FAQ

We've adopted an architecture called Delegated Key Management, where keys are generated on the client-side and encrypted directly with AWS KMS through Cognito, without Fortmatic ever seeing the private key at any part of the flow. You can read more about it in our more comprehensive security blog post!

Magic and Fortmatic can be thought of as two different ways to onboard users to your decentralized application. Both are Ethereum wallets, and both use the same underlying Delegated Key Management architecture developed by Fortmatic. Key differences are below.

1. Authentication - Fortmatic onboards users with email/phone number + password. Magic onboards users with just their email, phone number, or social provider (oauth) and is completely passwordless.

2. UI - Fortmatic comes with the default widget, where users sign messages and submit transactions. Magic does not come with any default UI, aside from the hide-able popup modal after a user submits their email.

3. User space - A user logging into Fortmatic will access the same address regardless of the application they’re logging in from. Users logging in via Magic get an account specific to that app.

4. Blockchain support - Fortmatic supports Ethereum only. Magic supports Ethereum, Bitcoin, Polygon, Polkadot, Tezos, Near, Solana, Zilliqa, ICON, and more.

5. Native Mobile support - Magic has sdks for React Native, iOS, Android and Flutter. Fortmatic only supports web apps.

Examples of Magic - tokensets.com, tryshowtime.com, polymarket.com, oasis.app, async.art, plotx.io, sportx.bet and more.

Examples of Fortmatic - tokensets.com, app.uniswap.org, zerion.io, rarible.com, superrare.co, opensea.io and more.

Fortmatic imposes a rate limit on API keys of 720 requests per minute. This is to ensure that not one developer takes up the entire quota from other developers. One way to bypass this is to switch to your own custom node provider.

The US Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) administers and enforces comprehensive and targeted economic and trade sanctions programs. The OFAC sanctions programs includes various published lists of individuals and entities, which US persons are prohibited from transacting with or providing services to, as well as comprehensively sanctioned countries and regions including Cuba, Iran, North Korea, Syria, and the Crimea region, the Donetsk People’s Republic (“DNR”) and Luhansk People’s Republic (“LNR”) of Ukraine.

Fortmatic does not permit access to its websites or Delegated Key Management architecture to end users of websites or mobile applications in any jurisdiction that is subject to OFAC comprehensive sanctions. Customers attempting to log in from one of these prohibited regions will be prevented from accessing our website or Delegated Key Management architecture. Should a customer attempt to access our websites or an application that utilizes Fortmatic's key management solution from a prohibited region, access will be denied and the customer will receive notification that he/she is attempting to log in from a prohibited region.

Please note that attempted access to the Delegated Key Management system from a prohibited region will also result in restricted access to your |Fortmatic account/wallet. If you ordinarily reside in a non-prohibited region, you may request Fortmatic to restore your access once you log in from that non-prohibited region, subject to your cooperation with any requests for information and verification necessary to establish sanctions compliance.

To learn more about the U.S Treasury and the Office of Foreign Assets Control (“OFAC”), please visit their website.

Fortmatic does not have a token and there are no plans to create one.

Fortmatic is a user-friendly Ethereum wallet. You don't have to download a browser extension or remember a seed phrase in order to use it, just need your email or phone number. You can access your Fortmatic wallet from a desktop or mobile phone using any modern browser.

Fortmatic is best used by connecting to popular dapps, like Zerion, Uniswap or Opensea, rather than as a standalone wallet.

Fortmatic has developed a patented key management solution. This delegates key encryption to a trusted third party, AWS's Key Management Service. At a high level, what this helps us accomplish is that users can directly interact with AWS’ KMS on the client-side — completely bypassing the Fortmatic backend for encryption and decryption operations, non-custodial since we’ll never “see” users’ private keys, and therefore improving our trust among developers and users.

