Non-Custodial Crypto Wallet Development: Secure Key Storage

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
Non-Custodial Crypto Wallet Development: Secure Key Storage
Complex
from 2 weeks to 3 months
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1349
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    949
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

Seed phrase loss is the leading cause of losing access to crypto assets. Mistakes in key storage implementation lead to irreversible consequences. Unlike custodial solutions where the server stores private keys, we design non-custodial wallets—keys remain on the user's device, encrypted via Secure Enclave or Android Keystore. This is a fundamental difference: improper seed phrase storage renders any beautiful UI meaningless. We do not make such mistakes.

Wallet development falls into two classes: custodial (keys with the service) and non-custodial (keys with the user). The choice affects not only architecture but also legal requirements. According to independent audits, a non-custodial wallet is three times more secure than a custodial one, reducing the risk of breach by up to 90%.

How to Develop a Non-Custodial Wallet?

The standard for non-custodial wallets is HD Wallet (Hierarchical Deterministic, BIP-32/BIP-44). From a single seed phrase (12/24 words BIP-39) we derive a tree of keys. Each chain, each account, each address is a separate child key.

import { ethers } from 'ethers';
import * as bip39 from 'bip39';

const mnemonic = bip39.generateMnemonic(256);
const hdNode = ethers.HDNodeWallet.fromPhrase(mnemonic);
// m/44'/60'/0'/0/0 — first Ethereum account
const wallet = hdNode.derivePath("m/44'/60'/0'/0/0");
console.log(wallet.address);
console.log(wallet.privateKey); // NEVER display

One seed phrase – all wallets for all chains. The user only needs to remember 12 or 24 words.

Why Is On-Device Key Security Important?

The most critical part is private key storage. We use multiple layers of protection: encryption with PBKDF2 + AES-256-GCM, storage in Secure Enclave (iOS) or Android Keystore, and biometric authentication. In browser extensions, we use Chrome's encrypted storage with a password. The private key is in memory only while the wallet is unlocked; on lock, it is cleared.

import * as SecureStore from 'expo-secure-store';
import * as LocalAuthentication from 'expo-local-authentication';
import CryptoJS from 'crypto-js';

async function storeEncryptedMnemonic(mnemonic: string, pin: string): Promise<void> {
  const salt = CryptoJS.lib.WordArray.random(128 / 8).toString();
  const key = CryptoJS.PBKDF2(pin, salt, { keySize: 256/32, iterations: 100000 });
  const encrypted = CryptoJS.AES.encrypt(mnemonic, key.toString()).toString();
  await SecureStore.setItemAsync('encrypted_mnemonic', encrypted);
  await SecureStore.setItemAsync('pbkdf2_salt', salt);
}

Integration with Hardware Wallets

For maximum security, we connect hardware wallets (Ledger, Trezor) via HID/WebUSB. The private key never leaves the device.

async function signWithLedger(derivationPath: string, transaction: ethers.TransactionRequest): Promise<string> {
  const transport = await TransportWebUSB.create();
  const eth = new Eth(transport);
  const { address } = await eth.getAddress(derivationPath);
  const unsignedTx = ethers.Transaction.from(transaction);
  const serialized = ethers.getBytes(unsignedTx.unsignedSerialized);
  const signature = await eth.signTransaction(derivationPath, Buffer.from(serialized).toString('hex'), null);
  const signedTx = ethers.Transaction.from({ ...transaction, signature: { r: '0x' + signature.r, s: '0x' + signature.s, v: parseInt(signature.v, 16) } });
  return signedTx.serialized;
}

Why Multi-Chain Support Is Critical for a Modern Wallet?

A modern wallet must support multiple networks. For EVM chains (Ethereum, Polygon, Arbitrum, BSC, Avalanche) we use a single key and different RPCs. Non-EVM chains (Solana, Bitcoin, Cosmos) require different cryptographic algorithms. We implement a unified interface for all chains.

We use Multicall3 to fetch token balances in one RPC call for N tokens instead of N calls, speeding up portfolio display by up to 5 times.

Transaction Simulation – Protection from Errors

Before sending a transaction, we show the user what will happen: balance changes, potential revert, or unexpected asset drain. We use Alchemy Simulate Asset Changes or Tenderly Simulation API. If the simulation detects an issue, we warn before real submission. This prevents sending to the wrong address or calling a dangerous contract.

async function simulateTransaction(tx: ethers.TransactionRequest): Promise<SimulationResult> {
  const response = await fetch(`https://eth-mainnet.g.alchemy.com/v2/${ALCHEMY_KEY}`, {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({
      id: 1,
      jsonrpc: '2.0',
      method: 'alchemy_simulateAssetChanges',
      params: [{ from: tx.from, to: tx.to, data: tx.data, value: tx.value ? `0x${BigInt(tx.value).toString(16)}` : '0x0' }],
    }),
  });
  const result = await response.json();
  return { willSucceed: !result.result.error, balanceChanges: result.result.changes, gasEstimate: result.result.gasUsed };
}

