Skip to content

DPW Portability

Overview

DPW Portability extends UnoLock's Digital Paper Wallet architecture by enabling secure migration of mnemonics between Spaces within a vault, or across different vaults entirely. This feature provides unparalleled flexibility for cryptocurrency key management without compromising sovereignty, ensuring that DPWs generated within UnoLock can be reused, shared, or redundantly stored in other controlled contexts without ever exposing plaintext seeds.

How It Works

  • Split-Entry Import Protocol: Import DPW mnemonics in two halves with real-time BIP-39 validation, optionally using separate trusted devices to mitigate endpoint compromise.
  • Authentication-Bound Encryption: Each mnemonic half is independently encrypted using AES-256-GCM, bound to fresh FIDO2/WebAuthn ceremonies for phishing-resistant security.
  • Zero-Knowledge Migration: Encrypted halves transfer as opaque ciphertexts between vaults, with servers handling only encrypted data and no metadata revealing content type.
  • Authenticated Split-Retrieval: Reconstruction requires separate WebAuthn ceremonies for each half, enforcing distributed trust where no single session can expose the full seed.
  • Cross-Context Flexibility: Seamlessly move DPWs between personal and organizational vaults, or distribute across multiple Spaces with granular access controls.

Security Implications

  • Transit Security: Mnemonics remain encrypted throughout migration, with zero-knowledge guarantees maintained across vault boundaries.
  • Consent-Based Transfer: Every import, export, or reconstruction requires explicit FIDO2/WebAuthn verification, preventing silent or automated migrations.
  • Distributed Trust Architecture: Split-storage across vaults enables multi-party custody scenarios without requiring key sharing or compromise.

Use Cases

  • Cross-Space Import: Migrate DPWs between Spaces for granular access control, enabling admin rights in one Space while maintaining read-only access in another.
  • Cross-Vault Portability: Import the same DPW into personal and organizational vaults, ensuring business continuity without breaking security boundaries.
  • Inheritance Planning: Copy DPWs into designated LegacyLink vaults for estate planning, maintaining survivability without key exposure.
  • Shared Custody: Distribute encrypted halves across vaults controlled by different trustees, providing multi-party assurance for high-value assets.

Why It Matters

DPW Portability solves the critical challenge of key management flexibility in cryptocurrency custody. By enabling secure migration and distribution of DPWs across multiple contexts, it provides the redundancy and accessibility needed for real-world asset management while maintaining the uncompromising security standards that define UnoLock's zero-knowledge architecture.

FAQs

Can migrated DPWs be traced between vaults?

No, each vault operates independently with no correlation possible between encrypted records. Servers cannot determine that the same DPW exists in multiple locations.

What happens if migration is interrupted?

The atomic nature of the migration ensures that incomplete transfers leave no partial data. You can safely retry the migration without risk of corruption or exposure.

Can I limit who can import my DPW?

Yes, import operations require both the encrypted DPW data and appropriate vault permissions. You maintain complete control over distribution and access rights.

Compliance & Privacy Regulations

  • Data Portability Compliance: Satisfies GDPR Article 20 requirements for data portability while maintaining encryption throughout the transfer process.
  • Custody Chain Documentation: Migration events create auditable logs without exposing key material, supporting compliance and governance requirements.

Integration with Other Features

  • SeedSafe Architecture: Leverages SeedSafe's split-entry and authenticated retrieval mechanisms for consistent security across all mnemonic operations.
  • LegacyLink: Enables seamless integration with inheritance planning by allowing DPW copies in designated successor vaults.
  • Spaces: Provides granular control over DPW access across different organizational contexts within the same vault.

Back to Features Overview