For users to access their Hardware Security Modules within AWS KMS, they authenticate with the Fortmatic relayer. Upon successful authentication, users receive a time-bound access token, which is traded for scoped credentials, and in turn, allows the client to interact with AWS directly. The scoped credentials exclusively enable users to call the AWS to access their master keys stored on the HSM for encryption and decryption. This mechanism bypasses the Fortmatic backend entirely, and Fortmatic cannot forge nor intercept the scoped credentials because they are generated by the operations exclusively between the clients and AWS.

When a user signs up, a public-and-private key-pair is generated on the client-side for the user inside an iframe, inaccessible by the integrated app. After encryption of the keys with the HSM, the encrypted key is then stored on the client-side iframe as well as uploaded to the Fortmatic relayer for redundancy, in case the encrypted key on the client-side is wiped out. When users authenticate again, the encrypted private key will be downloaded to the client. Users then can decrypt the encrypted private key directly with AWS, and all Web 3 primitives are done on the client-side bypassing Fortmatic backend.

A deeper dive into Fortmatic's Key Management architecture can be found here.

Fortmatic does not have a mobile app, but users can use Fortmatic to connect to dApps on any mobile web browser like Google Chrome.

Fortmatic is not currently available as a downloadable, standalone application. Fortmatic is a wallet for users to connect to popular dapps.

Fortmatic also does not have a mobile app.

No, users of Fortmatic do not need a Github account. The Github login is only meant for developers who are adding Fortmatic as a wallet option on their app.

Fortmatic is a wallet separate from any other wallets or exchanges you may use. If you'd like to use the same ethereum address as you use on Fortmatic for another wallet software, you can follow the guides for export your private key from Fortmatic and importing it to your other wallets.

1. We recommend logging into Zerion with your Fortmatic wallet to view and transfer funds.

2. You can also enter your Ethereum address into https://etherscan.io to view your tokens. See here for getting your Ethereum address.

You should be able to view your wallet address on any of the apps you log into with Fortmatic.

You can also visit Fortmatic.com --> Wallet --> Login / Signup --> Click the profile icon in the top left --> Add to Balance --> Fund from Wallet or Exchange

On Fortmatic

Fortmatic.com --> Wallet --> Login / Signup --> Click the profile icon in the top left --> Add to Balance

You can

1. purchase Ethereum through our third party provider, Moonpay, using a Debit or Credit Card

2. or you can deposit crypto you already own into your account.

On Zerion

1. Connect to your Fortmatic wallet on Zerion.

2. Click "Add Funds"

3. Choose any of the options below

If you run into the below message, you'll need to reset your password.

Wrong Credentials: The password or phone number you entered is incorrect. Please try again.

To reset your password follow these instructions

For email login

1. Fortmatic.com --> Wallet --> enter your email --> click "log in" 2. Click "forgot password" 3. Enter your email again 4. A temporary password will be emailed to you 5. Grab the temporary password from your email inbox (make sure to not copy/paste any extra whitespace) 6. Go back to fortmatic.com 7. Enter your email 8. Enter the temporary password 9. Create a new password 10. Enter the 6 digits emailed to you (or your 2FA through your authenticator app) 11. You should be able to log in

Here's a video showing you how

https://www.loom.com/share/a5fc7d8a63f14755934d09cfbef9dcc0

If following the above instructions didn't work for you, double check that

1. you are not copy/pasting any extra whitespace from the emailed temporary password 2. you are not mis-typing any characters such as an "i" instead of an "l" or an "o" instead of a "0"

For phone number login

If you have a recovery email connected to your phone number login, you can use that to reset your password. If you don't, message us on Fortmatic.com. Due to SIM swapping vulnerabilities, we manually process password resets for phone number logins.

There are two possibilities for logging into a new wallet address.

1. Sometimes confusion arises when a user creates an account with email, expecting it to automatically connect to the same address as their phone number login. We only associate email and phone numbers to the same address if a user explicitly signs up with a phone number first, then adds the email address as a backup. View our other article on connecting accounts.

2. If you exported your private key completely out of Fortmatic, the next time you log in, you’ll be generated a new wallet address.

Users often create Fortmatic wallets with both their email and phone number. Fortmatic has no way of knowing which emails and phone numbers belong to the same users, so users have to explicitly connect the two.

