All copy and UI is fully configurable, customers will be able to fully whitelabel the product. Capsule does want the experience to be somewhat consistent for users, however copy/color/size is fully customizable.

To leverage configs, please refer to the Customize Capsule Section

Capsule currently supports sign in via Google, Apple, Twitter/X, Discord, and Facebook

Capsule offers TS/React, React Native, and Flutter SDKs for web and mobile developers.

Capsule’s codebase is not (yet) open sourced. However, Capsule will open source/openly publish the following:

• Core SDKs (available to partners)

• Signing and Transaction Logs

• Permissions (future)

This is the key that Capsule uses to sign transactions you initiate. The Backup Kit is a way to access your wallet in case of an emergency where Capsule services are not running. Normally, you will not need this key to transact.

Please avoid sharing this key with anyone – Capsule will never request this from you. If you lose this key, you can always contact Capsule for a copy.

Capsule uses sessions as a security measure when signing transactions, session length is 90 minutes by default

Capsule uses MPC for key management, but works with ERC-4337 out of the box. For more reading on MPC vs. AA, check out this section

Capsule uses the DKLS19 MPC algorithm, and leverages an open source implementation for core functions like distributed key generation and signing ceremonies.

As long as the cloud key sent during onboarding is not deleted by the user, they may always refresh keys, export, or sign transactions independently.

Capsule is not able to sign or censor transactions.

Device key loss – If a user loses their device key (by misplacing their phone, changing laptops, etc), the user will need the recovery secret in order to recover access to their wallet.

Theft of device key – If a user has their device key stolen, key recovery can be performed, which uses the backup key share to restore access.

Capsule is non-custodial.

Many custodians, built for HNW individuals or institutions, will allow you to set up different access privileges (eg. a super wallet to revert transactions where necessary). However many custodial embedded wallet infrastructure products are very constrained and tend to silo assets to a single client. This is far from ideal - perhaps someone will onboard to a website where they receive a free NFT but will be unable to move the asset around.

Capsule can support such use cases while still being non-custodial, enabling more universal access. Capsule plans to support policies where you can specify which signer can sign transactions and integrate risk scoring.

The biometric key is stored on-device in a secure enclave. Currently, only secp256k1 curve signatures can be used for Ethereum based transactions. However, the secp256r1 curve is the one that is supported in the secure enclave. Capsule generates an secp256r key-- however, it’s only used to authorize a secp256k1 curve signature for ECDSA signatures.

For a more in-depth overview, check out this section.

Capsule uses the EIP712-specified transaction signature interface. We also publish an EIP-1193 Provider, most commonly used via the Wagmi Connector