Magic Link Wallet Integration
Magic (formerly Magic Link) is an SDK for creating custodial and non-custodial wallets via email/phone without a seed phrase. A user logs in via email link or OTP, Magic creates or recovers the wallet through HSM-based key infrastructure.
How It Works
Magic uses Delegated Key Management: the private key is generated and stored in AWS CloudHSM, split between Magic and the user through DKMS (no one controls the key alone). When the user authenticates — Magic recovers the key and performs the signature inside a secure environment.
This distinguishes Magic from fully custodial solutions: Magic technically cannot sign transactions on its own without user participation.
Integration
import { Magic } from "magic-sdk";
const magic = new Magic("YOUR_PUBLISHABLE_API_KEY", {
network: {
rpcUrl: "https://polygon-rpc.com",
chainId: 137,
},
});
// Email login
async function login(email: string): Promise<string> {
await magic.auth.loginWithEmailOTP({ email });
const userInfo = await magic.user.getInfo();
return userInfo.publicAddress!;
}
// Transaction signature via Web3 provider
const web3 = new Web3(magic.rpcProvider);
const txHash = await web3.eth.sendTransaction({
from: userAddress,
to: "0xRecipient",
value: web3.utils.toWei("0.01", "ether"),
});
Magic provides a compatible Web3/ethers provider — existing code written for MetaMask works without changes.
Limitations
Magic is a custodial solution. The user doesn't have direct access to the private key, cannot export seed phrase (only in Magic Connect Pro). Suits applications where UX is more important than self-custody: games, loyalty programs, NFT marketplaces with broad audience.
For audiences valuing self-custody — Dynamic or Privy with embedded wallets with key export capability.
Integration with Magic takes 1–3 days for basic authentication + transaction flow. Main considerations when choosing: key storage policy, compliance requirements, need for user key export.