Since a single email or phone number cannot be connected to multiple wallet addresses or Fortmatic accounts, the only way to connect your email and phone number to the same wallet address / account is by

1. Creating a wallet with your phone number 2. Visit Fortmatic.com --> Wallet --> Login / Signup --> Edit Email 3. Add an email that is NOT already connected to a Fortmatic wallet

Once completed, you'll now be able to log in with either your phone number OR recovery email to access your same account. The 6-digit OTP sent after entering your password will still get sent to the phone number on file even if there's an attached email to the account.

Note: Fortmatic does not support adding multiple emails to a single account, only one phone number and one email address.

To delete your Fortmatic account, please submit a request to privacy@magic.link and include the phone number and or email connected to the account you want deleted.

If you created a Fortmatic wallet with a phone number you no longer have access to, you still may be able to recover the account.

1. If you have 2FA enabled already, you won't need access to your old phone number as the 2FA code will come from the authenticator app, rather than an SMS.

2. If you have a recovery email connected to that phone number account but no 2FA on, please submit a request to regain access to your account.

When you first enabled 2FA, a file was downloaded to your computer called Fortmatic-2FA-Emergency-Backup.png.

You can scan the QR code in the image with an authenticator app to recover your 2FA codes.

Fortmatic does support Polygon, but developers need to configure connecting to that network on their app. Until more apps allow you to change networks using Fortmatic, you'll need to follow the instructions below to access funds sent to your Fortmatic wallet over the Polygon network.

1. Export your fortmatic private key (as a backup only)

2. Import the .json file that gets downloaded into Metamask

3. Connect Metamask to Polygon following this documentation https://docs.polygon.technology/docs/develop/metamask/config-polygon-on-metamask

Note: Similar to how Ether is required to pay for gas fees on the Ethereum network, MATIC is the native token to Polygon. You will need to acquire MATIC tokens in your wallet on Polygon to pay for gas fees to transfer your assets.

1. Visit https://app.zerion.io/connect-wallet and login with Fortmatic

2. Zerion will give you a dashboard-view of all your assets. Click "Send" in the top right corner

3. Choose from all the assets in your wallet to transfer to any other wallet address

Not seeing funds in your wallet? See Funds not in my wallet.

1. We recommend logging into Zerion with your Fortmatic wallet to view and transfer funds.

2. You can also enter your ethereum address into https://etherscan.io to view your tokens. See here for getting your ethereum address.

On Fortmatic

Fortmatic.com --> Wallet --> Login / Signup --> Click the profile icon in the top left --> Add to Balance

You can

1. purchase Ethereum through our third party provider, Moonpay, using a Debit or Credit Card

2. or you can deposit crypto you already own into your account.

On Zerion

1. Connect to your Fortmatic wallet on Zerion.

2. Click "Add Funds"

3. Choose any of the options below

Enter Ethereum address into https://etherscan.io to view the transaction history of your wallet.

Find your wallet address by visiting Fortmatic.com --> Wallet --> Login / Signup --> Click the profile icon in the top left --> Add to Balance --> Fund from Wallet or Exchange

If you deposited funds to your wallet but don't see them, there are two likely scenarios here.

1. You may have multiple Fortmatic wallets that are not connected (i.e. one with your email, another with your phone number), and not logged into the correct one. First, verify that you are logged into the correct Fortmatic wallet.

If you can't find your wallet address on the app you logged into, you can find it by going to Fortmatic.com --> Wallet --> Login / Signup --> Click the profile icon in the top left --> Add to Balance --> Fund from Wallet or Exchange. Enter that address into https://etherscan.io to verify which tokens are in your account.

2. If you transferred from an exchange like Binance or Coinbase, it can take up to 30 minutes. You can enter the transaction hash provided by the exchange, or your Fortmatic ethereum address on https://etherscan.io to view the status of that transaction, and any transaction history of your wallet.