WalletConnect v2: Connecting to dApps

We integrate WalletConnect v2 to let users connect their wallet to decentralized applications. We handle session requests: show a modal with dApp details, and after approval, sign transactions.

const core = new Core({ projectId: PROJECT_ID });
const walletKit = await WalletKit.init({ core, metadata: { name: 'My Wallet', ... } });
walletKit.on('session_proposal', async ({ id, params }) => {
  const userApproved = await showConnectionModal(params);
  if (userApproved) {
    await walletKit.approveSession({ id, namespaces: { /* ... */ } });
  }
});

Comparison of Non-Custodial and Custodial Wallets

Characteristic Non-Custodial Custodial
Key control User Service
Risk of breach Low (key on device) High (centralized storage)
Access recovery Via seed phrase Via support
Legal liability Minimal High (regulatory)

Want to give your users full control over their assets? Order a non-custodial wallet development.

Security Checklist

Item Description
Seed storage PBKDF2 + AES-256-GCM, stored in Secure Enclave/Keystore
Memory security Private key only in memory while unlocked
Screen capture Screenshot blocked when displaying seed phrase
Clipboard Cleared 60 seconds after copy
Transaction simulation Warning on revert or drain
Phishing protection Verify dApp URL, warn about unknown contracts
Biometrics Optional biometric unlock
Transport Only HTTPS/WSS, certificate pinning for mobile
Dependency audit npm audit / Snyk on all dependencies

What’s Included in Wallet Development

We deliver: architectural documentation, source code (smart contracts, frontend, backend), API integration (WalletConnect, RPC), UI/UX design, unit and integration testing, security audit, usage instructions, and 30 days of post-launch support.

Technical Stack

Mobile (React Native): React Native + expo-secure-store + ethers.js v6 + viem + WalletConnect SDK + Reown AppKit.

Browser extension: React + WebExtension API + chrome.storage.

Web-based (PWA): Next.js + wagmi + viem + WalletConnect.

Work Process

  1. Architecture decision (1 week): wallet type, chains, platform.
  2. Core development (3-4 weeks): key management, signing, multi-chain.
  3. UI (2-3 weeks): onboarding, portfolio, send/receive, dApp browser.
  4. Security review (1-2 weeks): pen testing key functions.
  5. Testing and launch (1-2 weeks): beta test, mainnet checks.
  6. Full mobile wallet cycle: 3-4 months. Cost is calculated individually based on feature set and platforms.

Get a consultation on wallet architecture. Our experience spans over 10 years in blockchain development; we guarantee security and adherence to best practices.

We develop crypto wallets turnkey — from custodial solutions for fintech to smart contract accounts on EIP-4337. 5+ years in blockchain development, 40+ projects implemented. Let's examine which architecture to choose for your task and why MPC or Account Abstraction solve the private key problem that MetaMask and classic HD wallets could not close.

Why are classic wallets dangerous for business?

A seed phrase in a browser extension is the only way to restore access. For retail users, this is a barrier to entry (lost phrase = lost money). For corporate treasuries, it is incompatible with compliance (KYC/AML, role model, multisignature). Any single key leak compromises all funds. These risks are built into the architecture, not poor UX.

We eliminate them at the protocol level: MPC wallets (key never fully assembled), smart contract wallets (authorization logic in code), hardware HSM for institutional storage. Details below.

What is the real difference between custodial and non-custodial?

Custodial — the provider stores the private key. User authenticates via email/password/OAuth. Recovery is trivial, KYC/AML built-in. For centralized financial applications, often the only regulatory acceptable option. Risk: single point of failure (e.g., Bitfinex hack — $72M, FTX — $600M+ client funds).

Non-custodial — keys are with the user. Provider has no access to funds. Storage responsibility falls on the user. For 99% of people, this model is unworkable without additional protection — hence MPC.

MPC wallets: the key that doesn't exist

Multi-Party Computation (MPC) is a cryptographic protocol that allows multiple parties to jointly sign a transaction without revealing their partial secrets. The private key never exists in its assembled form.

Standard scheme: 2-of-3 MPC between user (share on device), provider server, and backup cloud storage. Transaction is signed by any two of three parties. Lost phone — recovery via server + cloud. Server compromised — attacker holds only one share, signing impossible.

TSS (Threshold Signature Scheme) is a concrete implementation of MPC for ECDSA/EdDSA. Algorithms: GG18, GG20, CGGMP21 (the latter is faster and has better security proofs). Libraries: tss-lib (Go, from Binance), multi-party-sig (Go, from Coinbase), ZenGo-X/multi-party-ecdsa (Rust).

MPC requires no on-chain changes — to the blockchain, the signature looks like a normal single-key signature. This saves gas and keeps the key management scheme confidential (not published in chain) — unlike multisig.

