# Product-driven Blog | #01 Functionality & Security By [ForgeX](https://paragraph.com/@forgex) · 2024-12-26 --- > talk is cheap, show me the proof or code. **Hence, proof is here.** 🫡 ForgeX provides two ways of private key storage: **Cloud Storage** and **Local Storage** Below is a detailed explanation of the security and storage process for these two forms within the platform. ### **Local Storage** #### **When Creating Wallet Groups** When users choose to create a wallet group with local storage, the private key is generated on the user's local frontend. The private key is not uploaded to the cloud; only the wallet address is uploaded to the backend database for wallet monitoring. This can be verified through the console by inspecting network requests. ![Creating new wallets for local storage](https://storage.googleapis.com/papyrus_images/2e27a7b2068940d459a1d4bd62236d4ffe51408ad1a2bb592b05e9c42ba7524c.png) Creating new wallets for local storage ![Only public addresses were uploaded](https://storage.googleapis.com/papyrus_images/922a036e43c5edfbfbcf4410b8a8f6e17f1c36443cc6c45fc8d5b90dcdc8e488.png) Only public addresses were uploaded #### **Wallet Group Data Management** The private keys of locally stored wallet groups are saved in `IndexedDB -> redux -> keyvaluepairs` under local storage. Redux is a commonly used state management and storage library in the React framework. Through persistence technology, front-end data and states are stored locally. Once the persisted data is cleared, all locally stored wallet groups will be erased. Users must restore the wallet group using the previously saved local wallet group JSON file. If the file is lost, there is no way to recover it.This can be verified by clearing the data in `keyvaluepairs` and then checking the status of the ForgeX wallet group. ![storage of local wallet group data](https://storage.googleapis.com/papyrus_images/c171dd18b6423d542609573d8e82701f4fa672816b4120b3e46dcf43f1fedf11.png) storage of local wallet group data #### **File Export and Encryption** Users can export their locally stored wallet group data as a JSON file at any time. * **Unencrypted Export**: The wallet group data will be stored in plaintext in the JSON file. * **Encrypted Export**: The wallet group data will be stored in ciphertext in the JSON file. ForgeX adopts the **AES (Advanced Encryption Standard)** encryption algorithm, which is the most commonly used symmetric encryption algorithm and is widely used in the industry. Encryption and decryption both use the same key, which is the password entered by the user during encryption. Once encrypted, no one other than the user can decrypt the file. ![Encrypted file with AES algo](https://storage.googleapis.com/papyrus_images/2b915a53db2241fac2bbe61f212f7de7070fb27a047a9e2589eff86653170c05.png) Encrypted file with AES algo ![Non-encrypted file without AES algo](https://storage.googleapis.com/papyrus_images/d73478c181f091243533a6ec64d247f57d6e62c5c7b650f01ba914f6c4fcd608.png) Non-encrypted file without AES algo #### **Process Security** Since the responsibility for managing local wallet groups lies with the user's frontend, ForgeX enforces a mandatory process to avoid users forgetting to update their local wallet group JSON file after making changes to the wallet group. Users must re-export the local wallet group JSON file after adding or removing wallets from the group. This ensures that, in extreme cases, the user's local wallet group data is still retained for recovery. ![ForgeX.tool -> Wallet Group -> Create Wallet Group](https://storage.googleapis.com/papyrus_images/5972b9dea239c3c7297866e4796f7e4af741a9846e085d4fc20c56277d0654b1.png) ForgeX.tool -> Wallet Group -> Create Wallet Group #### **Restoring Local Wallet Groups** To restore a previously stored local wallet group, users must import the earlier JSON file. The front end will automatically parse the file. If the file is encrypted, users must enter the password for decryption. If the password is incorrect, the wallet group data in the file cannot be recovered. ### **Cloud Storage** #### **Process Security** When users choose to generate a wallet group with cloud storage, the private key is generated on the user's local frontend. After the private key is generated: 1. The wallet address is uploaded to the backend database for wallet monitoring. This can be verified through the console by inspecting network requests. 2. Users are required to encrypt the file before uploading it to the cloud for storage. ![Mandatory encryption before upload](https://storage.googleapis.com/papyrus_images/3c478089cdc584d04aa467961065326e90e5ab425693b4197084c861ec4413d3.png) Mandatory encryption before upload ![Mandatory input a password](https://storage.googleapis.com/papyrus_images/16154a0fb4d3bff7c8046bf732a7deee580406a2d680748d7fcaed0ad843a36e.png) Mandatory input a password ![Headers msg when uploading the file](https://storage.googleapis.com/papyrus_images/0b682879e96372411e3aa7f5430451d3fa744ddcf0ad84d1c0baa3e20250ff36.png) Headers msg when uploading the file ![Paylod of when uploading the file](https://storage.googleapis.com/papyrus_images/946f94253c626e2c48188f0887570ceb50b87becd23b80ee7d721cc05d3b3c04.png) Paylod of when uploading the file #### **Viewing Wallet Groups** When users want to view a cloud-stored wallet group, the frontend will require them to enter the password previously set for the wallet group. If the password is incorrect, the user will not be able to access the wallet group.When users want to view the wallet group on a new frontend, since the local frontend does not have the wallet group data, the encrypted file will be downloaded from the cloud. Users will then be prompted to enter the password for decryption, after which the wallet group data will be parsed and displayed. #### **Wallet Group Data Management** The private keys of cloud-stored wallet groups are saved in `IndexedDB -> redux -> keyvaluepairs` under local storage. Redux is a commonly used state management and storage library in the React framework. Through persistence technology, front-end data and states are stored locally. If the persisted data is cleared, all locally stored wallet groups will be erased. For cloud-stored wallets, when the frontend detects that the local data for the cloud-stored wallet is missing, it will automatically re-download the encrypted file from the cloud. Users will be prompted to enter the password for decryption, after which the wallet group data will be parsed and displayed. This can be verified by clearing the data in `keyvaluepairs` and then checking the status of the ForgeX wallet group. ![Local data storage location of wallet groups](https://storage.googleapis.com/papyrus_images/c171dd18b6423d542609573d8e82701f4fa672816b4120b3e46dcf43f1fedf11.png) Local data storage location of wallet groups ### **ForgeX is an on-chain terminal for meme developers and advanced traders.** [Twitter](https://x.com/ForgeX_tools) | [Telegram](https://t.me/forgex_tools) | [Website](https://forgex.tools/) --- *Originally published on [ForgeX](https://paragraph.com/@forgex/product-driven-blog-01-functionality-security)*