3. If transferring from Binance, verify that you did NOT transfer funds over Binance Smart Chain network. You can verify this by entering the transaction hash into https://bscscan.com and if the transaction hash brings you to a valid transaction, it was sent over that network instead of Ethereum mainnet. If you did transfer over BSC, follow this article for how to access those funds.

1. If you purchased crypto using a Debit / Credit Card, that transaction can take up to a few business days to process and for the funds to be deposited into your account. You can contact the company that processed that transaction (likely Moonpay) to get an update on the status of your purchase.

2. If you transferred from an exchange like Binance or Coinbase, it can take up to 30 minutes. You can enter the transaction hash provided by the exchange, or your Fortmatic ethereum address into https://etherscan.io to view the status of that transaction, and any transaction history of your wallet.

Find your wallet address by visiting Fortmatic.com --> Wallet --> Login / Signup --> Click the profile icon in the top left --> Add to Balance --> Fund from Wallet or Exchange

3. If transferring from Binance, verify that you did NOT transfer funds over Binance Smart Chain network. If you enter the transaction hash into https://bscscan.com and it brings you to a valid transaction, it was sent over that network instead of Ethereum mainnet. If you did transfer over BSC, follow this article for how to access those funds.

Fortmatic supports all Ethereum based tokens, including ERC20 tokens and NFTs (ERC721, ERC1155).

To speed up a stuck transaction, you are essentially re-sending the same transaction with the same nonce value and a higher gas cost to get it confirmed by the network faster.

To cancel a pending transaction, you are sending a zero-value transaction to yourself with the same nonce as the pending transaction and higher gas price than the pending transaction so it gets picked up and the pending one gets dropped.

You can connect to your Fortmatic wallet on https://cancel-ethereum-transactions.web.app/

Which should you choose?

Fortmatic supports Binance Smart Chain, however as a user transferring funds out of your Fortmatic wallet over BSC, you'll need the underlying dApp to support that. Until more dapps do, we recommend you trasfer over Ethereum (ERC20).

I already sent funds over BSC not Ethereum - how do I access them?

You can verify that the funds are in your Ethereum wallet on Binance Smart Chain by entering your address into https://bscscan.com/.

To regain access to the tokens sent to your Fortmatic wallet over BSC, you'll need to:

1. Export your Fortmatic private key (as a backup only)

2. Import the downloaded .json file to Metamask

3. Connect Metamask to Binance Smart Chain - https://docs.binance.org/smart-chain/wallet/metamask.html

Fortmatic does support Binance Smart Chain, but developers need to configure connecting to that network on their app. Until more apps allow you to change networks using Fortmatic, you'll need to follow the instructions below to access funds sent to your Fortmatic wallet over BSC.

1. Export your fortmatic private key (as a backup only)

2. Import the .json file that gets downloaded into Metamask

3. Connect Metamask to Binance Smart Chain following this documentation https://docs.binance.org/smart-chain/wallet/metamask.html

Fortmatic does not support Ethereum Classic (ETC).

If you sent Ethereum Classic (ETC) to your Fortmatic wallet, follow the instructions for exporting your Fortmatic private key, then importing it to another wallet software that supports ETC to access those funds.

If you run into the below message, you'll need to reset your password.

Wrong Credentials: The password or phone number you entered is incorrect. Please try again.

To reset your password follow these instructions

For email login

1. Fortmatic.com --> Wallet --> enter your email --> click "log in" 2. Click "forgot password" 3. Enter your email again 4. A temporary password will be emailed to you 5. Grab the temporary password from your email inbox (make sure to not copy/paste any extra whitespace) 6. Go back to fortmatic.com 7. Enter your email 8. Enter the temporary password 9. Create a new password 10. Enter the 6 digits emailed to you (or your 2FA through your authenticator app) 11. You should be able to log in

Here's a video showing you how

https://www.loom.com/share/a5fc7d8a63f14755934d09cfbef9dcc0

If following the above instructions didn't work for you, double check that

1. you are not copy/pasting any extra whitespace from the emailed temporary password 2. you are not mis-typing any characters such as an "i" instead of an "l" or an "o" instead of a "0"

For phone number login

If you have a recovery email connected to your phone number login, you can use that to reset your password. If you don't, message us on Fortmatic.com. Due to SIM swapping vulnerabilities, we manually process password resets for phone number logins.

