# Asset Control, Recovery, and Governance in OISY Wallet

<figure><img src="/files/R3uQM8uZItam737Jj6pB" alt=""><figcaption></figcaption></figure>

### Can OISY access the private keys of native assets? Who controls the assets?

The private keys do not physically exist and thus OISY cannot access them. Assets are controlled by a distributed [cryptographic threshold protocol on the Internet Computer](https://internetcomputer.org/docs/current/references/t-sigs-how-it-works). This means no individual entity—including OISY—can ever gain full control over the key. Each user has sole authority over their assets and can exercise their control via the NNS-controlled [Chain Fusion Signer](https://github.com/dfinity/chain-fusion-signer) canister and their [Internet Identity](https://internetcomputer.org/internet-identity). Only when a user explicitly authorizes a transaction to be signed, will the network run the cryptographic protocol to create a signature on the user’s behalf. This robust, decentralized design highlights OISY’s core strength: ensuring user sovereignty over assets while maintaining top-tier security and releaving the user from managing cryptographic keys.

### Who manages OISY canisters? What happens to assets if canisters run out of cycles?&#x20;

OISY’s frontend (cha4i-riaaa-aaaan-qeccq-cai) and backend (doked-biaaa-aaaar-qag2a-cai) canisters are managed by the OISY Wallet development team, with updates undergoing rigorous code reviews and multi-level approvals. Meanwhile, the [Chain-Fusion Signer](https://github.com/dfinity/chain-fusion-signer) canister (grghe-syaaa-aaaar-qabyq-cai) and all Internet Identity canisters are governed by the Network Nervous System (NNS). Their code updates are of course also rigorously reviewed.

Critically, user assets always reside on their respective ledgers on the respective blockchains rather than within these canisters. Even if OISY canisters were to be removed or replaced, the underlying assets remain secure and can be accessed by their owners again once new or replacement canisters are deployed.

If an OISY canister would deplete its cycles, it would simply become “frozen,” meaning the Internet Computer stops scheduling it until it’s refueled with cycles—a process that anyone can perform. However, the OISY Wallet team has procedures in place to always keep canisters fuelled, ensuring reliable and continuous access to assets.

### What happens to wallet assets if the domain OISY.com expires or is hacked?

The domain OISY.com serves merely as a human-friendly pointer to the onchain frontend canister. Should the domain expire or be compromised and pointed elsewhere, the integrity of the assets remains intact as transfers can only be executed upon owner authorization via their Internet Identity.

### Can I access the private keys of Ethereum/Bitcoin/Solana wallets?

OISY Wallet uses the Internet Computer’s cryptographic threshold protocols as well as key derivation. Therefore it is not possible to extract the private keys. This innovative design strengthens security while preserving user sovereignty over Ethereum, Bitcoin, and Solana assets and relieves the user from the difficult and error prone task of managing and securing cryptographic keys.

### What are the Recovery Options in OISY? &#x20;

OISY Wallet is fully [open-source](https://github.com/dfinity/oisy-wallet), allowing users to run a local version of the codebase and maintain independent access to their assets, even without oisy.com or the official canisters. Transaction signing occurs through the ChainFusion Signer with authorization via Internet Identity, both of which are controlled by the Network Nervous System (NNS), one of the largest DAOs globally..

Because your Internet Identity ultimately governs access to your funds, the most important recovery measure is to safeguard your Internet Identity. We recommend adding backup devices such as a YubiKey to your Identity and make use of the passkey recovery mechanisms that Apple and Google offer for their devices. This ensures you have multiple ways to securely restore access to your OISY-managed assets.<br>

### Will the community be able to participate in project governance?

Currently, development is managed by the OISY Wallet team, incubated by the DFINITY Foundation. For projects built on the Internet Computer—like OISY Wallet—there is a strong push toward decentralization. The community can expect future developments in this area—stay tuned.

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.oisy.com/security/asset-control-recovery-and-governance-in-oisy-wallet.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.