White-label crypto wallet development

White-label Crypto Wallet Development

White-label wallet is not "download MetaMask and put different logo." It's a full product with your brand, your business logic, and your control over user experience. The difference is fundamental: when user works through MetaMask or Trust Wallet, analytics data, entry points, and monetization belong to them. When through your wallet — to you. Below is real architecture, not marketing theses.

Architectural Decisions: What to Choose as Base

Custodial vs Non-custodial vs MPC

First architectural decision determines everything else.

Custodial — keys stored on your servers. User works through login/password. Simpler UX, but: you bear full legal responsibility for assets, license required in most jurisdictions, you become target for hackers. Suitable for B2B products with corporate clients under NDA.

Non-custodial (HD Wallet) — keys generated and stored on user device, BIP-32/39/44 derivation. You cannot recover funds if user loses seed phrase. Standard for consumer-facing products.

MPC (Multi-Party Computation) — private key never exists wholly on any device. Key shares distributed between client and servers. 2-of-2 or 2-of-3 scheme (TSS — Threshold Signature Scheme). Providers: Fireblocks MPC, Web3Auth MPC, Lit Protocol. Golden middle: user doesn't store seed phrase but assets are non-custodial. This direction is industry trend 2024-2025.

SDK and Base Code Selection

WalletCore from Trust Wallet (open source) — C++ core with bindings for iOS (Swift), Android (Kotlin/Java), WebAssembly. 100+ blockchain support. Most mature open source option for multi-chain HD wallet. Integration complexity — high, but cryptographically verified code.

Coinbase Wallet SDK — open source, focus on EVM + Base. Good if your audience oriented to Ethereum ecosystem.

WalletKit from Reown (ex-WalletConnect) — SDK for integrating WalletConnect v2 protocol into your wallet. Mandatory if you want your wallet to work with dApps.

Own implementation — use @noble/curves (Constantine, secp256k1, ed25519) + @scure/bip32 + @scure/bip39. Full control, no dependency on third-party SDK. Justified for specialized products.

Key Technical Components

Key Generation and Storage

Security starts with entropy generation. crypto.getRandomValues() in browser, /dev/urandom on server — only CSPRNG.

import { generateMnemonic, mnemonicToSeedSync } from "@scure/bip39";
import { wordlist } from "@scure/bip39/wordlists/english";
import { HDKey } from "@scure/bip32";

// Generate 24-word mnemonic (256-bit entropy)
const mnemonic = generateMnemonic(wordlist, 256);
const seed = mnemonicToSeedSync(mnemonic);
const masterKey = HDKey.fromMasterSeed(seed);

// BIP-44 derivation: m/44'/60'/0'/0/0 for first ETH address
const ethKey = masterKey.derive("m/44'/60'/0'/0/0");

Storage on mobile: iOS Keychain with kSecAttrAccessibleWhenUnlockedThisDeviceOnly, Android Keystore with hardware binding. No AsyncStorage, SharedPreferences without encryption.

In web — additional complexity: no native secure storage. Options: encrypted IndexedDB (encryption key — derived from password via Argon2/PBKDF2), or abandon browser extension in favor of mobile-first.

Multi-chain Support

Typical set for white-label product 2025:

Each ecosystem is separate provider in code. Abstraction via interface:

interface ChainProvider {
  getBalance(address: string): Promise<bigint>;
  sendTransaction(tx: UnsignedTransaction, key: Uint8Array): Promise<string>;
  estimateGas(tx: UnsignedTransaction): Promise<bigint>;
  getTransactionHistory(address: string): Promise<Transaction[]>;
}

WalletConnect v2 Integration

Without WalletConnect v2, wallet doesn't work with most dApps. Protocol uses relay servers from Reown for message transmission between wallet and dApp via QR-code or deep link.

import { Core } from "@walletconnect/core";
import { Web3Wallet } from "@walletconnect/web3wallet";

const core = new Core({ projectId: YOUR_PROJECT_ID });
const wallet = await Web3Wallet.init({
  core,
  metadata: {
    name: "Your Wallet Name",
    description: "Your wallet description",
    url: "https://yourwallet.com",
    icons: ["https://yourwallet.com/icon.png"],
  },
});

// Handle session proposal from dApp
wallet.on("session_proposal", async ({ id, params }) => {
  const session = await wallet.approveSession({
    id,
    namespaces: buildNamespaces(params.requiredNamespaces),
  });
});

// Handle transaction signing request
wallet.on("session_request", async ({ topic, params, id }) => {
  const { request } = params;
  if (request.method === "eth_sendTransaction") {
    // show user transaction details, get confirmation
    const txHash = await signAndSend(request.params[0]);
    await wallet.respondSessionRequest({ topic, response: { id, result: txHash, jsonrpc: "2.0" } });
  }
});

Balances and Transactions: Data Aggregation

Direct RPC calls to nodes don't scale with multi-chain wallet. Use specialized APIs:

Alchemy / Infura / QuickNode — JSON-RPC access to EVM networks with rate limiting and reliability.

Moralis / Covalent / Ankr Advanced API — aggregated APIs for balances, NFT, transaction history across all EVM networks in one request. Saves 80% of backend code.

TrustWallet Assets — open source repository with token metadata (icons, decimals, contracts) for 100+ networks. Integrate as npm package or self-hosted.

Helius (Solana) — Alchemy equivalent for Solana, with API for tokens and NFT.

Customization and White Label

What's Really Customizable

• Visual branding — colors, fonts, icons, splash screen, onboarding flow. Via design tokens in Tailwind/StyleSheet.
• Supported network list — configuration file, not hardcode.
• Built-in features — enable/disable swap, staking, NFT gallery, fiat on/off ramp.
• Fiat on-ramp provider — MoonPay, Transak, Ramp Network. All provide white-label widgets.
• In-app browser for dApps — WebView with injected EIP-1193 provider.
• Push notifications — Firebase Cloud Messaging + address monitoring via Alchemy Notify.

What Shouldn't Be Rebuilt from Scratch

Cryptographic primitives — never. secp256k1 signature, keccak256, BIP-32 derivation — use verified libraries, not own implementation. Crypto error = user fund loss and your reputational catastrophe.

Mobile App vs Browser Extension

React Native — single codebase for iOS and Android. react-native-quick-crypto for native cryptography (10–100x faster than JS implementation). Expo SDK simplifies build, but limits native capabilities — for production wallet better bare React Native.

Browser Extension — Manifest V3 (Chrome/Firefox/Edge). service_worker instead of background_page, creating difficulties with persistent WebSocket connections. Use Plasmo framework — significantly simplifies extension development with hot reload.

Web App (PWA) — most accessible option but with limitations: no native secure storage, limited biometric access, no deep links for WalletConnect.

Security and Compliance

Biometric authentication — TouchID/FaceID on iOS, BiometricPrompt on Android. Mandatory for any production wallet. Doesn't replace encryption but protects access to decrypted key in memory.

Jailbreak/root detection — react-native-jail-monkey or native checks. On detection — warning or full blocking.

Certificate pinning — for backend API. Prevents MITM attacks via compromised CA.

Transaction simulation — before signing show user expected balance changes. Integrate Tenderly Simulation API or Blowfish (specialized in security checks, detects drainer contracts).

Timeline and Budget

Realistic estimate: most clients start with MVP for specific network, then iteratively expand. This is correct — trying everything at once is expensive and risky.