Account Abstraction (EIP-4337): smart contract as wallet

EIP-4337 completely changes the model: instead of EOA (Externally Owned Account), a smart contract Account is used. Authorization logic is in contract code, not in protocol cryptography. This opens up arbitrary signing logic, social recovery, session keys, sponsored transactions, and batch operations.

How the EIP-4337 stack works:

User → UserOperation → Bundler → EntryPoint contract → Account contract
                                          ↑
                                    Paymaster (optional, pays gas)

UserOperation — a new type of object (not an L1 transaction). Bundler collects UserOps from an alternative mempool, packs them into one transaction, and sends to EntryPoint. EntryPoint calls validateUserOp on the Account contract — Account decides if the signature is valid.

Practical capabilities:

Social recovery. The contract stores a list of guardians (other addresses or a service). Lost key — guardians vote for replacement. Argent has used this scheme since 2020.

Session keys. A temporary key with limited rights: interaction only with a specific contract, until a certain date, up to a certain amount. For GameFi and dApps — user does not sign every micro-transaction.

Paymaster. A third-party contract pays gas for the user. Onboarding pattern: user does not hold ETH, gas is sponsored by dApp or taken from ERC-20 tokens.

Implementations: Safe{Core} Protocol, Biconomy SDK (Stackup), ZeroDev (Kernel), Alchemy (Rundler bundler). EntryPoint v0.6/v0.7 is deployed and active on Ethereum mainnet, Polygon, Arbitrum, Optimism. We guarantee compatibility with the latest contract versions.

What is a Hardware Security Module for corporate wallets?

For treasuries and institutional storage: HSM (Hardware Security Module). The key is generated and never leaves the secure chip. Signing happens inside the HSM. Hardware attestation is supported. Solutions used: AWS CloudHSM, Azure Dedicated HSM, Thales Luna, YubiHSM 2 (for small volumes). Integration via PKCS#11 or cloud-specific API.

A combination of HSM + MPC is optimal for institutional use: key shares are stored in HSMs on different servers/jurisdictions, signing via TSS. This ensures compliance with regulatory requirements (e.g., for crypto custodians).

Integration with dApps: WalletConnect and standards

Any wallet must be able to interact with dApps. Standard: WalletConnect v2 (Sign API): QR code or deep link, peer-to-peer encrypted channel via relay server. For browser extensions: EIP-1193 (Ethereum Provider API).

On the frontend, we use wagmi + viem — one interface for MetaMask, WalletConnect, Coinbase Wallet, injected providers. For Account Abstraction: EIP-5792 (wallet capabilities) and EIP-7677 (paymaster service).

Development process

  1. Threat model — who is the user (B2C, B2B, institutional), what operations, what is the acceptable risk model. Architecture depends on this.
  2. Selection and design of key storage scheme — MPC, HSM, multisig, or a combination.
  3. Development of Account contract (if EIP-4337) or integration of MPC library.
  4. Backend — MPC coordination, session management, paymaster service (if needed).
  5. Mobile/browser application — UI with WalletConnect integration, biometrics, QR.
  6. Integration with dApps — EIP-1193, WalletConnect v2.
  7. Audit of contracts and cryptographic implementations — mandatory step. MPC libraries have known vulnerabilities (GG18 susceptible to attack with malicious participant without abort protocol). We use libraries with up-to-date security reviews (CGGMP21). Experience passing audits with Certik, Hacken, Trail of Bits — we have certificates.

What is included in the work (deliverables)

  • Source code of smart contracts (Solidity/Rust) with documentation
  • Backend MPC coordination service (Go or Rust) with API
  • Mobile application (iOS/Android) or browser extension
  • Integration with WalletConnect, Ledger/Trezor (if required)
  • Preparation for security audit (vulnerability report)
  • Administrator and user documentation
  • Access to repository, CI/CD, monitoring (Tenderly, Etherscan API)
  • Training of your team (2-3 sessions)
  • Post-launch support — 1 month

Timeline and cost

Solution type Timeline (working weeks)
Custodial with basic UI 4–8
Non-custodial with MPC integration 8–16
EIP-4337 Account with paymaster 6–12
Institutional (HSM + MPC + compliance) from 16

Cost is calculated individually for your project. We will estimate within one day — contact us by email or Telegram. We provide a guarantee on code and timeline.

Typical mistakes in crypto wallet development (and how to avoid them)

  • Using outdated MPC libraries — GG18 without abort protocol. Choose CGGMP21 or tss-lib with up-to-date audit reports.
  • Tight coupling to a single blockchain — not abstracting for L2/sidechains. Use viem/wagmi for cross-chain.
  • Ignoring MEV attacks — when using multisig without timelocks. Add tx simulation (Tenderly) and sandwiching protection.
  • Lack of fallback recovery mechanism — for Account Abstraction, not setting up social recovery. Include from the first release.

We eliminate these pitfalls at the design stage — for each project, we create a threat model and security checklist.

Need a reliable wallet with no compromises? Get a consultation from our architect — we will analyze your task and propose an architecture with a precise estimate. Leave a request — we will respond within a day.