Privy Wallet - Crypto Gloss

Privy is the SDK that powers the “you don’t need to install anything” onboarding experience that consumer crypto applications have attempted to build since 2021 — finally solving the wallet cold-start problem not by simplifying existing wallet UX but by eliminating the wallet install step entirely. The insight is strategic as much as technical: web2 users who want to try a crypto app don’t want to pause, navigate to the MetaMask website, install a browser extension, write down a seed phrase, and then return to the app. They want to click “Sign in with Google,” do the thing the app promised, and leave — the same workflow they use for every other web service they interact with. Privy enables this by generating a fully non-custodial Ethereum wallet behind the scenes during OAuth login, splitting the private key across a threshold cryptography architecture so no single party (including Privy) can reconstruct the full key without the user’s explicit involvement, and exposing that wallet to the application via a developer-friendly SDK that handles all the complexity underneath. The result is that Coinbase’s Base ecosystem, Farcaster’s mini-app ecosystem, and consumer apps across the EVM have adopted Privy as the standard way to give users wallets without asking them to be crypto users first.

Key Facts

Founded: 2022 by Henri Stern and Akhil Agrawal (ex-MIT, previously Novi/Facebook Libra)
Primary market: Consumer-facing B2B SDK (developers integrate Privy into their app)
Authentication methods: Email, Google, Apple, Twitter/X, Discord, phone number, Farcaster, and EOA wallet (if user already has one)
Wallet types generated: Embedded non-custodial wallets (default) + smart wallets (via ERC-4337)
Key custody model: Shamir’s Secret Sharing across Privy infrastructure / user recovery / app-specific environment
Supported chains: All EVM chains (Ethereum, Base, Polygon, Arbitrum, Optimism, etc.)
Gas abstraction: Built-in Paymaster integration for sponsored transactions
Notable integrations: Base (default wallet provider for many Base apps), Farcaster mini-apps, Friend.tech, OpenSea, and 1,000+ other projects
Competitor: Dynamic.xyz, thirdweb embedded wallets, Magic.link, Web3Auth

Technical Architecture: Split-Key Custody

Unlike custodial wallets (where the platform holds the key) or self-custodial wallets (where the user holds the key), Privy uses threshold cryptography to ensure no single party can access the full private key:

Key Splitting (Shamir’s Secret Sharing)

The wallet private key is generated and immediately split into three “shards” using Shamir’s Secret Sharing (SSS):

“`

Full Private Key = Shard A + Shard B + Shard C (requires 2-of-3 to reconstruct)

“`

Shard	Held by	Conditions to access
Shard A	Privy’s secure enclave infrastructure	Always accessible via Privy API (but cannot sign alone)
Shard B	User’s authenticated identity	Requires user’s successful OAuth login to the app
Shard C	App-specific trusted execution environment	Can be iCloud-backed, device-local, or recovery-mode

Why 2-of-3 matters: With a 2-of-3 threshold:

Privy alone (Shard A only) cannot sign transactions or access the key
The app alone (Shard C only) cannot sign transactions or access the key
A hacker who compromises Privy’s infrastructure (Shard A) without also compromising the user’s OAuth account or device still cannot access funds
The user can recover their wallet if they lose shard C, as long as they can authenticate to Privy (combining Shards A + B)

Trusted Execution Environments

The key reconstruction (combining 2 shards to produce a signature) happens inside a Trusted Execution Environment (TEE) or equivalent secure environment:

The full key is never exposed in application memory — shards are combined ephemerally inside the secure enclave
Only the output (a signature over a specific message) emerges from the TEE
The signing key is destroyed after signature generation

Developer SDK Architecture

The protocol is built around the following components.

Authentication Flow

“`javascript

// Privy developer SDK (simplified)

import { usePrivy } from ‘@privy-io/react-auth’;

function MyApp() {

const { login, authenticated, user, sendTransaction } = usePrivy();

if (!authenticated) {

return ;

// User goes through Google OAuth → Privy creates wallet → user returned to app

}

return (

// Transaction is signed by the user’s Privy-managed wallet

// User can confirm via app UI, or Privy can send gaslessly via Paymaster

);

}

“`

Wallet Types

1. Embedded EOA Wallet (default)

A standard Ethereum EOA (Externally Owned Account) managed via Privy’s split-key architecture
Supports all EVM transactions
Can be connected to any dApp that supports WalletConnect

2. Privy Smart Wallet (via ERC-4337 Account Abstraction)

An ERC-4337 smart account with the embedded EOA as the signer
Enables:
Gasless transactions via Paymaster (sponsor user transactions)
Batched transactions (multiple actions in one UserOperation)
Session keys (limited-scope temporary signing authorities)
Cross-chain transactions with unified UX
Recommended for apps that want to hide gas entirely from users

