OrbitYield
Polkadot LogoOrbitYield
Back to Documentation

Wallet Management

OrbitYield utilizes a secure wallet connection system to protect your assets and ensure only authorized access to your funds. Learn how our wallet management system works and how to use it safely.

Wallet Connection Overview

OrbitYield is a non-custodial platform, meaning we never take control of your funds. Instead, our smart contracts interact with your wallet only when you explicitly authorize transactions.

Connecting your wallet to OrbitYield allows our platform to:

  • Display your balances and portfolio information
  • Prepare transactions for your approval
  • Monitor your positions and provide relevant updates
  • Personalize your experience based on your assets

At no point does OrbitYield have the ability to move your funds without your explicit approval through your wallet's transaction signing interface.

Wallet connection flow illustration

(Interactive illustration coming soon)

Supported Wallets

OrbitYield currently supports these wallet types:

  • MetaMask
  • WalletConnect
  • Coinbase Wallet
  • Trust Wallet
  • Ledger (via MetaMask)

Connection Storage

OrbitYield securely stores wallet connection information in our database to provide a seamless experience. This includes your wallet address, connection timestamps, and connection status. We never store private keys or seed phrases.

Enhanced Security

Our wallet connection system includes enhanced security features like administrative approval for disconnection requests, email notifications for important actions, and detailed connection logs to protect against unauthorized access.

MetaMask Connection System

OrbitYield features a comprehensive MetaMask connection management system designed to enhance security and user control. This system provides detailed tracking and management of all wallet connections.

When you connect your MetaMask wallet to OrbitYield, we create a secure connection record that helps protect your account and assets from unauthorized access while ensuring you can monitor all connections.

(MetaMask connection interface)

Connection Record Storage

Each MetaMask connection to OrbitYield is recorded with the following information:

Connection Details

  • Wallet address (public address only)
  • User ID association
  • Initial connection timestamp
  • Last activity timestamp
  • Connection status

Removal Request Information

  • Request status (pending/approved/rejected)
  • Reason for disconnection request
  • Contact email for notifications
  • Request timestamp
  • Admin action details (when applicable)

API Endpoints

OrbitYield's backend includes dedicated endpoints for wallet connection management:

// Save new MetaMask connection
POST /api/metamask

// Retrieve user's MetaMask connections
GET /api/metamask

// Submit wallet disconnection request
POST /api/metamask/removal-request

// Admin endpoints for managing removal requests
GET /api/admin/metamask
PUT /api/admin/metamask/:id

These endpoints are protected by authentication and authorization mechanisms to ensure only authorized users can access them.

Connection Status Monitoring

OrbitYield provides real-time status monitoring of all your wallet connections:

Active

The wallet is currently connected and functioning normally with OrbitYield.

Pending Removal

A disconnection request has been submitted and is awaiting admin approval.

Disconnected

The wallet has been disconnected from OrbitYield following approval.

Wallet Disconnection Process

For enhanced security, OrbitYield implements a controlled disconnection process for wallet connections. Unlike most platforms that allow instant disconnection, we require administrative approval to prevent unauthorized disconnection attempts by potential attackers.

Step-by-Step Disconnection Request

1

Initiate Disconnection Request

In your account settings, locate the wallet connection you wish to disconnect and click the "Request Disconnection" button.

2

Provide Required Information

Complete the disconnection request form, providing:

  • Your contact email (for notifications)
  • Reason for disconnection
  • Optional additional details
3

Request Confirmation

Review your request details and submit it. You'll receive an email confirmation that your request has been received and is pending review.

4

Admin Review

OrbitYield administrators will review your request, typically within 24-48 hours. During this time, your connection status will show as "Pending Removal."

5

Approval and Disconnection

Once approved, your wallet will be disconnected from OrbitYield, and you'll receive an email confirmation of the completed disconnection.

Why Administrative Approval?

Our admin approval process for wallet disconnections provides an additional security layer:

  • Protects against unauthorized disconnection attempts by attackers
  • Prevents account takeovers by removing legitimate wallet connections
  • Creates an audit trail of connection management activities
  • Allows verification of the disconnection requestor's identity
  • Reduces the risk of social engineering attacks

During the Review Period

While your disconnection request is pending approval:

  • Your wallet remains connected to OrbitYield
  • You can continue to view your portfolio and positions
  • All transaction signing still requires your explicit approval
  • You can cancel the disconnection request if needed
  • Status indicators show the pending state across the platform

Admin Management Interface

OrbitYield features a dedicated administrative interface for managing wallet connections and disconnection requests. This section is for informational purposes to help users understand the review process.

Admin Dashboard Features

  • Request Queue Management

    Administrators can view, sort, and filter all pending disconnection requests with detailed information about each request.

  • User Verification Tools

    Tools to verify the identity of users requesting disconnections through various authentication methods.

  • Activity Monitoring

    Real-time monitoring of wallet activities to detect suspicious patterns that might indicate security concerns.

  • Notification System

    Automated email notifications to both users and administrators about request status changes and approvals.

(Admin dashboard interface)

Security and Access Controls

The admin management interface is protected by multiple security layers:

Role-Based Access

Only authorized administrators with specific role permissions can access the wallet management interface.

Multi-Factor Authentication

Administrators must complete MFA verification before approving disconnection requests.

Audit Logging

All administrative actions are logged with timestamps, action details, and admin identification.

Wallet Security Best Practices

Protect Your Private Keys

  • Never share your seed phrase or private keys with anyone
  • Store your recovery phrase offline in a secure location
  • Consider using a hardware wallet for additional security
  • Be cautious of phishing attempts requesting wallet information

Verify Transactions

  • Always check transaction details before signing
  • Verify wallet addresses and token amounts
  • Be wary of unexpected transaction requests
  • Set spending limits when possible

Monitor Your Connections

  • Regularly review connected dApps in your wallet
  • Request disconnection for wallets you no longer use
  • Enable notifications for connection activities
  • Use different wallets for different purposes

Secure Your Devices

  • Keep your device's operating system and wallet software updated
  • Use strong, unique passwords for wallet access
  • Enable biometric authentication when available
  • Install reputable security software
Learn More About Security