QELT blockchain - World's first RWA-exclusive EVM Layer-1 blockchain platform
Navigation
Home
Ecosystem
RWA
Token
Developers
Mainnet
Testnet
About
DEX
Bridge
Staking
AI Agents
AI Tools
QELT Hub
dApps
QXMP.aiQELTScanQELT DEX
← Back to dApp Docs

Wallet System

QELT Hub supports both external Web3 wallets (self-custodied) and server-managed custodial wallets for email users. Both wallet types can interact with all platform features including the DEX.

Jump to:
Web3 WalletCustodial WalletEncryption DetailsDEX Interaction

Web3 Wallet (External)

Users who authenticate with an external Web3 wallet use their own self-custodied wallet directly. QELT Hub never has access to their private keys.

How It Works

  • The wallet connects through the wagmi/WalletConnect stack
  • The user's wallet address is read from the connected wallet
  • All blockchain transactions are signed directly by the user's wallet
  • The user maintains full control of their private keys
  • Transaction requests are sent to the wallet for user approval before being broadcast

Supported Wallets

MetaMask

Extension & Mobile

Coinbase Wallet

Extension & Mobile

Trust Wallet

Mobile

Phantom

Extension & Mobile

WalletConnect

Universal Protocol

Custodial Wallet

For users who register via email/password, QELT Hub generates a custodial wallet — a blockchain wallet whose private key is encrypted and stored on the server. The plaintext private key and mnemonic are never stored.

Creation Flow

1

User Registration

User registers with email + password.

2

Wallet Generation

The system generates a new Ethereum-compatible wallet using BIP39 (12 or 24 word mnemonic) and BIP32 HD derivation (m/44'/60'/0'/0/0).

3

Key Encryption

The wallet's private key and mnemonic are encrypted using AES-256-GCM with a key derived from the user's password via Argon2id.

4

Secure Storage

The encrypted data is stored in the database — the plaintext private key and mnemonic are never stored.

5

Seed Phrase Backup

The user is presented with their seed phrase and must acknowledge they've backed it up. A verification step confirms the user wrote it down correctly.

Security Properties

  • Password-derived encryption: The wallet can only be decrypted with the user's password — no one else (including server admins) can access the private key
  • Seed phrase backup: Users are required to back up their 12/24 word seed phrase
  • Audit logging: Every wallet access (creation, decryption, seed view) is logged
  • Re-encryption on password change: When a user changes their password, the wallet data is re-encrypted with the new password

Encryption Details

Custodial wallet private keys are encrypted using industry-standard algorithms with strong key derivation.

ParameterValue
Encryption AlgorithmAES-256-GCM
Key DerivationArgon2id
Memory Cost64 MB (65536 KiB)
Time Cost3 iterations
Parallelism4 threads
IV Length128 bits
Auth Tag Length128 bits
Salt Length256 bits

How Wallets Interact with the DEX

Both wallet types can interact with the QELT DEX, but the signing mechanism differs. Both pathways support token swaps, ERC-20 approvals, liquidity provision/removal, and token transfers.

External Web3 Wallet → DEX

  1. 1User initiates a swap/transaction on the DEX UI
  2. 2Transaction is prepared by the frontend
  3. 3Transaction sent to wallet for signing (MetaMask popup)
  4. 4User approves and wallet signs the transaction
  5. 5Signed transaction is broadcast to QELT blockchain

Custodial Wallet → DEX

  1. 1User initiates a swap/transaction on the DEX UI
  2. 2Transaction details sent to server-side signing endpoint
  3. 3Server decrypts private key using session credentials
  4. 4Server signs and broadcasts the transaction
  5. 5Private key immediately cleared from memory

Next Steps

Learn about the decentralized exchange where both wallet types come together for DeFi trading.

DEXSecurity Architecture