X-Multi

Getting Started with X-Multi

X-Multi lets your team manage a shared vault on the XRP Ledger. Multiple people must approve every transaction — no single person can move funds alone.

Setup (2 minutes, one time)

1

Connect your wallet

30 seconds

Tap "Connect with Xaman" or use WalletConnect. This just identifies which wallet address you are — no keys are shared.

2

Import your signing key (one time only)

1 minute

When you approve your first proposal, you'll be asked to enter your seed phrase. This is the only time you'll ever type it. X-Multi encrypts it instantly using AES-256-GCM encryption — the same standard banks use — and your raw seed is wiped from memory.

3

Set a password

30 seconds

Choose a strong password (12+ characters). This protects your encrypted key. From now on, you'll only enter this password to approve transactions — never your seed phrase again.

4

Approve proposals with one click

Instant

When a proposal needs your approval, just enter your password and tap "Approve & Sign." Your key is decrypted for a fraction of a second, signs the transaction, and is immediately wiped from memory.

After setup

Every time you need to approve a transaction, you'll see a green "Approve & Sign" button. Tap it, enter your password, done. No seed phrases, no QR codes, no app switching. Your vault auto-locks after 5 minutes of inactivity for security.

Security

Encryption

AES-256-GCM

Key derivation

PBKDF2 · 600K iterations

Crypto library

Browser Web Crypto API

Seed storage

Encrypted locally only

Server access

Never sees your key

Auto-lock

5 min inactivity

Common questions

Is my seed phrase stored somewhere?

Your seed phrase is encrypted with AES-256-GCM using a key derived from your password via PBKDF2 with 600,000 iterations. The encrypted data is stored locally in your browser. The raw seed phrase is never stored, never sent to any server, and never visible after the initial import.

What if I forget my password?

After 3 failed attempts, a "Forgot password?" option appears. You'll re-enter your original seed phrase to verify your identity, then set a new password. Your key is re-encrypted with the new password.

Can X-Multi steal my keys?

No. Your encrypted key never leaves your browser. X-Multi's servers never see your seed phrase or your password. All encryption happens locally using your browser's built-in Web Crypto API — no external libraries. The code is open source on GitHub for anyone to audit.

What if I clear my browser data?

You'll need to re-import your seed phrase and set a new password. This is a one-time process that takes about 2 minutes.

Is this the same as how other wallets work?

Yes. MetaMask, Crossmark, and GemWallet all use the same architecture — encrypt the key locally, unlock with a password. X-Multi uses the same industry-standard encryption.

What happens when I approve a proposal?

Your password decrypts your key in memory for a fraction of a second. The key signs the transaction in the proper multisig format, then is immediately wiped from memory. Only the signed transaction blob is sent to the server — never your key.

Do I need to install anything?

No. X-Multi works in any browser — Chrome, Edge, Safari, Firefox, on desktop or mobile. No extensions or apps required.

Open X-Multi

Questions? Reach out to your vault admin.