Tatum
Search…
Welcome to Tatum 👋
Introduction
Your First App
Tatum's Architecture
Supported Blockchains & Digital Assets
Testnet vs Mainnet
What's New
API Reference
API Reference
Architecture
Terminology
Building Blocks
Private Key Management
Tatum Dashboard
FAQ
Wallets and Virtual Accounts
NFT Express
What is NFT Express
Mint NFTs with Tatum's NFT Express
Use NFT Express with Your Own Smart Contract
Use NFT Express to Mint NFTs on Solana
Use NFT Express to Mint NFTs on Algorand
Private Key Management
Private Key Management
Private Keys and Mnemonic Phrases
Tatum Key Management System (KMS)
Use KMS to Store Private Keys and Sign Transactions on Bitcoin
Use KMS to Store Private Keys and Sign Transactions on Solana
Gas Pump
Gas Pump - a Dedicated Gas Fees Wallet
Pay Gas Fees with Tatum Gas Pump
Guides
Blockchain
Virtual accounts
Tutorials
How to use Tatum and MetaMask
How to pay fees for token transfers from another address
How to build a custodial wallet
How to build a non-custodial wallet
How to build a crypto exchange
How to create a peer-to-peer NFT marketplace like OpenSea
How to create a peer-to-peer NFT auction
How to migrate to Tatum’s updated NFT marketplace and auction features
Error Codes
polygon.sc.invalid
sc.operation.failed
subscription.invalid
tron.account.not.found
Deprecated Features
Support for EOSIO, Lisk, Neo, Qtum, and Terra (LUNA)
Powered By GitBook
Private Key Management
Your private keys are your most valuable possessions in the blockchain space. Private keys are what hold information as to how much cryptocurrency you have and what you can spend. If you lose your private keys or they are compromised, you will never be able to get your currencies back. The most important part of working with cryptocurrencies and blockchains is the secure management of your private keys.
There are the following options for how Tatum handles private keys to blockchain addresses:
  • sending private keys/mnemonic seeds to Tatum's API directly - This is not recommended in the production environment, and it should be used in a testnet only. Tatum never stores any private keys or mnemonic seeds.
  • using Tatum libraries to create wallets and sign transactions locally on a backend - JavaScript or Java​
  • using Tatum KMS, an external tool to securely generate and store private keys and use them to sign transactions locally. This is the safest and recommended way of working with private keys. Tatum KMS should be installed in the Deny-From-All environment to meet the highest security standards. It is possible to store private keys locally or using an external service, for example, Azure Key Vault. Tatum KMS only communicates with Tatum's API to fetch a list of the pending transactions to sign. After successfully signing and broadcasting transactions to the blockchain, it marks the pending transaction as complete and adds the final broadcasted transaction ID. It supports the 4 eye control mechanism, where pending transactions are controlled in Tatum and the customer system.
Previous
Off-chain
Next - Architecture
Tatum Dashboard
Last modified 2mo ago
Copy link