What is the ChainGuard Mobile App?

The ChainGuard Mobile App is a free mobile application that provides airgapped two-factor authentication for all ChainGuard operations. It enables secure transaction signing, OAuth authentication, and vault operation approvals through QR code scanning and biometric protection. Available for iOS and Android.

How does the ChainGuard Mobile App work?

The ChainGuard Mobile App works as an airgapped 2FA device: 1) Download and install the app, 2) Pair your device with your ChainGuard account by scanning a QR code, 3) When you need to approve an operation, scan the QR code displayed on your screen, 4) Review transaction details in human-readable format, 5) Approve or reject using biometric authentication. All signatures are generated locally on your device.

Is the ChainGuard Mobile App free?

Yes, the ChainGuard Mobile App is completely free to download and use. There are no subscription fees, no in-app purchases, and no hidden costs. The app is available on the App Store (iOS) and Google Play Store (Android) at no charge.

What security features does the mobile app provide?

The ChainGuard Mobile App provides: Airgapped security (can operate offline), biometric protection (Face ID, Touch ID, fingerprint), encrypted storage (AES-256-GCM), private key isolation (keys never leave device), human-readable transaction display, real-time WebSocket communication, and comprehensive error handling. All sensitive operations require biometric authentication.

Do I need the mobile app to use ChainGuard?

Yes, the ChainGuard Mobile App is required for all wallet operations. All ChainGuard transactions, OAuth authentications, and vault operations require mandatory 2FA via the mobile app. This ensures maximum security - no operation can be executed without your mobile device approval.

Can the mobile app work offline?

Yes! The ChainGuard Mobile App can operate in airgapped mode. You can sign transactions offline - the app generates cryptographic signatures locally without requiring internet connectivity. When you reconnect, the signed transactions are submitted. This airgapped architecture provides maximum security.

What types of transactions can I sign with the mobile app?

The ChainGuard Mobile App supports: ETH transfers and withdrawals, ERC20 token transfers and withdrawals, ERC721 NFT withdrawals, ERC1155 NFT withdrawals, account management operations, OAuth authentication requests, and vault operation approvals. All transaction types are displayed in human-readable format before signing.

How do I pair my mobile device with my ChainGuard account?

To pair your device: 1) Download and install the ChainGuard Mobile App, 2) Sign in with your ChainGuard credentials or create a new account, 3) Open your ChainGuard dashboard on desktop/web, 4) Navigate to device pairing section, 5) Scan the displayed QR code with your mobile app, 6) Confirm pairing on both devices. Your device is now paired and ready to provide 2FA.

Can I use multiple mobile devices?

Yes, you can pair multiple mobile devices with your ChainGuard account. Each device provides independent 2FA capability. You can manage all paired devices from your dashboard, including the ability to unpair devices if you lose one or want to remove access.

What happens if I lose my mobile device?

If you lose your mobile device, you should immediately unpair it from your ChainGuard account using your password and primary wallet signature from your dashboard. Then pair a new device by downloading the app and scanning the QR code. Your vault assets remain secure during this process because the three-address protocol still requires your primary wallet signature.

Does the mobile app store my private keys?

Yes, the ChainGuard Mobile App generates and stores a 2FA private key locally on your device. This key is encrypted using AES-256-GCM and stored in the device's secure enclave (iOS) or hardware-backed keystore (Android). The key never leaves your device and is never transmitted to ChainGuard servers.

How does biometric authentication work?

Biometric authentication uses your device's built-in Face ID, Touch ID, or fingerprint scanner to unlock the ChainGuard Mobile App. Biometric data is processed locally on your device and never transmitted to ChainGuard. The app requires biometric authentication before displaying transaction details or generating signatures.

Can I use the mobile app without biometric authentication?

Biometric authentication is highly recommended for security, but you can use a PIN or password as an alternative. However, biometric authentication provides the strongest security and is required for high-value operations. The app will prompt you to enable biometrics during setup.

Which blockchain networks does the mobile app support?

