Key management

There is no magic in self-custody. It's a key, and where the key lives determines who can spend.

One key, one door

From your point of view, there is one key on Raycash. It authorizes transfers, withdrawals, and every other action that moves your money. Whoever holds that key controls the account.

Under the hood the key is managed for you by Privy embedded wallets. You don't see a twelve-word seed phrase by default — instead, the key material is bound to your login method (email, phone, or social) using an MPC split, so no single party, including Privy, can unilaterally reconstruct it.

The effect is a key that behaves like a bank login for your everyday use, but with self-custody properties underneath: neither Privy alone nor Raycash alone can move your money.

Where it lives

• Key material is held in infrastructure tied to your login method, split in a way that requires your authenticated sign-in to use.
• The key is accessible when you successfully sign in.
• The key is not stored in Raycash's backend. Raycash servers do not hold a key that can sign on your behalf.

This is different from a classic local-seed wallet like MetaMask (where the seed lives on your device) and different from a custodial wallet (where the provider holds the key outright). Privy's embedded wallet sits in between — self-custodial, with usability close to a normal app login.

Multi-device

Sign in on a second device with the same login method and your wallet is available there. The embedded wallet infrastructure handles the device-to-device provisioning; no manual key copy is needed.

From Settings → Devices in the app you can review active devices and revoke any you don't recognize.

Related

• How it works → Self-custody — the concept
• Using Raycash → Self-custody & recovery — user-facing recovery flows