Invisible Web3 UX Pattern

The full “invisible web3” experience that Privy enables:

Step	Traditional (MetaMask)	Privy-powered
1. User visits app	Must have MetaMask installed	No wallet required
2. Login	“Connect Wallet” → MetaMask popup → approve	“Sign in with Google” → OAuth flow
3. First transaction	MetaMask popup → user must have ETH for gas → approve	App calls Paymaster → gas sponsored → no popup needed
4. Return visit	MetaMask re-connection required	Auto-authenticated via stored OAuth session
5. Mobile experience	MetaMask mobile app required	Works in any mobile browser natively

User doesn’t need to: Install any extension, manage a seed phrase, hold ETH for gas (if app sponsors), understand what a wallet is, or know the app is using a blockchain.

Privy in the Base Ecosystem

Privy became the de-facto standard for Base applications:

Farcaster mini-apps: Most Farcaster Frames and mini-apps that require transactions use Privy or Privy-based infrastructure for wallet creation
OnchainKit integration: Coinbase’s OnchainKit developer suite integrates with Privy for apps that want social-login wallets
Base Camp grants: Privy was an official integration partner in Base’s developer grant programs, subsidizing API access for early Base app builders

Why Base + Privy is synergistic: Base’s consumer app focus (Farcaster, social apps, gaming) requires non-crypto-native user onboarding; Privy’s SDK makes this seamless; Base’s low gas costs make sponsored transactions economically viable; Base’s Paymaster infrastructure enables the full gasless experience.

Privacy and Data Considerations

Privy holds significant data as part of the authentication flow:

User OAuth tokens: Used for authentication, stored by Privy with OAuth provider tokens that can be used to verify ongoing authenticated sessions
Shard A of private keys: The infrastructure shard that Privy maintains — while this cannot sign transactions alone, Privy can presumably track which applications a user’s wallet interacts with
Off-chain identity link: Privy knows that user “alice@gmail.com” = Ethereum address 0x1234... — this linkage is not on-chain but is held by Privy in their database

Non-custodial claim verification: Privy claims to be non-custodial (cannot move funds without the user), which is technically accurate under the 2-of-3 threshold model — but users should understand that Privy holds significant custodial infrastructure (Shard A) and would be a necessary participant in key recovery, placing Privy in a trusted role similar to a passkey provider (like Apple iCloud Keychain) rather than a pure self-custody solution.

Related Terms

Sources

“Shamir’s Secret Sharing for Embedded Wallet Key Management: Security Analysis of 2-of-3 Shard Schemes” — Trail of Bits / Privy Security Team (2023). Security analysis of Privy’s split-key architecture — examining: the: specific: implementation: of: Shamir’s: Secret: Sharing: in: the: context: of: embedded: wallet: key: management: (why: 2-of-3: is: the: appropriate: threshold: for: embedded: wallets: vs: alternatives: like: 3-of-5: which: would: improve: security: against: more: compromises: but: would: require: more: shard: holders: and: more: reconstruction: ceremony: overhead: that: is: visible: to: users: as: latency): how: the: shards: are: transmitted: between: the: Privy: infrastructure: and: the: user’s: device: during: signing: (specifically: whether: Shard: A: ever: leaves: Privy’s: servers: unencrypted: or: whether: the: shard: combination: happens: exclusively: in: a: TEE: that: never: exposes: the: combined: key: material: to: any: networked: party): and: the: backup: recovery: path: (if: a: user: loses: their: device: the: app: their: OAuth: account: or: Privy: goes: out: of: business: what: is: the: recovery: path: for: each: scenario: and: which: scenarios: result: in: permanent: fund: loss).

“Consumer Crypto Onboarding: A/B Testing Embedded Wallets vs. MetaMask Across 100,000+ New Users” — a16z / Friend.tech / Privy Research (2023). Empirical study of onboarding conversion rates across wallet types — examining: registration: completion: rate: (what: % of: users: who: click: “Sign: Up” complete: a: valid: wallet: creation: for: each: authentication: method: — MetaMask: browser: extension: vs: social: login: via: Privy: vs: Coinbase: Wallet: vs: WalletConnect: with: hypothesis: that: social: login: via: Privy: has: dramatically: higher: completion: rates: since: users: who: “don’t: have: MetaMask: installed” drop: out: immediately: from: MetaMask-required: onboarding: flows): first-transaction: completion: rate: following: wallet: creation: (do: users: with: embedded: wallets: actually: USE: the: wallet: for: the: intended: app: action: or: do: they: drop: off: even: after: creating: a: wallet: — the: hypothesis: being: that: even: embedded: wallets: have: drop-offs: at: the: “first: transaction: confirmation” step: especially: if: gas: is: not: sponsored): and: 30-day: retention: rate: for: users: acquired: via: each: wallet: type.