The ChainGuard Mobile App supports all ChainGuard networks: Base (Coinbase L2), Arbitrum (Optimistic Rollup), Optimism (Optimistic Rollup), Polygon (PoS Chain), and Ethereum mainnet. One app works for all networks - you can sign transactions across any supported chain.

How do I update the ChainGuard Mobile App?

The ChainGuard Mobile App receives regular updates through the App Store (iOS) and Google Play Store (Android). Updates are automatic if you have auto-update enabled, or you can manually update through the respective app stores. Critical security updates are pushed immediately and may require updating before using the app.

What information does the mobile app collect?

The ChainGuard Mobile App collects minimal information: Account credentials (email/password for sign-in), device information (for pairing and security), transaction approval data (processed locally), and app usage analytics (anonymized). Private keys, biometric data, and transaction details never leave your device.

Can I use the mobile app with hardware wallets?

The ChainGuard Mobile App works alongside hardware wallets. Your primary wallet (MetaMask, Ledger, Trezor, etc.) provides one signature, and the ChainGuard Mobile App provides the 2FA signature. The three-address protocol requires both signatures plus the ChainGuard address for vault operations.

How fast is transaction approval with the mobile app?

Transaction approval is nearly instant. The app uses WebSocket connections for real-time communication, so when you scan a QR code and approve a transaction, the approval is transmitted immediately. Total time from scan to approval is typically 2-5 seconds, depending on network conditions.

Is the mobile app available in all countries?

The ChainGuard Mobile App is available globally through the App Store and Google Play Store, subject to local app store policies. Some countries may have restrictions on cryptocurrency-related apps. Check your local app store for availability.

What are the system requirements for the mobile app?

iOS: Requires iOS 13.0 or later. Compatible with iPhone, iPad, and iPod touch. Android: Requires Android 8.0 (API level 26) or later. The app requires camera access for QR code scanning and biometric hardware (Face ID, Touch ID, or fingerprint scanner) for optimal security.

Can developers integrate with the ChainGuard Mobile App?

Yes! Developers can integrate ChainGuard OAuth into their dApps, which automatically uses the ChainGuard Mobile App for 2FA. The mobile app handles all authentication and transaction approval flows. No additional integration is needed - users simply scan QR codes with the app.

What is device attestation in the ChainGuard Mobile App?

Device attestation verifies that your mobile device is genuine and hasn't been tampered with. ChainGuard uses Google Play Integrity API (Android) and Apple App Attest (iOS) to cryptographically verify device authenticity. This ensures only legitimate, unmodified devices can access your ChainGuard account, preventing compromised or jailbroken devices from being used.

How does device attestation work technically?

Device attestation works by: 1) Your device generates hardware-backed attestation keys stored in secure hardware (Secure Enclave on iOS, HSM on Android), 2) The app requests an attestation token from Google/Apple APIs, 3) ChainGuard servers verify the token using official Google/Apple verification APIs, 4) Device integrity, app authenticity, and key origin are all verified before allowing operations. This prevents spoofing and ensures maximum security.

Can I configure device attestation validity periods?

Yes! You can configure device attestation validity periods in your ChainGuard dashboard. Set custom validity durations (e.g., 1 day, 7 days, 30 days) based on your security requirements. Enterprise accounts can enforce maximum validity periods (e.g., 7 days) to ensure regular device re-verification for enhanced security.

What is instant renewal for high-value operations?

Instant renewal is a security feature that requires device re-attestation before approving high-value transactions, regardless of validity period. You can configure this in your dashboard to automatically trigger re-attestation before approving vault withdrawals, large transfers, or account modifications above your configured threshold. This ensures maximum security for critical operations.

How do I set up instant renewal for high-value operations?

To set up instant renewal: 1) Open your ChainGuard dashboard, 2) Navigate to device attestation settings, 3) Enable "Instant Renewal for High-Value Operations", 4) Set your transaction threshold (e.g., $10,000, 10 ETH), 5) Configure which operation types require instant renewal (vault operations, transfers, account changes). The app will automatically prompt for re-attestation when these thresholds are met.

