KrayWallet

Trust

Built for self-custody

Your keys never leave your device. KrayWallet cannot freeze, move, or recover your funds — only you can, with your mnemonic.

The oath: mnemonic never leaves the device · all signatures are local · we cannot freeze or access your funds · your Bitcoin remains yours even if we disappear · the code is open.

Vault encryption

Your seed is encrypted at rest with AES-256-GCM. The encryption key is derived from your password via PBKDF2-SHA256 (210,000 iterations on the PWA; extension uses the same family of primitives). The password itself is never stored — only a temporary session key exists while the wallet is unlocked.

Standards

Local signing

Bitcoin transactions, Ordinals/Runes PSBTs, and L2 authorization messages are signed on your device. Websites never receive your password. Sensitive actions (cancel listing, Dev Scrolls, KrayChat admin, L2 tx messages) always open a confirmation UI in the extension.

Origin approval

On the Chrome extension, the first time an unknown site calls connect() / requestAccounts(), you must approve that origin. Until approved, other API calls are rejected. kray.space (and subdomains) and localhost are auto-approved. Approval is remembered per origin.

What we cannot do

Open source

Audit the extension at github.com/tomkray/kraywallet-extension.