10 min read
Your Identity Is a Seed
A CardanoWall identity is one 32-byte Identity Seed. Save that seed and you can restore your signing and receive keys in any Label 309 tool; lose it and you lose future use of that identity.
SecurityGuides
Posts tagged “identity”
10 min read
What Is a Receive Address?
A receive address is the public address someone uses to send you a sealed Label 309 record. It is safe to share — unlike your private Identity Seed, which it can never reveal.
GuidesSecurity
10 min read
How to Receive a Sealed Record
Share a receive address. Your client scans the public Label 309 feed and locally decrypts the records your keys can open — no server-side mailbox, no recipient list on chain.
GuidesSecurity
10 min read
Why Your Keys Never Leave the Device
In CardanoWall, signing, sealing, and decryption all happen locally — the gateway publishes proofs and stores ciphertext but is designed never to receive your private keys.
Security
9 min read
How CardanoWall Stores Your Identity
CardanoWall stores your identity as encrypted vault ciphertext, never plaintext seeds. Here is exactly what the server holds, what only your passkey can open, and why your seed is the real backup.
Security
8 min read
How Passkeys Protect Your Identity Vault in CardanoWall
A passkey does not become your CardanoWall identity — it unlocks an encrypted vault that only your authenticators can open. Here is how WebAuthn PRF makes daily access easy without making CardanoWall a seed custodian.
Security
7 min read
Why the Identity Seed Still Matters When You Have a Passkey
Yes, you still need to save your Identity Seed even with a passkey. The passkey is a convenience unlock; the seed is the portable identity that works across CardanoWall, the CLI, SDKs, and any Label 309 tool.
SecurityGuides
8 min read
Where CardanoWall Keeps Your Keys in the Browser
In the browser, CardanoWall keeps unlocked keys in session memory and writes only encrypted vault ciphertext to IndexedDB — never plaintext Identity Seeds or private keys.
Security
7 min read
What Happens If You Remove a Passkey in CardanoWall?
Removing a passkey re-encrypts your current CardanoWall identity vault to the remaining factors and hard-deletes the old ciphertext — real revocation going forward, but it cannot undo access that already happened.
Security
8 min read
What CardanoWall Can See (and What It Can't)
CardanoWall sees account, billing, and public proof data. By design it does not see your plaintext Identity Seed, your private keys, or the plaintext of a sealed file.
Security
7 min read
Shared Team Identities: One Identity, Many People
A team can share a CardanoWall identity by sharing its Identity Seed — but that hands every holder full signing and decryption power, with no partial or per-person revocation.
GuidesSecurity
8 min read
Active, Deactivated, Deleted: What Each Identity State Means
Deactivating or deleting a CardanoWall identity changes how your account uses it, but it never changes the cryptographic validity of records already published on Cardano.
GuidesSecurity