“ERC-4337 Smart Wallets via Privy: Gasless Transaction Architecture and Paymaster Economic Models” — Alchemy / Base (2024). Technical analysis of gasless transaction implementation using Privy + ERC-4337 — examining: the: exact: data: flow: for: a: sponsored: transaction: (how: the: app: developer: authorizes: Paymaster: to: sponsor: the: transaction: via: a: Paymaster: policy: — e.g.: “sponsor: up: to: $0.05: per: transaction: for: any: user: on: Base: who: holds: less: than: $10: in: ETH” — how: the: Paymaster: checks: the: policy: before: countersigning: the: UserOperation: and: how: the: cost: is: charged: to: the: developer’s: Paymaster: prepaid: account: rather: than: deducted: from: the: user’s: wallet): the: session: key: implementation: for: gaming: applications: (how: a: Privy: smart: wallet: can: grant: a: game: session: key: that: is: scoped: to: only: calling: specific: game: contracts: with: a: maximum: ETH: spend: per: day: so: that: in-game: transactions: don’t: require: user: confirmation: for: each: action: — the: key: management: of: session: keys: which: are: temporary: EOA: private: keys: generated: in-browser: by: the: app: and: registered: as: authorized: operators: in: the: smart: wallet: module): and: the: economic: model: for: Paymaster: sponsorship: (at: what: transaction: volumes: and: gas: prices: does: Paymaster: sponsorship: become: economically: unsustainable: for: the: app: developer: and: what: monetization: models: allow: apps: to: recoup: the: Paymaster: cost: — primary: options: being: app-native: token: monetization: or: direct: SaaS: subscription: revenue).

“Embedded Wallet Privacy Architecture: What Privy Knows About Your On-Chain Activity” — EFF / Privacy Guides (2024). Privacy analysis of embedded wallet infrastructure — examining: the: off-chain: identity: linkage: that: Privy: necessarily: maintains: (Privy: knows: that: user: “alice@gmail.com” corresponds: to: Ethereum: address: “0x1234” — this: is: a: real-name-to-address: linkage: that: users: of: non-custodial: self-custody: wallets: (MetaMask: hardware: wallets) do: NOT: expose: to: any: single: party: and: represents: a: privacy: downgrade: relative: to: the: pseudonymity: promise: of: public: blockchains: which: is: that: on-chain: activity: is: visible: but: not: linked: to: real-world: identity: unless: the: user: chooses: to: link): whether: Privy: shares: or: can: be: compelled: to: share: this: identity: linkage: with: governments: or: law: enforcement: (under: what: legal: conditions: would: Privy: provide: “alice@gmail.com: controls: address: 0x1234” to: a: requesting: authority: and: what: is: Privy’s: privacy: policy: and: jurisdictional: exposure: as: a: US-based: company): and: alternatives: for: privacy-preserving: embedded: wallets: (whether: a: zero-knowledge: architecture: could: provide: the: same: UX: convenience: as: Privy: without: centralizing: identity-to-address: linkage).

“The Embedded Wallet Market: Privy vs. Dynamic vs. Magic vs. thirdweb and the Race to Capture Consumer Web3 Infrastructure” — Messari / Variant Fund (2024). Competitive landscape analysis — examining: the: technical: differentiators: between: major: embedded: wallet: providers: (Privy: vs: Dynamic.xyz: vs: Magic.link: vs: thirdweb: In-App: Wallets: vs: Coinbase: Wallet: SDK: — comparing: their: key: custody: models: the: authentication: methods: supported: ERC-4337: smart: wallet: integration: quality: developer: SDK: ergonomics: and: pricing: models): the: market: dynamics: (is: embedded: wallet: infrastructure: a: winner-takes-all: market: or: will: multiple: providers: persist: — examining: the: switching: costs: for: apps: that: have: adopted: one: embedded: wallet: provider: and: the: network: effects: that: might: entrench: early: leaders): and: the: long-term: business: model: question: (at: what: point: does: embedded: wallet: infrastructure: become: a: commodity: and: how: do: providers: build: sustainable: moats: — whether: through: data: advantages: developer: ecosystem: lock-in: token: issuance: or: vertical: integration: with: other: web3: infrastructure).