Skip to main content

2. Initial setup

2.5 Master Wallet Setup

2.5.1 What is Master Wallet

The master wallet in Tokenizer.Estate serves as the primary blockchain wallet used by the platform to execute all critical on-chain operations related to tokenized assets, but is fully controlled by the platform owner.

The master wallet is configured during the initial deployment of your Tokenizer instance by the development team. It is not accessible or editable from the admin panel.

2.5.2 How the Setup Process Works

  1. We (Tokenizer.Estate) set up the microservice:
    Our team deploys a dedicated wallet microservice on your own infrastructure, using your cloud account.
    We close all ports except for port 443 (HTTPS) to ensure maximum security and isolate the service from external access.
    Once deployed, we provide you with a one-time initialization link.

Why do we leave port 443 open?

We leave port 443 open because it is the standard port used for secure HTTPS connections.

Why?

  • The wallet microservice needs to communicate securely with your systems and with Tokenizer.Estate to receive the one-time initialization request and to interact with the blockchain-related endpoints.
  • By using port 443, all data exchanged is encrypted via TLS (Transport Layer Security), protecting it from interception.

Why do we close all other ports?

  • To minimize the attack surface.
  • Only allowing port 443 ensures no other services or management interfaces can be accessed from the outside, reducing the risk of unauthorized access.
  1. You initialize the wallet:
    You receive the one-time link and open it yourself.
    This link can be used only once to create your Master Wallet and generate your keys.
    Once the wallet is initialized, the link will display that the wallet has already been set up if you attempt to visit it again.
    If reinitialization is needed (for example, if the link was accessed prematurely), we will restart the microservice and issue a new one-time link.
  2. Next steps
    After successful initialization, you can begin using the Master Wallet for blockchain operations within your Tokenizer.Estate instance. All future blockchain activities will route through this secured wallet.

2.5.3 Security guarantee

  • We never see, store, or have access to your keys at any point.
  • You are the only party that has access to the private keys generated during this process.
  • The entire architecture is designed to ensure that even Tokenizer.Estate cannot access or retrieve your keys, guaranteeing full ownership and control.
💡
Make sure that only authorized personnel have access to the initialization link.
Once set up, your Master Wallet will be ready to handle all blockchain transactions securely within your Tokenizer.Estate environment

2.5.4 What to Do if the Platform Owner Lost Access to the Wallet

If the platform owner loses access to their self-custodial wallet (e.g., due to loss of seed phrase or private key), there is a defined recovery procedure in place. This ensures the security and continuity of platform operations, especially for wallets used to manage investor assets or perform administrative functions.

  1. Re-initialized of the Microservice
    If the admin loses access to their private key or seed phrase, the microservice instance can be re-initialized.
  2. One-Time Initialization Link
    A secure, one-time-use initialization link will be generated. This link must be accessed only once and only by the authorized admin.