Skip to main content

Secure OTP Generation and Transaction Signing for Custodied Wallets

Owners of Vottun custodied wallets can launch transactions on their assets that require a private key on the blockchain. To do this, and in order to avoid the friction of using private keys, an otp generated by authorization software or by mail is used.


  • The custodied wallet owner, your user, initiates a mutable transfer transaction.
  • The Vottun OTP generation endpoint, invoked by you from backend, creates a unique OTP with a 120-second lifespan.
  • An email containing the OTP and transaction details is sent to the custodied wallet owner.
  • The custodied wallet owner receives the email, extracts the OTP, and uses it to sign the mutable transfer transaction, this means you need to ask him for that otp before request the mutable transaction.
  • The signed transaction and OTP are submitted to the transaction processing endpoint.
  • The processing endpoint verifies the OTP's validity and the integrity of the signed transaction.
  • If the OTP is valid and within the timeframe, the mutable transfer transaction is processed securely.