Recover Wallet by Secret

Recover Wallet By Secret

API Documentation: Recover Wallet By Secret


This API endpoint allows you to recover an MPC wallet by secret file which was generated when create a new MPC wallet. This API endpoint is useful when user loses access to their existing account but have their own secret and want to recover their existing account to a new account

  • HTTP Method: POST
  • Endpoint: /api/v1/account/recover

Request Body Parameters

  • file (required): The file containing the secret from the end user's device, created when initially creating the wallet.
  • expireDate (optional): The expiration date for the JWT token generated from the response.

File in request body parameters must be a file with extension .xellar, containing secret0 value from Create Wallet Endpoint or Recover Wallet By Secret Endpoint.


Request Headers

  • Authorization (required): JWT token which was generated when user login and do not have an MPC wallet.
  • x-client-secret (required): Client secret which was generated when register in Xellar MPC API Service Dashboard.

Example Request Syntax

curl -X POST -H "Content-Type: application/json" -H "x-client-secret: $YOUR_CLIENT_SECRET" -H "Authorization: Bearer $YOUR_ACCESS_TOKEN" -F "file=@/path/to/secret_file" -F "expireDate=2024-10-02"


The response will include a JSON object with the following properties:

  • status (number): The HTTP status code of the response (e.g., 200 for success).
  • message (string): A message providing additional information about the operation.
  • data (object): An object containing the user access token, secret0, secret0Link & wallet address.
    • walletToken : JWT token used to access the Wallet Operation endpoint.
    • secret0 : The encrypted secret that user’s need to save in order to recover their wallet if user lose access to the account.
    • secret0Link : Temporary link to download recovery file. The value is same as secret0 value, but it is already saved in .xellar file. The link will be expired in 5 minutes after being created.
    • address : User’s MPC wallet address.

Example Response

    "status": 200,
    "message": "Recover wallet successfully",
    "data": {
        "walletToken": "your_access_token_here",
        "secret0": "your_secret_here",
        "secret0Link": "",
        "address": "your_address"

Remember to save secret0 value from response data to file with file extension .xellar. This file will be useful if user want to recover their wallet to new account.