and SSP Relay were thoroughly audited, with the final report completed in March 2025.

  • Shnorr Multisig Account Abstraction Smart Contracts and SDK underwent a comprehensive audit, finalized in February 2025.

📜 Audit Reports

📄 SSP Wallet, SSP Key, SSP Relay Audit

📄 Smart Contracts Audit

📄 SDK Audit

SSP Wallet is fully open source, ensuring transparency and community trust. Review and contribute to the project here:

SSP Wallet has a comprehensive documentation available at with many guides, FAQs, API references and more:

Integrated Blockchains, Assets - Coins, Tokens in SSP Wallet are available at: . SSP Supports custom ERC20 token imports on Ethereum network.

SSP Wallet supports multiple languages! Help us make it accessible to everyone by contributing to translations at: ,

SSP Key Repository:

SSP Relay Repository:

Account Abstraction Repository:

By using SSP Wallet, you agree to the terms outlined in the .

Our security is a top priority. All critical components of the SSP ecosystem have undergone rigorous security audits by , ensuring the highest standards of protection.

(GitHub)

(Halborn)

(GitHub)

(Halborn)

(GitHub)

(Halborn)

SSP Wallet
Run on Flux
SSP Wallet on Chrome Web Store
Download on the App Store
Download on Google Play
SSP Relay GitHub Repository
SSP Wallet GitHub Repository
SSP Wallet Documentation
SSP Assets
Translate SSP Wallet
Translate SSP Key
SSP Key GitHub Repository
SSP Relay GitHub Repository
Account Abstraction GitHub Repository
SSP Disclaimer
Halborn
Halborn Audit Report – SSP Wallet, Key, Relay
Halborn Public Report – SSP Wallet, Key, Relay
Halborn Audit Report – Smart Contracts
Halborn Public Report – Smart Contracts
Halborn Audit Report – SDK
Halborn Public Report – SDK
Page cover image