Treasury and minter key considerations
- Different types of wallets
- Different purposes for wallets
Introduction
Game developers building in web3 need a secure and robust treasury to manage their funds. They need a secure setup that prevents these assets from being compromised and stolen, however also need to access these funds on a regular basis. There are a number of options both from the wallet standpoint (hot or cold) and from the layer 1 and layer 2 perspective that is important to keep in mind.
Different types of wallets
Hot wallets
Hot wallets are where the private key is stored on a device that is connected to the internet. This vastly decreases security as a hacker can compromise the device remotely. However, they are far more convenient for automation of executing transactions.
If there is a need for a hot wallet for programmatic transfers then we recommend taking the utmost security measures to ensure the private key isn’t compromised. A compromised private key is a compromise of the funds on that wallet and should be taken very seriously. In a cloud environment we recommend using a key management service such as Amazon KMS or Azure Key Vault in combination with the IMX client.
In using a hot wallet to transfer funds, developers can maximise security by building a back end process that automatically maintains a specific ratio of funds between the cold wallet and hot wallet. This would then transfer automatically between the two wallets and minimize exposure if the hot wallet was to get exposed.
Cold wallets
Cold wallets store the private keys on a device that is entirely offline and has likely never been online. This vastly improves the security as a malicious actor would need to get physical access to the device.
We generally recommend that the bulk of a treasury is stored in a cold wallet for security purposes. This can either be a hardware wallet or an air-gapped computer. The most reputable hardware wallets are:
Smart contract wallets (e.g. Gnosis Safe)
Compared to hot and cold wallets that control funds via a single private key (i.e. a single signature), smart contract wallets use smart contracts to control funds - often via multiple signatures. In general, these are the wallets considered the most ‘secure’ in the industry and are best practice to hold funds. The most prominent of these smart contract wallets is Gnosis Safe.
These smart contract wallets work by allowing users to create a wallet with any amount of owner addresses and then designating how many of those owner addresses are required to approve a transaction.
Different types of wallet purposes
An important consideration for wallet setups is the purpose of each wallet used in the project.
Treasury wallet: Holds the cryptocurrency reserves for your project. These funds are used for project related activites that require capital eg operations, marketing, or partnerships.
Minter wallet: Holds the permissions and keys to mint new tokens. These are often used when creating new assets or currencies in a game.
In building out your primary sale (either on zkEVM or Immutable X), it’s recommended to separate the responsibilities of each wallet so only some are responsible for minting / transferring funds whereas others are responsible for holding funds. In practice, this would involve multiple hot wallets, where the treasury-specific hot wallet would transfer funds (if required) to the minter hot wallet to execute the mint.