Smart Contract Wallet
Each Passport user has a smart contract wallet deployed on Immutable Chain. This enables:Gasless Transactions
Gasless Transactions
Immutable sponsors gas for approved operations. Players never need to buy IMX just to play.
Pre-Approved Transactions
Pre-Approved Transactions
Whitelisted game contracts can execute instantly without confirmation popups—critical for real-time gameplay.
Social Recovery
Social Recovery
Policy Enforcement
Policy Enforcement
Rate limiting, spending limits, and fraud detection protect users from malicious actors.
Contract Source Code
Passport’s wallet contracts are open source:Wallet Contracts
View the smart contracts powering Passport wallets
Audits
| Component | Auditor | Report |
|---|---|---|
| Wallet Contracts | Trail of Bits | View on GitHub |
How Passport Works
Passport wallets are controlled by a 2-of-2 multisig. Every transaction requires signatures from two separate keys:| Key | Stored By | Purpose |
|---|---|---|
| User Key | Magic | Downloaded to the user’s device to sign transactions. Only the user can initiate transactions. |
| Guardian Key | Immutable | Enforces security policies: rate limits, spending caps, fraud detection, and protection against malicious games. |
Immutable never has access to the User Key. All transactions must be signed directly on the user’s device—we cannot move funds without user action.
Key Generation Flow
When a user authenticates with Passport:- User logs in via Immutable’s OAuth flows (Google, Apple, email, etc.)
- Magic’s infrastructure securely generates and stores the User Key
- The User Key is downloaded to the user’s device for signing transactions
- Immutable’s Guardian Key co-signs to enforce security policies
Security Guarantees
| Property | Guarantee |
|---|---|
| Non-custodial | User controls their private key |
| No unilateral access | Immutable cannot move funds without user action |
| Recoverable | Lost device? Log in again with same identity provider |
| No seed phrases | Key tied to authenticated identity |
Comparing Wallet Solutions
Passport combines the best aspects of traditional and embedded wallets:| Feature | MetaMask | Privy / Magic | Passport |
|---|---|---|---|
| Onboarding friction | High (extension, seed phrase) | Low (social login) | Low (social login) |
| Transaction friction | High (manual approval) | Low | Low + pre-approved options |
| Cross-app identity | ✅ One wallet everywhere | ❌ New wallet per app | ✅ One wallet everywhere |
| Cross-device access | ❌ Manual seed import | ✅ Login to access | ✅ Login to access |
| User owns keys | ✅ | ✅ | ✅ |
| Gaming optimized | ❌ | ❌ | ✅ Pre-approved transactions |
The Problem with Traditional Embedded Wallets
Services like Privy and standalone Magic create a new wallet for each application. This fragments users across many addresses:- Scattered assets: NFTs and tokens split across wallets
- No unified identity: Can’t build cross-game reputation
- Portfolio confusion: Users don’t know where their assets are
Passport’s Approach
Passport solves this by providing one wallet that works across all Immutable games and apps:- Same address everywhere on Immutable
- Assets visible in any Passport-enabled app
- Build reputation and history across the ecosystem
- Still get the low-friction embedded wallet experience