Skip to main content

Documentation Index

Fetch the complete documentation index at: https://www.dynamic.xyz/docs/llms.txt

Use this file to discover all available pages before exploring further.

Overview

DynamicSvmWalletClient::export_private_key returns the wallet’s raw 32-byte Ed25519 secret seed, base58-encoded.
Solana’s Keypair format is 64 bytes (secret_seed || public_key). The SDK returns just the 32-byte secret seed — append the base58-decoded wallet_properties.account_address to build a full solana-sdk Keypair.
Once exported, the raw private key bypasses MPC — any holder can sign without your server’s involvement. Treat it as a one-way operation. Only use it for migration or disaster recovery, and rotate / abandon the wallet afterward.

Prerequisites

Export the Key

use dynamic_waas_sdk_svm::DynamicSvmWalletClient;

let svm = DynamicSvmWalletClient::new(&client);

let secret_seed_b58 = svm
    .export_private_key(&wallet_properties, &external_server_key_shares)
    .await?;

// base58-encoded 32-byte secret seed
println!("Secret seed: {secret_seed_b58}");

Building a solana-sdk Keypair

use solana_sdk::signature::Keypair;

let seed: [u8; 32] = bs58::decode(&secret_seed_b58)
    .into_vec()?
    .try_into()
    .unwrap();
let pubkey_bytes: [u8; 32] = bs58::decode(&wallet_properties.account_address)
    .into_vec()?
    .try_into()
    .unwrap();

let mut full = [0u8; 64];
full[..32].copy_from_slice(&seed);
full[32..].copy_from_slice(&pubkey_bytes);

let keypair = Keypair::from_bytes(&full)?;

Best Practices

  • One-way operation — don’t continue using the wallet through MPC after exporting; rotate to a fresh wallet.
  • Never log the seed — redact it from all logs and error messages.
  • Zero memory after usezeroize::Zeroize the seed bytes after forwarding them.
  • Transport over TLS only — never send the seed over an unencrypted channel.