Add a new device
Allow your user to access their wallet from several devices
To add a new device, the user's wallet must already exist in our system. When the user attempts to connect to their wallet on a new secondary device, no signer is available.
There are 2 possible scenarios when a user is connecting to a secondary device:
User has lost access to his primary device: in this case, you have to start a recovery.
User has access to their primary device: this will be described in the following steps.
1. Init a new signer request
From the SDK, you need to call initNewSignerRequest on the secondary device. It will create a signer and initiate a new signer request. This request, once validated on the primary device, will grant access to the secondary signer on the Safe smart wallet.
The user will be asked to use its biometrics to create the new passkey.
2. Save the new signer request
You need to implement a service within your backend to validate and send new signer requests.
It will do two things:
validate the user's identity and the wallet associated with them
call our dedicated route to save the request.
This API route is protected by your API Secret. Your API Secret should stay private, only be used in your backend, and never exposed in your front end.
3. Get all new signer requests
The wallet needs to be connected to call that function.
Once the user's request is created. You must display it on your user's primary device to confirm the addition of the secondary device.
To retrieve all active new signer requests for a wallet, you can call :
You have to create a UI to let your user validate or delete pending requests.
4.a Validate a new signer request
In your backend you will need a validation route to execute the following logic:
validate the user's identity and the associated wallet
call the Cometh Connect API route to validate a request
This API route is protected by your API Secret. Your API Secret should stay private, only be used in your backend, and never exposed in your front end.
You'll be able to call this service from your front-end to validate the request.
If the request is not of type WEBAUTHN you don't need to do the following code to wait for the deployment of the new webauthn signer
4.b Add the new signer as owner of the wallet
Then, you can add the new signer as an owner of the user wallet.
Here is a TS code example of the entire validation flow:
Delete a new signer request
In your backend you will need a deletion route to execute the following logic:
validate the user's identity and the associated wallet
call the Cometh Connect API route to delete a request
This API route is protected by your API Secret. Your API Secret should stay private, only be used in your backend, and never exposed in your front end.
Last updated