.avif)
At Turnkey, we've always been at the forefront of wallet infrastructure innovation – from pioneering TEE-based private key management to driving forward wallet infrastructure as verifiable cryptographic primitives. Now, we're taking another industry-first step with our IndexedDB integration.
Moving beyond iframes and LocalStorage
Until now, developers have had limited solutions on browsers and progressive web applications (PWAs) to manage session private keys used for request signing. Teams have typically been given two options: iframe implementations or frontend LocalStorage. While these approaches have been the industry standard, they can create friction for developers and come with a larger surface area for potential vulnerabilities.
With IndexedDB, we're shifting the paradigm completely. Session management just became that much simpler, offering developers a secure alternative that eliminates the need for complex iframe setups, while maintaining the highest performance standards that your applications demand.
Security without compromise
While iframes and IndexedDB offer similar security postures on the surface, IndexedDB provides a crucial advantage: session persistence for a seamless user experience. Third-party iframe implementations, by contrast, are inherently fragile—browsers can clear an embedded key at any time (e.g., during cache clean-ups, privacy purges, or site-data evictions), forcing users to re-authenticate.
When integrated with Turnkey, IndexedDB-stored private keys remain completely opaque and hidden from the JavaScript runtime, delivering reliable persistence and an additional layer of protection that simply wasn’t possible with traditional approaches.
The traditional approach to private key management through local storage mostly enables implementations where JSON web tokens (JWTs) that give complete unrestricted access to a signer are stored in the frontend in plaintext. In contrast, our new IndexedDB solution ensures that your security approach never has to be compromised for the sake of developer convenience. We believe this represents a fundamental shift in how the industry should approach session management.
IndexedDB provides a superior developer experience
IndexedDB provides a smoother alternative to iframe-based setups, where developers must use the embedded key connected to an end user in the iframe to generate an API key for every request made to Turnkey. Now, teams can directly enable session signing keys within their applications instead.
The streamlined workflow is elegant in its simplicity: applications generate keys, store them securely in IndexedDB, and sign requests sent directly to Turnkey for verification based on their configuration. This approach eliminates authentication headaches while delivering a sleeker developer experience across the board.
Beyond improved security and developer experience, IndexedDB solves critical session persistence issues that have plagued web3 applications, enables verifiable sessions, and provides a substantially enhanced one-time password (OTP) experience. These improvements compound to create a more reliable and user-friendly foundation for your applications.
Secure, flexible, and scalable wallet infrastructure
As the first wallet infrastructure solution to utilize IndexedDB for session keypairs and storage, we're once again setting the standard for what's possible in web3 infrastructure. This innovation builds on our track record of industry firsts, from our TEE-based approach to private key management, to open-sourcing our computation layer (QuorumOS).
The introduction of IndexedDB represents more than just a new feature. We know that there’s a better way than the status quo of iframes and LocalStorage, and we're making it available to developers today.
Ready to upgrade?
IndexedDB is available for developers who are ready to move beyond the limitations of traditional iframe keypair encryption techniques (HPKE) and LocalStorage methods where private keys are extractable. Whether you're building the next generation of DeFi applications, consumer crypto products, or crypto payments solutions, Turnkey provides the security, developer experience, and technical sophistication your project deserves.
The future of session management is here, and it's more secure, simple, and more powerful than ever before.
How to migrate (~2 minutes)
Upgrade the client SDKs to the newest versions which now leverage the indexedDbClient:
- @turnkey/sdk-browser → 5.x
- @turnkey/sdk-react → 5.x
- @turnkey/indexed-db-stamper → latest
For more support check out:
Questions? Just send us an email at hello@turnkey.com or ping us in our support channel on Slack. Thanks for building with Turnkey!
Related articles