What happens if device attestation expires?

If device attestation expires, you'll need to re-attest your device before approving operations. The app will prompt you to re-verify your device when you attempt to approve a transaction. The re-attestation process is quick - simply follow the on-screen prompts to regenerate and verify your attestation token. Your account remains secure during this process.

Can I use the mobile app on a jailbroken or rooted device?

No, ChainGuard Mobile App cannot be used on jailbroken (iOS) or rooted (Android) devices for security reasons. Device attestation will fail on compromised devices, preventing access to your ChainGuard account. This protects your assets from potential security vulnerabilities that exist on modified devices.

How does the mobile app work with different blockchain networks?

The ChainGuard Mobile App is chain-agnostic and project-agnostic. It works universally with any blockchain network or Web3 project. The app generates off-chain signatures that are compatible with any EVM-compatible chain (Ethereum, Base, Arbitrum, Optimism, Polygon, etc.). There are no chain limitations or project restrictions - one app for all your Web3 signing needs.

What is the difference between transaction signing and authentication signing?

Transaction signing approves on-chain operations like ETH transfers, token transfers, and NFT operations. Authentication signing approves OAuth login requests and access permissions for dApps. The ChainGuard Mobile App handles both types of signing - you scan QR codes and approve either transactions or authentication requests using the same device and workflow.

How does the 2FA signature flow work?

The 2FA signature flow works in two steps: 1) First, you scan a QR code and approve the operation on your mobile app (2FA signature), 2) Then, your primary wallet signature is required for on-chain initiation. The mobile app provides the mandatory 2FA signature, and your wallet provides the primary signature. Both signatures are required for all operations.

Can I use the mobile app for OAuth login authentication?

Yes! The ChainGuard Mobile App is used for all OAuth login authentication. When you log into a dApp using ChainGuard OAuth, a QR code appears on your screen. Scan it with the mobile app, review the login request and permissions, and approve or reject using biometric authentication. The app provides the 2FA signature required for OAuth authentication.

What permissions can I grant through OAuth with the mobile app?

Through ChainGuard OAuth, you can grant permissions for: Profile information (username, email), Vault access (view vault balance and operations), Identity data (KYC status, attestations), and Transaction approval (sign transactions on behalf of the platform). You can review and approve each permission individually when scanning the QR code with the mobile app.

How secure is the QR code scanning process?

QR code scanning is highly secure: 1) All QR codes are cryptographically signed and verified before processing, 2) QR codes contain encrypted, time-limited tokens that expire quickly, 3) Each QR code can only be used once, preventing replay attacks, 4) The app verifies QR code authenticity before displaying transaction details, 5) Invalid or tampered QR codes are immediately rejected.

What happens if I scan a malicious QR code?

The ChainGuard Mobile App will reject any QR code that doesn't pass cryptographic verification. Malicious or tampered QR codes cannot be processed - the app verifies the signature, checks expiration, and validates the token before displaying any transaction details. If a QR code fails verification, you'll see an error message and no transaction will be displayed or signed.

Can I review transaction details before signing?

Yes! The ChainGuard Mobile App displays all transaction details in human-readable format before you sign. You'll see: Transaction type (ETH transfer, token transfer, etc.), Amount and currency, Recipient address, Network (Base, Arbitrum, etc.), Gas fees (if applicable), and Transaction purpose. Review all details carefully before approving with biometric authentication.

What happens if I reject a transaction on the mobile app?

If you reject a transaction on the mobile app, the operation is cancelled immediately. No signature is generated, and the transaction request is terminated. The platform or dApp will receive a rejection notification. You can always initiate a new transaction request if you change your mind.

How does the mobile app handle network connectivity issues?

The ChainGuard Mobile App can operate in airgapped mode - you can sign transactions offline. When you scan a QR code and approve a transaction, the signature is generated locally on your device. If you're offline, the signed transaction is stored locally and automatically submitted when you reconnect to the internet. This ensures you can always approve critical operations even without connectivity.

