Vaults
Vaults are the heart of the custodial wallet system provided by Elements. A Vault securely stores multiple wallets and consists of a public/private key pair. The contents of the vault's private key can be optionally secured using AES-256. If enabled on a vault, the user must supply their phrase on each request to unlock the contents of the vault. When designing an application, we strongly recommend that all vaults are encrypted with a passphrase.
Because the Vault uses private key encryption, it is possible to generate or insert new custodial wallets without needing to unlock the vault first. In this case, Elements simply uses the public key to insert the wallet into the Vault.
Vault Properties
- id
- displayName
- user - the user which owns the vault
- key - the key pair which Elements uses to store the wallets in the Vault
Vault Key Properties
- algorithm - this is the encryption algorithm Elements uses to store the wallets in the vault. The available algorithms are as follows:
- Elliptic Curve 256
- Elliptic Curve 384
- Elliptic Curve 512
- RSA 256
- RSA 384
- RSA 512
- publicKey - this is the public key portion of the vault. This is always stored unencrypted.
- privateKey - this is the private key portion of the vaule. This is either encrypted or stored as plain text.
- encrypted - a boolean value indicating whether the vault private key is encrypted
- encryption - an arbitrary key-value object which contains encryption metadata. Elements uses this internally to perform various operations against the private key itself.