Signer FAQs

General FAQs

What is BONKbot's Next-Generation Key Management System?

It's a real-time non-custodial system we've built to make your BONKbot wallet effectively as secure as a hardware wallet, without compromising UX or latency. Learn more about the.

What does "non-custodial" mean?

"Non-custodial" means you're always in sole control of your private key and assets without censorship risk from BONKbot or any other third party.

How and when do I get the upgrade?

It’s being rolled out automatically to all users across three phases. You’ll only need to take two actions as set out below, which we’ll guide you through via notifications within BONKbot:

• Phase 1: Automatic - no action required

• Phase 2: Export your private key (if not done already)

• Phase 3: Rotate to the new seed phrase wallet

How does BONKbot protect my wallet, and how does the 2FA function?

BONKbot supports 2FA to protect your wallet even if your Telegram is hacked, with Passkeys soon to be added to support on-device biometrics like Face ID. Once set up, sensitive actions like private key export or SOL withdrawals will require this additional authorization, with 2FA delivered via Telegram mini app. And that’s just on the user-facing side - under the hood,

What is a seed phrase, and why is it important?

A seed phrase is a human-readable list of words from which you can derive multiple wallets. It’s important because it’s how you control all your assets, just like a private key. Moreover, it's crucial for our upcoming multi-wallet feature, allowing you to manage multiple wallets with just one seed phrase.

How do I back up my private key, and what happens if I don't?

Simply navigate to “Export Private Key” in the “Wallet menu” and follow the on-screen instructions. Set up 2FA / Passkeys to be able to export your private key on demand. If you don't back it up, you may temporarily be unable to access your assets if BONKbot or Telegram face an outage. Backing up your private key is essential for maintaining control over your crypto under all circumstances.

Will this update affect my trading experience or funds?

No - your trading speed and experience will not be affected, nor will your funds. By default, 2FA is only required for sensitive actions (i.e. private key export and SOL withdrawals), and our system operates in real-time. Trade as quickly as before, but with far superior security.

What should I do if I encounter issues during the rollout?

What is an intent-based wallet?

An intent-based wallet executes transactions based on predefined conditions being met. For example, if you wanted to "Buy 25 SOL of token B when the dev and these 4 wallets sell". BONKbot's new system can monitor the blockchain for these events and execute your order immediately when conditions are met. Stay tuned for more updates!

Security and Privacy

How secure is the seed phrase, and how reliable is BONKbot's cloud-based key management?

How do biometrics and 2FA work with BONKbot, and which is more secure?

BONKbot supports device-native biometrics (e.g. Face ID, Touch ID) via Passkeys, and 2FA via authenticator apps. Biometric verification happens entirely on your device. Biometrics are generally more secure as they're harder to replicate, but both offer robust protection. We don't support less secure methods like email or SMS for 2FA.

Will there be a security audit for the new system?

Yes - the security upgrade has undergone comprehensive auditing, testing and code review, with OtterSec conducting a third-party audit for additional assurance.

Troubleshooting and Support

What should I do if I forget my seed phrase or can't immediately back up my private key?

You can re-export your seed phrase on demand after passing 2FA / Passkey verification. In due course, it’ll become mandatory to back up your seed phrase, but we'll provide ample notice and you can pre-empt this at any point. Remember, BONKbot can't recover your seed phrase for you, so store it securely.

How does the new system affect trading, including speed and security requirements?

The update enhances security without compromising speed:

1. Default Setting:

   • Transactions auto-approved

   • 2FA required only for sensitive actions (e.g. private key export, SOL withdrawals)

2. Optional Enhanced Security:

   • Can be enabled in settings

   • Requires 2FA / Passkey authentication upon first interaction with a token

   • Provides maximum protection against sophisticated attacks, even if your Telegram account is compromised

Your current transactions and funds remain unaffected. The transition is seamless, with assets safe and available throughout. You can trade quickly with improved security, choosing the level that suits your needs, adding an extra step to safeguarding your assets whenever you’re not actively trading.