SOL Wallet ShadowAll Docs
Security

Wallet Security - How Your Private Key Is Protected

Understand how SOL Wallet Shadow protects your private key with AES-256-GCM encryption, client-side storage, and non-custodial architecture.

Non-Custodial Architecture

SOL Wallet Shadow is a non-custodial application. This means:

  • No backend servers store your private key
  • No accounts — there's nothing to hack
  • No databases — your data lives only in your browser
  • No third-party access — only you can access your wallet

The entire application runs client-side in your browser. Your private key never leaves your device.

AES-256-GCM Encryption

When you import your wallet, your private key is encrypted using AES-256-GCM — the same encryption standard used by governments and financial institutions.

How It Works

  • You enter your private key and choose a password
  • The app derives an encryption key from your password using PBKDF2
  • Your private key is encrypted with AES-256-GCM
  • The encrypted blob is stored in your browser's local storage
  • When you need to sign a transaction, you enter your password to decrypt the key in memory

What This Means

  • Even if someone accesses your browser's local storage, they can't read your private key without your password
  • The encryption happens entirely in your browser using the Web Crypto API
  • No unencrypted key is ever written to disk

Best Practices

  • Use a dedicated trading wallet — Create a new wallet specifically for copy trading. Transfer only the funds you want to trade with.
  • Use a strong password — Your encryption is only as strong as your password. Use a long, unique password.
  • Don't share your screen — When entering your private key or password, make sure no one can see your screen.
  • Clear your data — If you stop using the app, clear the encrypted key from your browser's local storage.
  • Keep funds limited — Only keep in your trading wallet what you're willing to risk. Move profits to a hardware wallet regularly.

What We Don't Have Access To

  • Your private key (encrypted client-side)
  • Your wallet balance
  • Your trading history
  • Your personal information
  • Your IP address (no backend to log it)

Open Source Transparency

The code runs in your browser and can be inspected at any time using your browser's developer tools. What you see is what runs — there's no hidden server-side logic.

PreviousTelegram Alerts Setup - Real-Time Trading NotificationsNextRPC Configuration - Choosing the Right Solana RPC

Ready to start copy trading?

Connect your wallet and discover top-performing Solana traders to follow.

Launch SOL Wallet Shadow