Shared Responsibility Model

Managing smart accounts is a shared responsibility between you and Openfort. There are some things that we can take care of for you, and some things that you are responsible for. This is by design: we to give you the freedom to access smart accounts however you want.

Generally, we aim reduce your burden of managing infrastructure and knowing about smart accounts internals, minimizing configuration as much as we can. Here are a few things that you should know:

You share the security responsibility#

We give you full access to smart accounts. If you share that project access with other people (either people on your team, or the public in general) then it is your responsibility to ensure that the access levels you provide are correctly managed.

If you have an inexperienced member on your team, then you probably shouldn’t give them access to Production. You should set internal workflows around what they should and should not be able to do, with restricted access to avoid anything that might be deemed dangerous.

You are also responsible for managing your secrets and API keys, storing them safely in an encrypted store.

You decide your own workflow#

There are many ways to work with Openfort.

You can use our Dashboard, our client libraries or API directly.

None of these are right or wrong. It depends on the stage of your project.

Openfort supports that you manage the private keys of the smart accounts your create. Despite that, you definitely shouldn’t be keeping tose on your database directly when you’re in production - but that’s absolutely fine when you’re prototyping and don’t have users.