Developer FAQ

Some common questions about Capsule. See something that isn't covered? reach out at

Product and End User Experience

How configurable is the UI and copy in the Capsule flow?

All copy and UI is fully configurable, customers will be able to fully whitelabel the product. Capsule does want the experience to be somewhat consistent for users, however copy/color/size is fully customizable.

To leverage configs, please refer to the Customize Capsule Section

Does Capsule support social login?

Capsule currently supports sign in via Google, Apple, Twitter/X, Discord, and Facebook

What products does Capsule offer?

Capsule offers TS/React, React Native, and Flutter SDKs for web and mobile developers.

Is Capsule Open Source?

Capsule’s codebase is not (yet) open sourced. However, Capsule will open source/openly publish the following:

  • Core SDKs (available to partners)

  • Signing and Transaction Logs

  • Permissions (future)

What is the Capsule Backup Kit?

This is the key that Capsule uses to sign transactions you initiate. The Backup Kit is a way to access your wallet in case of an emergency where Capsule services are not running. Normally, you will not need this key to transact.

Please avoid sharing this key with anyone – Capsule will never request this from you. If you lose this key, you can always contact Capsule for a copy.

What are sessions?

Capsule uses sessions as a security measure when signing transactions, session length is 90 minutes by default

Does Capsule use Account Abstraction?

Capsule uses MPC for key management, but works with ERC-4337 out of the box. For more reading on MPC vs. AA, check out this section

Security, Architecture, and Availability

How is Capsule's MPC implemented?

Capsule uses the DKLS19 MPC algorithm, and leverages an open source implementation for core functions like distributed key generation and signing ceremonies.

If Capsule servers were to go offline, can users still sign transactions?

As long as the cloud key sent during onboarding is not deleted by the user, they may always refresh keys, export, or sign transactions independently.

Capsule is not able to sign or censor transactions.

How does Capsule mitigate key theft, loss, and other common attack vectors?

Device key loss – If a user loses their device key (by misplacing their phone, changing laptops, etc), the user will need the recovery secret in order to recover access to their wallet.

Theft of device key – If a user has their device key stolen, key recovery can be performed, which uses the backup key share to restore access.

Is Capsule custodial? How is Capsule different from custodial services?

Capsule is non-custodial.

Many custodians, built for HNW individuals or institutions, will allow you to set up different access privileges (eg. a super wallet to revert transactions where necessary). However many custodial embedded wallet infrastructure products are very constrained and tend to silo assets to a single client. This is far from ideal - perhaps someone will onboard to a website where they receive a free NFT but will be unable to move the asset around.

Capsule can support such use cases while still being non-custodial, enabling more universal access. Capsule plans to support policies where you can specify which signer can sign transactions and integrate risk scoring.

Where are keys and data actually stored? For example, how does the biometric confirmation work?

The biometric key is stored on-device in a secure enclave. Currently, only secp256k1 curve signatures can be used for Ethereum based transactions. However, the secp256r1 curve is the one that is supported in the secure enclave. Capsule generates an secp256r key-- however, it’s only used to authorize a secp256k1 curve signature for ECDSA signatures.

For a more in-depth overview, check out this section.

What signature structure does Capsule use?

Capsule uses the EIP712-specified transaction signature interface. We also publish an EIP-1193 Provider, most commonly used via the Wagmi Connector

Last updated