Wallets & Security
Ape gives you a real Solana wallet the moment you start, and keeps it ready to trade without asking you to paste a private key on every action. This page covers how to manage your wallets, how your keys are protected, and the one rule that matters most: back up your key.
Your wallet is a real Solana wallet
The wallet Ape creates is an ordinary Solana keypair. You can export its private key and load it into Phantom, Solflare, or any other wallet at any time. Nothing about it is locked to Ape.
You can hold more than one. Open Wallets to see them all with live balances, and to:
- Create Wallet: spin up a fresh wallet instantly.
- Import Wallet: paste an existing base58 private key to bring a wallet in. It is encrypted at rest, the same as any other.
- Tap a wallet to Set primary, Rename it, or Export its key.
- Disperse SOL: split SOL from your primary wallet across your others in a single transaction.
Export your key any time
Your key is yours, and you can take it with you whenever you want.
Open Wallets
Send /wallets and tap Export Key, or tap a specific wallet and choose Export key.
Pass the security check
If you have set an Account Security passphrase, Ape asks for it first.
Save it, then delete the message
Ape reveals the base58 private key. Copy it somewhere safe, then delete the message from the chat.
Anyone who has your private key controls that wallet completely. Never paste it anywhere you did not mean to, and never share it with anyone, including someone claiming to be Ape support.
Withdraw SOL
Send /withdraw, paste the destination address, enter an amount, and confirm. To empty everything at once, tap Withdraw all wallets: each wallet sends its balance to one address, keeping a tiny amount back for fees. If you have a passphrase set, withdrawals ask for it.
How your keys are protected
Ape is custodial, which means it holds your encrypted key so it can trade on your instruction without a wallet pop-up every time. The protection around that key is built so that a breach of the website alone gives an attacker nothing usable:
- Two layers of encryption. Each wallet’s private key is encrypted with its own one-time data key (AES-256-GCM). That data key is then sealed by a separate master key.
- The master key is not on the website. It lives only inside an isolated signing service, never in the servers that run this site and never in the database. A full database dump combined with a leak of the web app’s environment yields ciphertext only, with no way to unlock it.
- Keys are used, not stored in the open. A key is decrypted only inside that isolated service, only for the instant it takes to sign the one instruction you asked for, and the plaintext is wiped from memory immediately after. There is no plaintext list of keys sitting anywhere.
In short: the site cannot read your key, and there is no master vault of keys for a leak to expose.
We cannot recover it for you
This protection cuts both ways. Because the key is genuinely yours, there is no seed phrase we keep on your behalf and no reset button. If you lose your exported key, or set a passphrase and forget it, we cannot bring it back. Back up your key the moment Ape first shows it to you.
Guardrails on every trade
A few limits sit in front of your funds at all times:
- A per-trade cap so a single mistyped command cannot move more than it should.
- A confirmation step before anything spends your SOL (on by default; tunable in Settings).
- An Account Security passphrase you can set to guard withdrawals and key exports.
Staying safe
- Back up your key somewhere only you can reach, and store your passphrase separately.
- Ape never DMs you first, never asks for your seed phrase, and never posts airdrop links.
- Do not tap ads at the top of Telegram. They are not from us and are usually scams.
- Fund with what you intend to trade. A hot trading wallet is for trading, not for storing savings.