Can I use the mobile app with multiple ChainGuard accounts?

Yes, you can use the ChainGuard Mobile App with multiple ChainGuard accounts. Simply sign out and sign in with different credentials. Each account maintains its own paired devices and 2FA keys. You can switch between accounts as needed, and each account's operations are completely isolated.

What is the three-address protocol and how does the mobile app fit in?

The three-address protocol requires three addresses for vault operations: 1) Primary Address (your main wallet - MetaMask, Ledger, etc.), 2) 2FA Address (your ChainGuard Mobile App device), 3) Secondary Address (recovery wallet). The mobile app provides the mandatory 2FA signature. All three signatures are required for vault operations, providing maximum security.

How does the mobile app protect against phishing attacks?

The ChainGuard Mobile App protects against phishing through: 1) Cryptographic QR code verification (phishing sites can't generate valid QR codes), 2) Human-readable transaction display (you see exactly what you're approving), 3) Device attestation (prevents compromised devices), 4) Server-side verification (all operations verified on ChainGuard servers), 5) Time-limited tokens (QR codes expire quickly). Always verify transaction details before approving.

Can I export or backup my mobile app keys?

No, the ChainGuard Mobile App does not support key export or backup for security reasons. Keys are stored in hardware-backed secure storage and cannot be extracted. If you lose your device, you can unpair it from your dashboard and pair a new device. Your vault assets remain secure because the three-address protocol still requires your primary wallet signature.

What happens to my mobile app data if I uninstall the app?

If you uninstall the ChainGuard Mobile App, all local data including your 2FA keys are permanently deleted from your device. You'll need to reinstall the app and pair a new device with your ChainGuard account. Your ChainGuard account and vault assets are unaffected - only the mobile device pairing is removed.

How does the mobile app ensure privacy?

The ChainGuard Mobile App ensures privacy through: 1) Local key storage (keys never leave your device), 2) Minimal data collection (only necessary account and device info), 3) Encrypted communication (all data transmitted via encrypted WebSocket), 4) No transaction history storage (transaction details are processed and discarded), 5) Biometric data never transmitted (processed locally only), 6) Anonymous analytics (usage data is anonymized).

Can I use the mobile app for enterprise accounts?

Yes! The ChainGuard Mobile App supports enterprise accounts with enhanced features: Configurable attestation validity periods (enforce maximum 7-day validity), instant renewal for high-value operations, operation-specific attestation policies, team device management, and audit logging. Enterprise accounts can configure stricter security policies through the dashboard.

How do I manage multiple devices for my enterprise account?

Enterprise account administrators can manage all paired devices from the dashboard: View all paired devices, see device attestation status, configure device-specific policies, unpair devices remotely, set device attestation validity periods, and configure instant renewal thresholds. All device management actions require appropriate permissions.

What is hardware-backed key attestation?

Hardware-backed key attestation ensures that cryptographic keys are stored in secure hardware (Secure Enclave on iOS, Hardware Security Module on Android). The attestation proves that keys are stored in tamper-resistant hardware and cannot be extracted or modified. This provides the highest level of device binding security, ensuring keys are protected even if the device is compromised.

How does server-side verification work?

Server-side verification ensures all device attestation tokens are verified on ChainGuard servers using Google and Apple's official verification APIs. This prevents attestation spoofing - even if someone tries to fake an attestation token, ChainGuard servers will reject it because they verify directly with Google/Apple. This ensures only legitimate, verified devices can access accounts.

Can I use the mobile app without a ChainGuard subscription?

Yes! The ChainGuard Mobile App is free to download and use. However, to use it for ChainGuard operations (vault transactions, OAuth authentication), you need an active ChainGuard account. You can create a free account and use the mobile app for basic operations, but full functionality requires a ChainGuard subscription for vault and advanced features.

What is the difference between the mobile app and a hardware wallet?

