# Key Management

When users register for a Sodium Wallet account, a smart contract will be deployed on the chain for each user, which will store the data and logic related to the account.

In the Sodium Wallet smart contract, users manage their accounts with session keys. When users log in on a new device, a session key will be generated locally and the public key of the session key will be submitted to the Sodium Network for decentralized identity authentication and MPC signature. The session key and MPC signature will be encrypted and stored locally in a secure storage (keychain).

<figure><img src="/files/F74zmDIhHY0EqOjZPeCl" alt=""><figcaption></figcaption></figure>

**Non-Custodial Solution**

With Sodium, users maintain full control over the ownership and access to their cryptographic key pair. Login services only ever have access to one share, making it impossible for the provider to obtain the user's private key independently.

**Web 2.0-like Login Experience**

On a day-to-day basis, Sodium allows access to a user's key pair through login flows that closely resemble those of Web 2.0, significantly enhancing user experience and facilitating onboarding.

**Enhanced Key Recovery and Redundancy**

In case of a lost device or share, the built-in redundancy of the share threshold enables users to recover their keys. Moreover, it is possible to refresh shares, effectively revoking lost ones.

This method is more robust than relying on a seed phrase written on paper. While losing a seed phrase grants full access to the private key, losing a share is acceptable as long as the user does not lose more than one share without refreshing the existing ones.

**Incremental Security**

Users can boost the security of their key by raising the 2/3 threshold to a higher value. For instance, increasing the threshold from 2/3 to 3/4 and adding another authentication factor, such as a hardware device, can provide additional protection. This may be necessary if the user's private key holds substantial amounts of cryptocurrency.

**Chain/Platform Agnostic via Native Signatures**

Sodium's resulting interface is a native cryptographic key pair, ensuring compatibility with a wide range of cryptographic constructs across various platforms and elliptic curves. Off-chain secret sharing and share refresh further broaden Sodium's applicability, even on blockchains with limited smart contract functionality.

**Censorship Resistance**

The 2/3 threshold also offers resistance against censorship by Torus nodes. If nodes refuse to return the user's private key share after successful authentication, the user can still reconstruct their private key using ShareA (device share) and ShareC (recovery share).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://sodiums.gitbook.io/sodium-documentation/overview/key-management.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.