docsKey Concepts

Key Concepts

Understanding these core concepts will help you effectively use the Keypo SDK for your encryption and data management needs.

Data Identifiers

  • Each piece of encrypted data has a unique dataIdentifier, which is used for retrieval and decryption.
  • Human-readable names are stored in metadata, they are not required to be unique.
  • Use list, getDataInfo or search to retrieve dataIdentifier.

Access Control

  • Users who encrypted data have full, self-custody control over the data.
  • Access controls are mediated by EVM smart contracts.
  • Use share to update access conditions in place on previously encrypted data, without requiring re-encryption.

PreProcess and PostProcess

  • It’s required to run preProcess on your data before encrypting it, and run postProcess on your data after decrypting it.
  • preProcess converts your data into a Uint8array for efficient encryption and generates necessary metadata for reconstructing the data after decryption.
  • Decrypt produces a Uint8array and metadata for postProcess to reconstruct your data in its original format.

Encrypt/Decrypt vs EncryptForProxy/ProxyExecute

  • Use encrypt/decrypt when you want authorized users to be able to see the unencrypted data.
  • Use encryptForProxy/proxyExecute when you want authorized users to be able to use the unencrypted data without being able to see it. Currently this feature only supports encrypting API keys: API calls can be made without exposure of the unencrypted key.

Wallet Management

  • Keypo is compatible with EOAs and the following embedded wallets: Privy, Turnkey and Dynamic.
  • Keypo is not currently compatible with injected browser wallets like Metamask, Coinbase Wallet or Phantom. If you are interested in support for injected wallets, please reach out: hello@keypo.io.
  • Encrypt and EncryptForProxy requires the wallet to be a Viem wallet client object. Decrypt and ProxyExecute requires the wallet to be an Ethers v5 wallet. All the compatible wallet clients (EOAs and embedded wallets) can be represented as a Viem wallet client or Ethers v5 wallet interchangeably.
  • Encrypt and EncryptForProxy requires a signed authorization from the wallet to be used as an EIP7702 smart wallet in order to provide a gassless experience. For more information about signed authorization, please consult this guide for EOAs and this guide for embedded wallets.
Getting StartedConfiguration