Skip to main content
All CollectionsAccounts
Why do I need to enable Derive?
Why do I need to enable Derive?
Updated over 3 months ago

Session keys allow the user to trade on Derive without needing to sign every trade in their wallet

When onboarding to a new device for the first time, Derive prompts a user to sign an transaction to "Enable Derive".

This step creates an encrypted session key stored securely in the user's browser that allows the user to trade on the Derive Protocol without needing to sign every trade with their wallet. This enables smooth, one-click trading with no wallet popups or confirmations.

Crucially, session keys cannot withdraw funds from a user's wallet. They can only trade, transfer and deposit funds on subaccounts owned by the wallet.

Session keys are also encrypted in the browser. A session key can only be decrypted when a user has signed into the Derive app with a valid signature from their wallet. These wallet signatures are cleared when the user signs out, and they expire after 2 weeks.

Users can also revoke their session keys at any time in settings.

Did this answer your question?