GameShift allows developers to provision blockchain wallets for their users, allowing them to individually manage their GameShift-created game assets. GameShift can provision user wallets that are non-custodial but benefit from customized and game-branded user interfaces for transaction approvals.

These provisioned wallets use MetaKeep to provide safe non-custodial wallets to users while saving them from the risks and complexity of managing their own keys. MetaKeep uses industry standard high-security physical devices (known as hardware security modules) dedicated to storing user private keys. The hardware security modules aggressively guard private keys, and are specifically designed to never export a user's private key. This means that GameShift and MetaKeep never see the user's private keys. Therefore, all transactions that must be signed for acceptance must be sent into, and signed within, the hardware module.

In order to ensure the wallet is non-custodial, the end user for each GameShift/MetaKeep provisioned wallet must sign each transaction. This condition is enforced by the hardware module itself, which generates a challenge requiring third-party user authentication outside of GameShift and MetaKeep. Currently, this secondary form of authentication utilizes codes sent to the user's email address.

When you register a user with GameShift, a unique cryptographic private key is generated and stored within the hardware security module, locked to the user's email address. The user doesn't see anything during the registration process and is not provided with the private key. If you have multiple games on GameShift, each game must register the user individually.

MetaKeep holds multiple pending patents on its wallet implementation.

External Wallets

To support users that wish to use their own wallets instead of GameShift's, we have added the ability to register users with a single wallet address. All GameShift features seamlessly support users with external wallets. For any GameShift action that requires user consent, rather than presenting the user with a consent flow, our API will present the transaction to the user's chosen wallet software.

Note that the details of user-held assets that GameShift provides on our API may differ from what is displayed in the user's wallet software. While we use commonly accepted approaches for writing data on-chain, we cannot control how each wallet software fetches, updates, and renders those data in the user-facing wallet software.

Registering an External Wallet

At the time of registering a user, you must select either an external wallet or a GameShift wallet. Users that already have been registered with an email will not be able to be updated with an external wallet address. Likewise, a user that has been registered with an external wallet cannot later be switched to GameShift wallet.

To create a user with an external wallet, a single external wallet address must be provided along with a distinct email. This means that you cannot re-use emails between users.

Here is an example payload for registering an external wallet user via /v2/users (POST):

  "referenceId": "example",
  "email": "[email protected]",
  "externalWalletAddress": "<user's Solana wallet address>",

Wallet Support

By default, GameShift supports all wallets that are included with the Solana Wallet Adapter package. Our consent screen will allow users to use whichever wallets the user has installed in their browser. To find more information about supported wallets, please see the open source documentation here:

We have tested all of our endpoints for Phantom, Glow, and Backpack. If issues arise with other wallets please send us a support email.

Transaction Signing

External wallet users are responsible for paying their own transaction fees, which require their wallets to hold a sufficient balance of SOL tokens.

All GameShift actions that require a transaction signature return a consent URL which you must present to the user. The URL will automatically orchestrate the appropriate consent and transaction signing steps for the user based on their wallet type. The consent screens for external wallets are different from the screen used for GameShift wallets.

Step 1 - Connecting to the User's Wallet

GameShift maintains a persistent connection to the user's wallet as long as possible. If we cannot detect the user's wallet, the transaction flow prompts the user to connect their wallet.

GameShift Wallet verification step


External wallet verification step

Step 2 - Request Signing

GameShift will present a description of the transaction and simultaneously prompt the user's wallet to sign the transaction. For example, this consent screen is shown for transferring, listing and canceling listings for an asset.

GameShift Wallet consent screen

External wallet consent screen

Purchasing an asset with an external wallet will require the user to click a ‘Connect Your Solana Wallet’ button, and then use the same wallet that they registered with to complete the purchase.

Common Errors For External Wallets

Wrong wallet connected:

This happens when the user has connected a wallet for a different address than the one associated with their GameShift user registration. Connecting the wrong wallet will pop up an error message on the consent screens.

External wallet selection and error screens