Web Wallet

The XE web wallet

The XE web wallet is a browser-based application for managing accounts on the XE network. It supports sending and receiving assets, compute lease management, P2P chat, DAO governance, and state chain inspection -- all without a server-side backend holding keys.

Key properties

  • Client-side keys -- seeds are encrypted with AES-GCM and stored in localStorage. Decrypted keys exist only in memory during an active session.
  • Multi-wallet -- manage multiple accounts from a single interface, each with its own encrypted seed.
  • Auto-receive -- a background poller detects and processes pending sends automatically.
  • Offline signing -- all block signing and PoW computation happens in the browser. The wallet communicates with a node only for chain state and block submission.

Features

Feature

Description

Send / Receive

Transfer XE and XUSD between accounts

Claim

Claim 100 XUSD from the testnet faucet (once per 24h)

Multi-asset balances

View XE and XUSD balances per wallet

P2P Chat

Encrypted messaging between accounts

Compute leasing

Request, monitor, and manage VM leases

DAO governance

Draft, sign, and submit state chain blocks

State inspector

Browse state chain blocks and KV state

Auto-receive

Background polling with automatic receive block creation

Wallet management

Create, import, rename, delete, and switch wallets

Tech stack

Component

Version

Purpose

SvelteKit

2.0

Application framework (with Svelte 5 runes)

Svelte

5

Reactivity and components

TailwindCSS

4

Styling

tweetnacl

--

Ed25519 key generation, signing, verification

blakejs

--

Blake2b for proof of work

adapter-static

--

Static SPA output

Security model

Seeds are encrypted at rest using AES-GCM with keys derived via PBKDF2 (100,000 iterations, SHA-256). Decrypted seeds live in memory only -- they are never written to disk or sent over the network.

A 5-minute idle timeout monitors user activity (mouse, keyboard, touch, scroll) and automatically locks the wallet when no activity is detected. Locking zeros out all in-memory seeds.

[!WARNING] Browser security The wallet trusts the browser environment. Users should ensure their device is free of malware and use a strong passphrase. The encrypted seeds in localStorage are only as secure as the passphrase protecting them.

See Security for the full encryption and session management specification.

Deployment

The wallet is built as a static SPA and served from a Docker container:

  1. Build stage: Node 22 Alpine installs dependencies and runs npm run build
  2. Runtime stage: Caddy 2 Alpine serves the output at the /wallet base path

In production, Caddy serves the wallet's static files from /opt/xe/web/wallet/ at the /wallet/ path. See Deployment for the full setup.

See also

  • Security -- AES-GCM encryption, session management, storage schema
  • Features -- detailed feature reference
  • Explorer -- the companion block explorer
  • API Reference -- HTTP endpoints the wallet communicates with
Key propertiesFeaturesTech stackSecurity modelDeploymentSee also