The ChainGuard Mobile App provides 2FA signatures for ChainGuard operations, while hardware wallets (Ledger, Trezor) provide primary wallet signatures. They work together: Your hardware wallet signs transactions as the primary address, and the mobile app provides the mandatory 2FA signature. The mobile app is specifically designed for ChainGuard's three-address protocol, while hardware wallets are general-purpose signing devices.

How does the mobile app handle app updates and security patches?

The ChainGuard Mobile App receives regular updates through the App Store and Google Play Store. Critical security patches are pushed immediately and may require updating before using the app. The app checks for updates on launch and notifies you if an update is required. Always keep the app updated to the latest version for maximum security.

ChainGuard Aplicación Móvil

ChainGuard App

Seguridad 2FA Airgapped para Web3

La aplicación móvil ChainGuard está diseñada intencionalmente como un dispositivo 2FA offline y off-chain, proporcionando seguridad de nivel empresarial para todas tus operaciones Web3. Descárgala gratis y úsala para firmar transacciones, autenticar inicios de sesión OAuth y aprobar operaciones de bóveda - todo sin que tus claves privadas salgan nunca de tu dispositivo.

Compatibilidad Universal: Diseñada como un dispositivo agnóstico de cadena y proyecto, la aplicación móvil ChainGuard funciona con cualquier red blockchain o proyecto Web3. No hay limitaciones de cadena o restricciones de proyecto - está diseñada para ser tu solución 2FA universal para todo el ecosistema Web3.

Característica de Seguridad Crítica: Todas las operaciones de ChainGuard requieren 2FA obligatorio a través de la aplicación móvil. Los usuarios escanean códigos QR y aprueban operaciones (transacciones, inicios de sesión, acciones de bóveda) en su dispositivo móvil. Este enfoque airgapped y off-chain garantiza máxima seguridad - tus claves privadas nunca salen de tu dispositivo, y las firmas se generan localmente antes de la transmisión.

Gratis

Sin Costo para Descargar

Airgapped

Seguridad Offline

Biométrico

Face ID / Touch ID

Tiempo Real

Verificación Instantánea

Cómo Funciona la Aplicación Móvil ChainGuard

Flujo 2FA simple y seguro que protege todas tus operaciones Web3

Download & SetupDownload the ChainGuard Mobile App from the App Store or Google Play. Create your account or sign in with your existing ChainGuard credentials. The app automatically generates a secure 2FA address for your device.

Pair with Your AccountOpen your ChainGuard dashboard and navigate to device pairing. Scan the QR code displayed on your screen with the ChainGuard Mobile App. Your device is now paired and ready to provide 2FA for all operations.

Device Attestation & SettingsChainGuard automatically verifies your device using Google Play Integrity API (Android) or Apple App Attest (iOS). Configure device attestation validity periods in your dashboard. Enterprise accounts can enforce maximum validity periods (e.g., 7 days) and require instant renewal for high-value operations.

Approve OperationsWhen you initiate a transaction, OAuth login request, or vault operation, a QR code appears on your screen. Open the ChainGuard Mobile App, scan the QR code, review the operation details (transaction data or login request), and approve or reject using biometric authentication.

Off-Chain Signature GenerationAfter approval, the app generates a cryptographic signature locally on your device (off-chain). Your private keys never leave your mobile device. The signature is then transmitted securely via encrypted WebSocket connections. This off-chain signature approach works universally with any chain or project.

Características Clave

Características de seguridad de nivel empresarial integradas en una aplicación móvil simple

Seguridad y Privacidad

Construida con seguridad como fundamento, no como una idea tardía

Aislamiento de Clave Privada

Las claves privadas se generan localmente y nunca se transmiten por la red. Permanecen cifradas en tu dispositivo en todo momento.

Almacenamiento Cifrado

El cifrado AES-256-GCM protege todos los datos sensibles. Las claves se almacenan en almacenamiento seguro respaldado por hardware cuando está disponible.

