Generalized Delegated Key Management Service

Generalized Delegated Key Management Service

⁠This feature requires an enterprise agreement

Contact Sales


Generalized Delegated Key Management Service, or G-DKMS for short, provides developers with a mechanism to encrypt and decrypt private user data. It leverages Magic’s patented Delegated Key Management System to encrypt any data in the secure iframe using the user's private key. From there, developers can store the data via any mechanism - Magic does not store the data. The data always remains private and secure - developers and Magic cannot manipulate the data.



Only available in Dedicated Wallet.

G-DKMS SDK methods are available via the Web client-side SDK.


To leverage G-DKMS a developer can call the following two methods after a user has been logged in:

01const cipherText = await magic.gdkms.encryptWithPrivateKey('hello world');
02// <- "U2FsdGVkX19CZ2XlS839ihS7J9cXPw8cTzCVabagdGw="
04const message = await magic.gdkms.decryptWithPrivateKey('U2FsdGVkX19CZ2XlS839ihS7J9cXPw8cTzCVabagdGw=');
05// <- "hello world"

This is an Enterprise only feature - please reach out if you’re interested to learn more.

Generalized Delegated Key Management Service