If you are entering your email, password, and 2FA code and automatically being redirected back to the login screen over and over again, without any error messages displayed, check your computer's clock. If you computer's time is off by >5 minutes, that can result in this kind of behavior. Setting your computer to the correct time for your timezone should fix this.

If your computer's time is accurately set, then the next step would be to see if you are on VPN. If so, try turning that off and logging in again.

If you are still having trouble, please submit a request using the support chat widget in the bottom-right corner of the Fortmatic homepage.

This can happen if you are using Brave browser. If you run into this error, turn off the browser shields for the site you're trying to log into (click the Brave Lion icon in the URL bar and toggle shields off). Then refresh the page and log in again.

If you exported your private key completely out of Fortmatic, and it was lost, deleted or otherwise inaccessible, there is nothing we're able to do to recover it. The next time you logged in, a new address was created for you.

If you exported your key as a backup, you can login and export again.

Note: You should only attempt to export your private key on a computer. The private key file will not download on a mobile device or tablet.

Export

Fortmatic is a non-custodial key management services provider, and we give users the option to export their keys at any time. Just go to Fortmatic.com --> Wallet --> Login --> Export Private Key.

There will be two options:

1. As a backup 2. Completely out of Fortmatic's system With option one, even after exporting, you'll still continue using that wallet address next time you login.

With option two, once you export your key, the wallet address associated with that key will be completely removed from Fortmatic’s platform. This means you will no longer be able to access that address with Fortmatic. If you delete, lose, or otherwise mishandle the keystore file after it is exported, we are unable to help. The next time logging in, a new private key and ethereum address will be automatically generated for you.

Import

Here are some instructions for importing the file to Metamask. First you have to create a Metamask wallet. You can download the Metamask chrome extension on their website https://metamask.io. 1. Once you have the wallet created, with the Metamask extension open, click the colorful circle in the top right

2. "Import Account"

3. Select type: JSON file

4. Chose the keystore file from your computer downloads folder

- The file will be called `fortmatic_keystore_mainnet_0x....json` where the `0x...` will be the ethereum public address for the account you exported.

5. Enter the password you used when originally downloading/exporting the file, (not your Metamask password) which will decrypt it.

6. Done. You'll notice the "IMPORTED" flag next to the imported account.

Possible Errors

If you run into an error "Key derivation failed - possibly wrong passphrase" this means you are entering the incorrect password to decrypt the .json file. The password that encrypted the file is NOT the password you use when logging into Fortmatic, but the password you set when exporting your key from Fortmatic.If you forgot your password, Fortmatic is unable to help.

See below for instructions on how to Import and Export your Fortmatic private key to Metamask.

Import

Here are some instructions for importing the file to Metamask. First you have to create a Metamask wallet. You can download the Metamask chrome extension on their website https://metamask.io. 1. Once you have the wallet created, with the Metamask extension open, click the colorful circle in the top right

2. "Import Account"

3. Select type: JSON file

4. Chose the keystore file from your computer downloads folder

- The file will be called `fortmatic_keystore_mainnet_0x....json` where the `0x...` will be the ethereum public address for the account you exported.

5. Enter the password you used when originally downloading/exporting the file, (not your Metamask password) which will decrypt it.

6. Done. You'll notice the "IMPORTED" flag next to the imported account.

Export

Note: You should only attempt to export your private key on a computer. The private key file will not download on a mobile device or tablet.

Fortmatic is a non-custodial key management services provider, and we give users the option to export their keys at any time. Just go to Fortmatic.com --> Wallet --> Login --> Export Private Key.

There will be two options:

1. As a backup 2. Completely out of Fortmatic's system With option one, even after exporting, you'll still continue using that wallet address next time you login.

With option two, once you export your key, the wallet address associated with that key will be completely removed from Fortmatic’s platform. This means you will no longer be able to access that address with Fortmatic. If you delete, lose, or otherwise mishandle the keystore file after it is exported, we are unable to help. The next time logging in, a new private key and ethereum address will be automatically generated for you.

