Skip to main content

Quickstart Guide

This guide walks you through setting up and using GRIPLOCK for the first time.

Prerequisites

Before you begin, ensure you have:
1

GRIPLOCK-Compatible NFC Card

Any NFC card with a unique UID (ISO 14443A/B compliant). This includes most modern contactless cards.
2

GRIPLOCK Mobile App

Available for iOS and Android. The app reads NFC cards and establishes secure connections.
3

Modern Web Browser

Chrome, Firefox, Safari, or Edge with WebRTC support enabled.

First-Time Setup

Step 1: Access the Dashboard

Navigate to the GRIPLOCK dashboard in your web browser: 
https://app.griplock.io
You’ll see a QR code displayed on the login screen. This QR code contains:
  • A compressed WebRTC offer
  • The dashboard’s public key for encryption
  • A unique session identifier
  • WebSocket signaling server URL

Step 2: Scan with Mobile App

  1. Open the GRIPLOCK app
  2. Tap Scan QR Code
  3. Point your camera at the dashboard QR code
  4. The app will parse the connection details automatically

Step 3: Tap Your NFC Card

Once connected, the app will prompt you to tap your NFC card:
  1. Hold your NFC card against the back of your phone
  2. Wait for the “Card Detected” confirmation
  3. The app reads the card’s unique identifier (UID)
Keep your card secure! The NFC card UID is one of two factors required to derive your wallet. While the UID alone cannot access your funds, treat it with the same care as any authentication token.

Step 4: Enter Your PIN

After card detection, enter your personal PIN: 
┌─────────────────────────────┐
│     Enter Your PIN          │
│                             │
│       ● ● ● ●               │
│                             │
│   This PIN + your NFC card  │
│   derive your wallet.       │
└─────────────────────────────┘
Choose a strong PIN. Your PIN is never stored anywhere—you must remember it. If you forget your PIN, you’ll need to create a new wallet with a new PIN.

Step 5: Access Your Wallet

Upon successful authentication, the dashboard displays:
  • Solana Address — Your deterministically derived wallet address
  • SOL Balance — Current balance in SOL
  • Token Holdings — SPL tokens held in the wallet
  • Transaction History — Recent on-chain activity

Understanding the Dashboard

GRIPLOCK Dashboard
MenuFunction
SWAPToken-to-token swaps via DEX aggregators
CARDSVirtual Visa card management, Apple Pay & Google Pay
PAYPayment links, QR payments, request money
TRANSFERSend and receive crypto globally
RAMPBuy crypto (on-ramp) and cash out (off-ramp) via Moonpay
STAKESOL staking with auto-compound yields
MICROPAYx402 protocol micropayments for APIs and AI agents
PRIVACYZero-knowledge KYC verification and stealth mode settings
SectionDescription
ProfileYour masked wallet address with copy functionality
BalanceCurrent SOL balance (tap to show/hide)
AssetsList of SPL tokens with balances

Main Panel

SectionDescription
Stats CardsQuick overview of wallets, virtual cards, and connected wallets
TransactionsRecent activity including sends, receives, and x402 payments

Session Management

GRIPLOCK sessions are designed for security:

15-Minute Timeout

Sessions expire after 15 minutes of inactivity

Activity Detection

Mouse movement, clicks, scrolling, and keyboard input reset the timer

Encrypted Storage

Session data is AES-256-GCM encrypted in browser storage

Manual Logout

Click the logout button to immediately terminate the session

Session Persistence

Your session persists across page refreshes, but credentials are:
  • Encrypted with a session-derived key
  • Stored with an expiration timestamp
  • Automatically cleared when expired

Next Steps

Architecture Overview

Understand how GRIPLOCK components interact

Security Deep Dive

Learn about the cryptographic foundations

Troubleshooting

Ensure adequate lighting and hold your phone steady. The QR code contains compressed data and requires a clear capture.
  • Check that NFC is enabled on your device
  • Remove any phone case that may block NFC
  • Try positioning the card at different angles
  • Some phones have NFC sensors at specific locations
  • Verify both devices have internet connectivity
  • Check that WebRTC is not blocked by firewall
  • Try refreshing the dashboard for a new QR code
Sessions expire after 15 minutes of inactivity. Any user interaction resets this timer. If sessions expire too quickly, ensure you’re actively using the dashboard.