> ## Documentation Index
> Fetch the complete documentation index at: https://www.dynamic.xyz/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Export SVM Private Key

> Export the raw Ed25519 private key from a Dynamic Solana MPC wallet

## Overview

`DynamicSvmWalletClient::export_private_key` returns the wallet's raw 32-byte Ed25519 secret seed, base58-encoded.

<Note>
  Solana's `Keypair` format is 64 bytes (`secret_seed || public_key`). The SDK returns just the 32-byte secret seed — append the base58-decoded `wallet_properties.account_address` to build a full `solana-sdk` `Keypair`.
</Note>

<Warning>
  Once exported, the raw private key bypasses MPC — any holder can sign without your server's involvement. Treat it as a one-way operation. Only use it for migration or disaster recovery, and rotate / abandon the wallet afterward.
</Warning>

## Prerequisites

* [Created an SVM wallet](/rust/svm/create-wallet)
* Persisted `WalletProperties` and `Vec<ServerKeyShare>`

## Export the Key

```rust theme={"system"}
use dynamic_waas_sdk_svm::DynamicSvmWalletClient;

let svm = DynamicSvmWalletClient::new(&client);

let secret_seed_b58 = svm
    .export_private_key(&wallet_properties, &external_server_key_shares)
    .await?;

// base58-encoded 32-byte secret seed
println!("Secret seed: {secret_seed_b58}");
```

## Building a `solana-sdk` `Keypair`

```rust theme={"system"}
use solana_sdk::signature::Keypair;

let seed: [u8; 32] = bs58::decode(&secret_seed_b58)
    .into_vec()?
    .try_into()
    .unwrap();
let pubkey_bytes: [u8; 32] = bs58::decode(&wallet_properties.account_address)
    .into_vec()?
    .try_into()
    .unwrap();

let mut full = [0u8; 64];
full[..32].copy_from_slice(&seed);
full[32..].copy_from_slice(&pubkey_bytes);

let keypair = Keypair::from_bytes(&full)?;
```

## Best Practices

* **One-way operation** — don't continue using the wallet through MPC after exporting; rotate to a fresh wallet.
* **Never log the seed** — redact it from all logs and error messages.
* **Zero memory after use** — `zeroize::Zeroize` the seed bytes after forwarding them.
* **Transport over TLS only** — never send the seed over an unencrypted channel.
