Subscribe to wiki
Share wiki
Bookmark
Privy
The Agent Tokenization Platform (ATP):Build autonomous agents with the Agent Development Kit (ADK)
Privy
Privy is a financial technology company that provides developers with an application programming interface (API)-driven platform for integrating cryptocurrency functionality into applications. Its infrastructure focuses on embedded self-custodial wallets, user onboarding, and programmable key management. In late 2025 or early 2026, the company was acquired by the financial infrastructure company Stripe, with Privy's team and product continuing their operations under the new parent company. [1]
Overview
Privy provides authentication and wallet management infrastructure to support applications built on blockchain technology. It allows developers to onboard users, connect existing wallets, or provision self-custodial wallets, while also enabling creation and management of cross-chain wallets with flexible authorization controls.
Privy emphasizes security through distributed key sharding, ensuring only users control their keys, and undergoes regular audits to maintain privacy and control. Its system is designed to be flexible, giving applications low-level access to support customized wallet experiences, including multiple wallets per user. Out-of-the-box interfaces allow quick integration of authentication and wallet flows, while supporting full customization and white-labeling. Privy is compatible with Solana, Ethereum, and EVM
- and SVM-compatible chains, enabling portability and support for emerging blockchain networks. [2]
Technology
Authentication
Privy Authentication provides a system for verifying the identity of users and applications to control access to wallets and related actions. It supports both user and API authentication, enabling secure, granular control over who can perform specific operations.
For users, Privy provides authentication across Web2 and Web3 accounts, either through its own system or via integration with existing providers. Privy’s authentication methods include email, SMS, passkeys, social logins, OAuth systems, and Ethereum or Solana wallets, with the option to link multiple processes to a single account. Multi-factor authentication (MFA) can be applied to wallet actions for added security. Successful authentication generates a standardized user object and an access token, which can be used for session management or backend requests.
For APIs, Privy uses API secrets and configurable authorization keys to ensure only authorized servers and resources can perform wallet operations, enforcing fine-grained control over all Privy-managed assets. [7] [9]
Tokens
Privy’s authentication system uses three types of tokens—access tokens, refresh tokens, and identity tokens—each serving a specific role in managing user sessions and data access:
Access tokens are short-lived credentials that verify a user's authentication. They are ES256-signed JWTs, typically valid for one hour, and are included in frontend requests to confirm the user’s identity. They can be refreshed automatically via the SDK.
Refresh tokens are long-lived credentials that allow new access tokens to be issued without requiring the user to log in again. They are opaque strings managed securely by the SDK, valid by default for 30 days, and used automatically when access tokens expire or the user returns within the token lifetime.
Identity tokens contain user-specific data, including linked accounts and custom metadata, enabling backend systems to access user information without extra API calls. These tokens are ES256-signed JWTs, usually valid for 10 hours, and refresh automatically when user data changes or access tokens are renewed. [10]
Wallets
Privy provides wallet infrastructure that allows users and applications to transact across multiple blockchains, including Ethereum, Solana, Base, and others. Wallets can be embedded directly into applications for user interaction or managed programmatically via Privy’s API, enabling the instant creation of self-custodial wallets or large wallet fleets. The system uses globally distributed infrastructure and secure hardware to ensure only the wallet owner can access keys, while also supporting connections to external wallets like MetaMask or Phantom.
Embedded wallets can be fully integrated into an application, giving users control over their wallets without exposing keys to the app or Privy. Wallets can be pre-generated for accounts and exported if needed, and applications can guide users through funding, transactions, and signing. Wallet fleets can be managed programmatically with security policies, pre-approved signers, webhooks, and secure key handling using enclaves and key splitting.
Privy supports cross-chain usage, robust transaction controls, on-chain indexing, policy enforcement, multi-party custody, automated gas management, and integrations with on-chain infrastructure and UI components. External wallets managed by third-party clients can also be linked to applications, allowing users to bring their existing assets and accounts onto the platform. [4]
Owners & Signers
Privy manages resources, such as wallets and policies, through owners and signers, who control and execute actions on those resources. Owners have full control, including updating policies, managing signers, exporting keys, and transferring ownership. In contrast, signers have scoped permissions to perform actions like signing transactions but cannot change ownership or policies. Ownership changes require authorization from an existing owner, maintaining the same security guarantees as other sensitive actions.
There are three types of owners and signers: users, authorization keys, and key quorums. Privy user IDs represent users and can own or act on wallets. Authorization keys are P-256 cryptographic keys controlled by servers or devices that enable actions via signed requests. Key quorums combine multiple users and keys with an authorization threshold, allowing requests to require signatures from multiple parties, supporting shared control and complex workflows. [12] [13]
Management
Transactions
Privy provides transaction management tools for businesses to handle digital assets, payments, subscriptions, and movement between fiat and crypto. Its wallets use TEE-secured cryptographic signing and can notify applications of deposits, withdrawals, and other blockchain events. Wallets support configurable control models, allowing single-party, multi-party, or quorum (m-of-n) control. Owners can delegate scoped permissions to other parties, enabling automated actions such as limit orders or portfolio rebalancing, with all actions restricted by policies. Policies can limit transactions by asset type, recipient, chain, gas fees, smart contract parameters, and more.
Privy supports a wide range of blockchains, including all EVM and SVM chains, Bitcoin and its L2s, Stellar, Tron, Cosmos, Sui, NEAR, and TON. Gas management is centralized, allowing businesses to sponsor transactions across wallets and control allocation with policy rules. Webhooks and APIs provide updates on transactions, deposits, and withdrawals, while idempotency keys help prevent duplicate actions, ensuring business ledgers remain synchronized with blockchain activity. [11]
Users
Privy provides a unified user management system that integrates traditional authentication methods with Web3 capabilities. Each user is assigned a unique Privy DID and can link multiple authentication methods and wallets, enabling consistent identification and management of both on-chain and off-chain activity. The core of user management is the user object, which aggregates linked accounts, optional custom metadata, and system information like creation timestamps. Users can authenticate via email, phone, passkeys, or social accounts, all unified under a single profile, allowing multi-method login while maintaining a consistent identity.
Applications can manage accounts dynamically by linking or removing authentication methods, adding custom metadata, controlling access through allowlists and denylists, handling data requests, and monitoring activity. Identity tokens provide secure verification and automatic session refresh, while webhooks notify the backend of user events such as account creation, authentication changes, and metadata updates. Privy also provides ready-to-use UI components for authentication, account linking, profile management, and wallet connection to streamline implementation. [8]
Funding Rounds
On March 19, 2025, Privy announced a funding round led by Ribbit Capital, with participation from Sequoia Capital, Paradigm, BlueYard, and Coinbase, bringing the company’s total funding to over $40 million. The round supports Privy’s work on user onboarding and embedded wallet infrastructure, enabling developers to create secure, seamless applications on crypto rails. [5]
On November 21, 2023, Privy announced an $18 million Series A funding round led by Paradigm, with participation from Sequoia Capital, BlueYard Capital, Archetype, and other existing investors. The round supported the company’s development of wallet connectors and self-custodial embedded wallets, designed to simplify onboarding and authentication for users of on-chain applications. The funding enabled Privy to expand its team and further develop the scalability, security, and usability of its onboarding and identity platform, supporting mainstream adoption of crypto-based products. [6]
Partnerships
- RWA Consortium
- AllUnity
- Stripe
- B3 Open Gaming
- Coinbase Ventures
- Zora
See something wrong?
The Agent Tokenization Platform (ATP):Build autonomous agents with the Agent Development Kit (ADK)