Skip to main content

Function Signature

exportPrivateKey(params: {
  walletMetadata: WalletMetadata;
  password?: string;
  externalServerKeyShares?: ServerKeyShare[];
}): Promise<{ derivedPrivateKey: string }>

Description

Exports the private key for the wallet identified by the supplied walletMetadata. The private key is reconstructed from the distributed key shares using password for backup decryption if shares are not provided.
When you pass externalServerKeyShares (the caller-supplied path), walletMetadata.externalServerKeySharesBackupInfo must also be present — exportPrivateKey throws if shares are supplied but backup metadata is missing. The full walletMetadata returned from createWalletAccount / importPrivateKey already includes it; identity-only metadata from fetchWalletMetadata will be rejected.

Parameters

Required Parameters

  • walletMetadata (WalletMetadata) - Non-sensitive wallet metadata persisted from createWalletAccount() / importPrivateKey().

Optional Parameters

  • password (string) - Required if the wallet was created with backUpToDynamic: true. Used for backup decryption when externalServerKeyShares is not provided.
  • externalServerKeyShares (ServerKeyShare[]) - Caller-supplied plaintext shares.

Returns

  • Promise<{ derivedPrivateKey: string }> - Object containing the exported private key

Example

import { authenticatedEvmClient } from './client';

const evmClient = await authenticatedEvmClient();

const walletMetadata = JSON.parse(await redis.get(`wallet:${accountAddress}`));
const externalServerKeyShares = await vault.read(`wallet:${accountAddress}/shares`);

const result = await evmClient.exportPrivateKey({
  walletMetadata,
  externalServerKeyShares,
  password: 'user-password',
});

console.log('Private key exported:', result.derivedPrivateKey);

Error Handling

try {
  const result = await evmClient.exportPrivateKey({
    walletMetadata,
    externalServerKeyShares,
    password: 'user-password',
  });
  console.log('Private key exported successfully:', result.derivedPrivateKey);
} catch (error) {
  console.error('Failed to export private key:', error);
}

Security Considerations

  • Private Key Security: Never store private keys in plain text
  • Key Share Security: Keep external server key shares secure
  • Session Management: Implement proper session management
  • Password Protection: Use strong passwords for wallet encryption