Account Registration & Identity Layer

OrangeBit adopts a hybrid identity framework, integrating both Web2 (email-based) and Web3 (wallet-based) authentication methods.

This dual-identity model ensures an inclusive user experience — allowing traditional users to onboard easily while preserving full sovereignty for decentralized participants.

Registration Methods

1. Email Registration (via Privy)

OrangeBit leverages Privy, a secure identity infrastructure provider, to enable privacy-preserving email registration and authentication.

Through Privy’s APIs, users can:

• Create an account using email-based login (no wallet required at signup).

• Verify ownership via secure magic links or OTP verification.

• Seamlessly link or upgrade their email account to a wallet at any time.

• Recover account access through Privy’s decentralized key management system.

All credentials and authentication data are handled by Privy’s encrypted infrastructure, ensuring:

• No plaintext password storage.

• Full compliance with global data protection regulations (GDPR, CCPA).

• End-to-end encryption of login sessions and key material.

This approach makes OrangeBit accessible to users unfamiliar with Web3 wallets, while maintaining enterprise-grade security standards.

2. Wallet Registration (Non-Custodial Access)

Users who prefer full decentralization can register directly by connecting a Web3 wallet such as:

• MetaMask

• WalletConnect

• OKX Wallet

• Coinbase Wallet

Wallet-based login uses EIP-191 / EIP-712 cryptographic signatures for authentication — no passwords, emails, or custodial credentials are stored by OrangeBit.

User authorization is tied directly to wallet ownership, providing trustless access to trading, liquidity pools, and staking modules.

Unified Identity Layer

Both registration paths converge within the OrangeBit Identity Layer (FIL), which provides unified account management and interoperability across all modules.

Key capabilities include:

• Linking email and wallet identities under one account (optional).

• Preserving user privileges (VIP level, trading history, points) across login methods.

• Supporting frictionless transitions between Web2 and Web3 environments.

This architecture allows OrangeBit to deliver a CEX-like user experience while maintaining DeFi-grade transparency and ownership.

Security & Compliance

• Authentication and key management are handled through Privy’s audited infrastructure, using AES-256 encryption and zero-knowledge principles.

• All wallet sessions are non-custodial — OrangeBit never holds private keys.

• Optional 2FA and hardware key (FIDO2/U2F) support for additional protection.

• Full compliance with GDPR, CCPA, and other applicable data protection frameworks.

V2 (9–18 months): Integration of MPC-based Smart Accounts and Social Login via Privy SDK, enabling passwordless access, delegated trading permissions, and institution-grade session recovery.