Developer FAQ
Some common questions about Capsule. See something that isn't covered? reach out at hello@usecapsule.com
Product and End User Experience
How configurable is the UI and copy in the Capsule flow?
All copy and UI is fully configurable, customers will be able to fully whitelabel the product. Capsule does want the experience to be somewhat consistent for users, however copy/color/size is fully customizable.
To leverage configs, please refer to the Customize Capsule Section
Does Capsule support social login?
Capsule currently supports sign in via Google, Apple, Twitter/X, Discord, and Facebook
What products does Capsule offer?
Capsule offers TS/React, React Native, and Flutter SDKs for web and mobile developers.
Is Capsule Open Source?
Capsuleβs codebase is not (yet) open sourced. However, Capsule will open source/openly publish the following:
Core SDKs (available to partners)
Signing and Transaction Logs
Permissions (future)
What is the Capsule Backup Kit?
This is the key that Capsule uses to sign transactions you initiate. The Backup Kit is a way to access your wallet in case of an emergency where Capsule services are not running. Normally, you will not need this key to transact.
Please avoid sharing this key with anyone β Capsule will never request this from you. If you lose this key, you can always contact Capsule for a copy.
What are sessions?
Capsule uses sessions as a security measure when signing transactions, session length is 90 minutes by default
Does Capsule use Account Abstraction?
Capsule uses MPC for key management, but works with ERC-4337 out of the box. For more reading on MPC vs. AA, check out this section
Security, Architecture, and Availability
How is Capsule's MPC implemented?
Capsule uses the DKLS19 MPC algorithm, and leverages an open source implementation for core functions like distributed key generation and signing ceremonies.
If Capsule servers were to go offline, can users still sign transactions?
As long as the cloud key sent during onboarding is not deleted by the user, they may always refresh keys, export, or sign transactions independently.
Capsule is not able to sign or censor transactions.
How does Capsule mitigate key theft, loss, and other common attack vectors?
Device key loss βΒ If a user loses their device key (by misplacing their phone, changing laptops, etc), the user will need the recovery secret in order to recover access to their wallet.
Theft of device key βΒ If a user has their device key stolen, key recovery can be performed, which uses the backup key share to restore access.
Is Capsule custodial? How is Capsule different from custodial services?
Capsule is non-custodial.
Many custodians, built for HNW individuals or institutions, will allow you to set up different access privileges (eg. a super wallet to revert transactions where necessary). However many custodial embedded wallet infrastructure products are very constrained and tend to silo assets to a single client. This is far from ideal - perhaps someone will onboard to a website where they receive a free NFT but will be unable to move the asset around.
Capsule can support such use cases while still being non-custodial, enabling more universal access. Capsule plans to support policies where you can specify which signer can sign transactions and integrate risk scoring.
Where are keys and data actually stored? For example, how does the biometric confirmation work?
The biometric key is stored on-device in a secure enclave. Currently, only secp256k1 curve signatures can be used for Ethereum based transactions. However, the secp256r1 curve is the one that is supported in the secure enclave. Capsule generates an secp256r key-- however, itβs only used to authorize a secp256k1 curve signature for ECDSA signatures.
For a more in-depth overview, check out this section.
Last updated