Shield (automatic recovery)


This guide is for developers that want to self-host Shield (automatic recovery) for their users. If you are a user looking to use Shield and to understand how it works, please refer to the user guide.

In automatic recovery, Openfort uses Shield to encrypt and store the recovery share of the embedded signer on behalf of the user.


In the case you do not require a passcode from your users, you are trusting whoever hosts Shield's infrastructure as well as setting the user's authentication token as the sole root of trust for their wallet. We generally recommend you prompt users to set a recovery passcode upfront, especially as assets in a wallet grow.

Communicating with Shield#

We have created a client side library to help you interact with the Shield service. You can find the library on: