Wallet / Auth·EVM · Solana
Openfort
Embedded wallets and account abstraction tuned for games. Combines social/email login, non-custodial Shield key recovery, gasless transactions, and session keys for in-game signing across EVM and Solana.
- 01web3 games
- 02session keys for gameplay signing
- 03gasless transactions
- 04non-custodial recovery (Shield)
- 05Unity / Unreal + web parity
- pnpm add @openfort/react wagmi @tanstack/react-query viem@^2
| Variable | Scope | Description |
|---|---|---|
| NEXT_PUBLIC_OPENFORT_PUBLISHABLE_KEY | Client | Openfort publishable key (pk_*) used in the browser. |
| NEXT_PUBLIC_OPENFORT_SHIELD_PUBLISHABLE_KEY | Client | Openfort Shield publishable key for non-custodial recovery encryption. |
| OPENFORT_SECRET_KEY | Server | Openfort secret key (sk_*) for server-side player/account/session-key APIs. Never expose to the client. |
| OPENFORT_SHIELD_SECRET_KEY | Server | Openfort Shield secret key for backend recovery-share encryption. Never expose to the client. |
Use Openfort for embedded gaming wallets with session keys. Wrap the app in `<OpenfortProvider publishableKey={process.env.NEXT_PUBLIC_OPENFORT_PUBLISHABLE_KEY!} walletConfig={{ shieldPublishableKey, createEncryptedSessionEndpoint: '/api/protected-create-encryption-session' }}>` from `@openfort/react`, nested inside `WagmiProvider` + `QueryClientProvider` for EVM (or `@solana/kit` providers for Solana). Drop in `<OpenfortButton />` for connect UX, and read state via `useOpenfort()` / `useUser()`. Server-side, use `@openfort/openfort-node` with `OPENFORT_SECRET_KEY` to mint session keys, sponsor gas via policies, and validate auth tokens. Implement the Shield encryption endpoint server-side — it must never run in the browser.
- ⚑Shield's non-custodial mode requires a *server-implemented* `createEncryptedSessionEndpoint`; if you skip it, recovery shares end up custodial and you lose the non-custodial guarantee.
- ⚑Session keys have explicit scopes (contract, function selector, value cap, expiry) — overly broad scopes are a security footgun, overly narrow ones break gameplay flows. Test both.
- ⚑Gas sponsorship is policy-driven; without an active policy attached to the chain, transactions revert with a confusing `paymaster` error rather than a missing-policy message.
- ⚑Solana support uses a different provider stack than EVM — you cannot share a single Openfort player record across both VMs without separate account linking.
- ⚑Sandbox and live environments use distinct keys and distinct player IDs; migrating from sandbox to live requires re-onboarding users, not a simple key swap.