LogoLogo
X👾💡🎒
Support Docs
  • Support Docs
  • Technical Docs
  • API Docs
Support Docs
  • Start Here
    • Downloads
  • Exchange
    • Account Functions
      • Change Email
      • Take Profit & Stop Loss Orders (TP/SL)
      • Export trading history (CSV)
      • Order types and executions
      • Generate API keys for Backpack Exchange
    • Identity Verification
      • KYC Identity Verification is pending
      • How To Verify Account Identity
        • Create a new account
        • Verify Identity (KYC)
      • Supported Regions
    • Deposits and Withdrawals
      • Crypto
        • How to Deposit
        • How to Withdraw
        • Deposit & Withdrawal Issues
        • Withdrawal Fees
      • Fiat
        • How to Deposit via Wire
        • How to Withdraw via Wire
        • FAQs
          • Deposit
          • Withdraw
        • Bank Guides
          • Chase
            • How to Deposit via Wire Transfer — Chase Bank
          • ZA Bank
            • How to Deposit via Wire Transfer — ZA Bank
            • How to Withdraw via Wire Transfer — ZA Bank
    • Login and Security
      • Account Identity Requirements
      • Reset Password
      • OTP Passcode
      • Reset 2FA
      • I suspect unauthorized access to my account
      • Troubleshoot connectivity issues
    • Product FAQs
      • Spot Trading FAQs
      • Lend/Borrow FAQs
    • Programs
      • Points
      • Referrals
      • Affiliate Program
        • Flexible Commission Sharing
      • VIP
      • Market Maker Program
      • Token Listing Application
      • Bug Bounty Program
    • Trading Fees
    • API & Developer Docs
      • API Clients
      • Backpack Exchange Python API guide
  • Wallet
    • What is Backpack Wallet?
    • Get Started
      • Supported Browsers and Platforms
      • Import/Recover Wallet
    • Actions
      • Swap Tokens
      • How to Buy and Sell Crypto with MoonPay
        • Buy Crypto in Backpack Wallet with MoonPay
        • Sell Crypto in Backpack Wallet with MoonPay
      • Refer, Swap & Earn
      • Stake SOL
      • SOL/ETH Bridge
      • Secure NFTs
      • Add Networks
      • Connect Hardware Wallet
      • Multisig
      • Custom RPC Addresses
      • Add Developer Testnets
      • Collaboration Application Form
    • Troubleshoot
      • Hide Spam NFTs
      • Hide Tokens
      • Wallet Not Loading
      • View Secret Recovery Phrases and Private Keys
    • Technical Docs
      • Deeplinks
        • Provider Methods
          • Connect
          • Disconnect
          • SignAndSendTransaction
          • SignAllTransactions
          • SignTransaction
          • SignMessage
        • Other Methods
          • Browse
        • Handling Sessions
        • Specifying Redirects
        • Encryption
        • Limitations
  • Report Issue or Bug
    • Exchange
    • Wallet
  • Legal
    • General Legal
      • User Agreement
      • Privacy Policy
      • Cookie Policy
    • VARA Disclosures
      • Virtual Asset Standards
      • VARA License Information
      • Risk Disclosures
      • Price Quotes
      • Exchange Trading Rules
      • Complaints
      • Available Digital Assets
    • UK Crypto Regulations & Risk Disclosure
    • Backpack Wallet
      • Terms and Conditions
      • Privacy Notice
Powered by GitBook

@ 2025 Backpack Exchange

On this page
  • Encryption & Decryption Workflow
  • Encryption Resources
Export as PDF
  1. Wallet
  2. Technical Docs
  3. Deeplinks

Encryption

PreviousSpecifying RedirectsNextLimitations

Last updated 1 month ago

Deeplinks are encrypted using symmetric key encryption generated from a . While deeplink sessions will be created in plaintext, an encrypted channel will be created to prevent session tokens from getting hijacked.

Encryption & Decryption Workflow

Backpack deeplinks are encrypted with the following workflows:

Connect

  1. [dapp]: On the initial connect deeplink, apps should include a dapp_encryption_public_key query parameter. It's recommended to create a new x25519 keypair for every session started with connect. In all methods, the public key for this keypair is referred to as dapp_encryption_public_key.

  2. [backpack]: Upon handling a connect deeplink, Backpack will also generate a new x25519 keypair.

    • Backpack will return this public key as wallet_encryption_public_key in the connect response.

    • Backpack will create a secret key using Diffie-Hellman with dapp_encryption_public_key and the private key associated with wallet_encryption_public_key.

    • Backpack will locally store a mapping of dapp_encryption_public_key to shared secrets for use with decryption in subsequent deeplinks.

  3. [dapp]: Upon receiving the connect response, the dapp should create a shared secret by using Diffie-Hellman with wallet_encryption_public_key and the private key associated with dapp_encryption_public_key. This shared secret should then be used to decrypt the data field in the response. If done correctly, the user's public key will be available to share with the dapp inside the data JSON object.

Subsequent Deeplinks

  1. [dapp]: For any subsequent methods (such as and ), apps should send a dapp_encryption_public_key (the public key side of the shared secret) used with Backpack along with an encrypted payload object.

  2. [backpack]: Upon approval, Backpack will encrypt the signed response as a JSON object with the encryption sent as a data= query param.

  3. [dapp]: Upon receiving the deeplink response, apps should decrypt the object in the data= query parameter to view the signature.

Encryption Resources

To learn more about encryption and decryption, please refer to the following libraries:

JavaScript

iOS

Android

Diffie-Hellman key exchange
SignAndSendTransaction
SignMessage
TweetNaCl.js
TweetNaCl SwiftWrap
Tink
TweetNaCl Java