If you're using an application supported by Capsule, you're in the right place!
Capsule is an easy way to create a wallet and sign transactions on chain across different applications. You’re probably here because an application you’re using is partnering with capsule to create secure wallets using an email or social login.
Capsule uses a 2-of-2 Multi-Party Computation (MPC) system to securely generate keys for you in your application and keep them safe. Capsule system uses the following technologies to secure your wallet:
- Passkeys and Secure Enclaves: Instead of storing keys in the browser or relying on easily-compromised social logins for access, Capsule implements the WebAuthN standard, which uses the Hardware Enclaves on your device
- Distributed MPC: Many web-based wallets, even those who claim to use MPC, often reassemble and store private keys in the browser. Capsule uses distributed Multi-Party Computation (MPC) to ensure that your entire private key is never in one place, much less the browser where it is vulnerable to attack. To learn more about how MPC works, please refer to our developer docs or check out this blog post
- Permissions: The convenience of connecting the same wallet to many apps can be risky when not managed with care. Capsule’s permissions system puts you in the driver’s seat on what you allow different apps to access and sign on your behalf. When granting permissions, always make sure you trust the application. If you ever want to adjust permissions, you can do so on the Capsule Portal
Capsule offers best in class security and protection against both common and uncommon attack vectors. These include:
- Login Hacks/SIM Swap Attacks: Even if your email, social login, or phone number is compromised, an attacker would still need to obtain and unlock your device to successfully login or sign a transaction with your Capsule Wallet.
- Browser-Based Key Extraction Attacks: Many web-based wallets store private keys in the browser. Capsule uses distributed Multi-Party Computation to ensure that your entire private key is never in one place, much less the browser where it is vulnerable to attack. To learn more about how MPC works, please refer to our developer docs or check out this blog post
- Resilient & Censorship Resistant: Capsule’s design is censorship-resistant, meaning that no one- not even the application you’re using or Capsule- can prevent you from signing a transaction, either accidentally through an outage or intentionally through blocking a transaction.
2 Factor Authentication is an optional step to add additional protection to your account. 2FA can be used to speed up the recovery process if you lose access to your devices, and in the future to add more protection to certain types of larger or riskier transactions.
Capsule’s system uses 2 secrets to keep your account safe. Both of these secrets are sensitive, and you should never share them with anyone.
The Backup Key is one of two keys that is used to perform transactions (The other one is protected by the passkey you set up and access to log in). Usually, this is the key Capsule uses to sign transactions you initiate, but we also share this key with you so that in the case of an outage, or if you decide you’d like to transact on your own, you are always able to. If you ever lose this key, you can contact Capsule for a copy. However, you should not share this key with anyone.
The Recovery Secret is used to protect your account in the case your phone or laptop is lost or stolen. You will need this recovery secret to recover access to your account. When possible, you should always add multiple devices to your capsule wallet if you can to ensure that losing a device allows you to access your account without interruption
The Recovery Secret (see above) is required to restore access to your account if you lose your phone or laptop, and is different from the 2 keys that are used to sign transactions — its sole purpose is to help you regain access to your account if you lose your device. Keep this secret safe. Please note that if you lose both your recovery secret and all devices that are connected to capsule, it will not be possible to restore access to your account. Your application may choose to help store this secret on your behalf- if this is the case, you’ll need to get in touch with your application if you need to recover your account.
- Your email account
- 2FA, if you set it up
- Your Recovery Secret (see above) — you may need to request this from the application you’re using