The web app uses a different security model from the desktop app. Understanding the differences helps you make informed decisions about which client to use.
Trust Model
| Desktop App | Web App |
|---|
| Model | Non-custodial (local signing) | Non-custodial (delegated signing via Privy TEE) |
| Who signs | You, locally | Privy’s TEE, on your behalf |
| Who submits | You choose (RPC, Helius, etc.) | LaserSell’s servers via its own RPC |
| Key location | Your machine (encrypted) | Privy’s Trusted Execution Environment |
| LaserSell sees your key? | Never | Never (TEE is hardware-isolated) |
Privy TEE
Privy is a wallet infrastructure company acquired by Stripe. Privy stores your private key in a Trusted Execution Environment (TEE), a hardware-isolated enclave. The key never leaves the TEE, even when signing transactions. LaserSell requests Privy to sign a transaction, Privy signs it inside the TEE, and returns only the signed result.
This means:
- LaserSell servers never have access to your private key
- A LaserSell server compromise cannot leak your key
- You can export your key at any time via Privy’s secure UI
Wallet Ownership Verification
When you register a wallet, the web app signs a proof message (lasersell-register:<pubkey>:<timestamp>) using Privy’s signMessage API. This ed25519 signature is verified by LaserSell’s servers, proving you control the wallet. This is the same verification flow used by the desktop app.
Transaction Flow
When an auto-sell triggers:
- LaserSell’s monitoring server detects a strategy threshold hit
- An unsigned transaction is built (same as desktop)
- LaserSell requests Privy to sign the transaction (sign-only, not submit)
- Privy signs inside the TEE and returns the signed transaction
- LaserSell submits the signed transaction to Solana via its own RPC
- You receive a notification with the transaction signature
At no point do LaserSell’s servers see your private key. The signing and key storage are entirely within Privy’s infrastructure.
Data Protection
| Data | Storage | Access |
|---|
| API keys | Encrypted in Supabase | Column-level security prevents browser access to raw keys |
| Wallet private keys | Privy TEE | Never accessible to LaserSell |
| Trading session state | Supabase (RLS-protected) | Only your own sessions visible |
| Notifications | Supabase (RLS-protected) | Only your own notifications visible |
| Push subscriptions | Supabase (RLS-protected) | User-managed |
Removing Your Key from Privy
If you want to fully remove your private key from Privy’s infrastructure:
Imported Wallets
- Go to the Wallet page in your dashboard
- Click the trash icon on the imported wallet card
- This removes the wallet from LaserSell AND deletes the key from Privy’s TEE
- The key is permanently destroyed in the enclave
Embedded Wallets
Embedded wallets are tied to your Privy account. To remove them:
- Export your private key first (click “Export Key” on the wallet card)
- Store the exported key safely in your own wallet (Phantom, Backpack, etc.)
- Contact support to request Privy account deletion
- Once your Privy account is deleted, the embedded wallet key is permanently destroyed
Deleting a wallet or Privy account is irreversible. If you have not exported your private key, you will permanently lose access to any funds in that wallet.
Recommendations
- Use a dedicated trading wallet for web trading rather than your primary holding wallet
- Toggle off web trading when switching to the desktop app to avoid duplicate sell attempts
- Export your private key after importing a wallet as a backup
- Review your exit strategy’s max slippage setting (defaults to 5%) to protect against MEV during unattended execution