Autenticación Biométrica

Se requiere Face ID, Touch ID o huella dactilar para desbloquear la aplicación. Los datos biométricos nunca salen de tu dispositivo.

Verificación de Transacciones

Cada transacción se muestra en formato legible por humanos antes de firmar. Revisa todos los detalles antes de la aprobación.

Gestión de Sesiones

Las sesiones WebSocket son temporales y pueden cancelarse en cualquier momento. No hay conexiones persistentes que almacenen datos sensibles.

Manejo de Errores

El manejo integral de errores previene fugas de datos. La degradación elegante garantiza seguridad incluso en casos extremos.

Atestación de Dispositivo

Google Play Integrity API (Android) y Apple App Attest (iOS) verifican la autenticidad del dispositivo. La atestación respaldada por hardware garantiza que tu dispositivo no haya sido manipulado o comprometido.

Validez de Atestación Configurable

Configura períodos de validez de atestación de dispositivo en tu panel. Las cuentas empresariales pueden establecer períodos de validez máximos (p. ej., 7 días) y requerir renovación instantánea para operaciones de alto valor.

Atestación de Dispositivo y Configuración de Seguridad

Verificación de dispositivos de nivel empresarial con políticas de seguridad configurables

Configuración del Panel

Configura políticas de atestación de dispositivo en tu panel ChainGuard:

Período de Validez

Establece el período de validez máximo para la atestación de dispositivo (p. ej., 1 día, 7 días, 30 días). Las cuentas empresariales pueden hacer cumplir períodos más cortos para mayor seguridad.

Renovación Instantánea

Habilita la renovación instantánea para operaciones de alto valor. Se requiere re-atestación del dispositivo antes de aprobar transacciones por encima de tu umbral configurado.

Políticas de Operación

Configura diferentes requisitos de atestación para diferentes tipos de operación: operaciones de bóveda, inicios de sesión OAuth, firma de transacciones y gestión de cuenta.

Casos de Uso

2FA esencial para todas las operaciones de ChainGuard

¿Listo para Asegurar tus Operaciones Web3?

Descarga la aplicación móvil ChainGuard gratis y comienza a usar 2FA de nivel empresarial para todas tus operaciones blockchain. Disponible en iOS y Android.

¿Aún no tienes una cuenta ChainGuard? Comienza gratis

ChainGuard Aplicación Móvil

Seguridad 2FA Airgapped para Web3

Cómo Funciona la Aplicación Móvil ChainGuard

Características Clave

Intencionalmente Offline y Off-Chain

Protección Biométrica

Escaneo de Código QR

Transacciones Legibles por Humanos

Procesamiento en Tiempo Real

Almacenamiento Seguro

Compatibilidad Universal de Cadena y Proyecto

Firma de Transacciones y Autenticación

Atestación y Vinculación de Dispositivo

Seguridad y Privacidad

Aislamiento de Clave Privada

Almacenamiento Cifrado

Autenticación Biométrica

Verificación de Transacciones

Gestión de Sesiones

Manejo de Errores

Atestación de Dispositivo

Validez de Atestación Configurable

Atestación de Dispositivo y Configuración de Seguridad

Google Play Integrity API (Android)

Apple App Attest (iOS)

Períodos de Validez Configurables

Renovación Instantánea para Operaciones de Alto Valor

Atestación de Clave Respaldada por Hardware

Verificación del Lado del Servidor

Configuración del Panel

Período de Validez

Renovación Instantánea

Políticas de Operación

Casos de Uso

Autenticación OAuth e Inicio de Sesión

Operaciones de Bóveda

Firma de Transacciones e Inicio de Sesión

Emparejamiento de Dispositivos

Verificación de Identidad

Aprobaciones en Tiempo Real

¿Listo para Asegurar tus Operaciones Web3?

ChainGuard Mobile App - Airgapped 2FA Security for Web3

How ChainGuard Mobile App Works

Key Features

Security Features

Device Attestation

Use Cases