After exporting your private key, you can import it to other wallet softwares.

If when exporting your private key, you are running into an error message that says to contact support, check your computer's clock. If you computer's time is off by >5 minutes, that can result in this kind of behavior. Setting your computer to the correct time for your timezone should fix this.

If your computer's time is accurately set, then the next step would be to see if you are on VPN. If so, try turning that off and logging in again.

If you are still having trouble, please submit a request.

Fortmatic does not support importing a private key or seed phrase.

All transaction on the Ethereum blockchain should be sent with a gas fee. The gas fee is a payment that goes to the miners on the network confirming your transaction. Miners are financially incentivized, therefore the higher the fee your transaction is sent with, the sooner it will be included in a block.

The fee is composed of the gas limit * gas price.

Gas Limit

If using the analogy of filling up your car with gas, the gas limit is how big your cars fuel tank is, that is, how many miles it will take you. Complex transactions, such as those interacting with a smart contract, require a higher gas limit because of higher computing resources required by the miner to process it.

Gas Price

The gas price can be thought of similar to the price per gallon. The more demand there is for space in the next block, the higher the gas price will be. You can check current gas prices on a few different sites - https://ethgasstation.info/ | https://etherscan.io/gastracker | https://www.gasnow.org/

A transaction sent without a gas fee, while still valid, may never get confirmed as there's no incentive (fee) by the miner to include your transaction.

Does Fortmatic collect gas fees?

No, the fees sent along with your transaction go 100% to the miners on the network confirming your transaction. Fortmatic is a free wallet service for all users.

Gas prices fluctuate with the supply and demand to be included in the next block on the Ethereum blockchain.

When there are a lot of transactions being sent, since there is a limit on transactions that can be included in a single block, you need to increase the gas price in order to get your transaction included before others. Miners on the network are financially incentivized, and will include the transactions with the highest gas price in the next block.

You can check out current gas price estimates on any of the following sites

https://ethgasstation.info/

https://etherscan.io/gastracker

https://www.gasnow.org/

Fortmatic abstracts away the complexities of having to manually set gas fees. We offer two options for users to customize their gas fee - Fast and Slow.

Fast aims to complete a transaction within 30 seconds.

Slow aims to complete the transaction within 2 minutes and 30 seconds.

To speed up a stuck transaction, you are essentially re-sending the same transaction with the same nonce value and a higher gas cost to get it confirmed by the network faster.

To cancel a pending transaction, you are sending a zero-value transaction to yourself with the same nonce as the pending transaction and higher gas price than the pending txn so it gets picked up and the pending one gets dropped.

You can connect to your Fortmatic wallet on https://cancel-ethereum-transactions.web.app/

Miners use their mining hardware to process transactions on the Ethereum blockchain, and take the gas fees sent along with the transaction as incentive/profit. When you send a transaction with a gas limit that's not enough for the transaction to be completely executed, you'll run into an out-of-gas error.

Even though the transaction failed, the gas was still deducted from your wallet. Why? That's because the miner still had to use their computational resources to process your transaction.

No, the fees sent along with your transaction go 100% to the miners on the network confirming your transaction. Fortmatic is a free wallet service for all users.

Fortmatic has integrated third party providers, such as Moonpay and Wyre, which let users purchase Ethereum with a debit or credit card.

To do this, simply go to Fortmatic.com --> Wallet --> Login / Signup --> Click the profile icon in the top left --> Add to Balance --> Buy with Debit / Credit Card

Fortmatic has a fiat on-ramp within the widget, which allows you to use a third party provider to purchase crypto with your debit or credit card.

Transferring crypto into fiat/into your bank is not supported by Fortmatic or our fiat on-ramp providers.

Fiat on-ramp purchases go through a third party provider. If you just purchased crypto with your debit or credit card and the funds are not showing up, they can take up to a few days to process. For an exact timeline, you can contact the provider who processed the payment.