💬

FAQ

If you're using an application supported by Capsule, you're in the right place!
This page answers some common questions you may have about how your wallet is managed. If you have any questions you don't see covered here, we'd love to hear from you at [email protected]​

General

What is Capsule? Why do I see it in my application?
​Capsule is an easy way to create a wallet and sign transactions on chain across different applications. You’re probably here because an application you’re using is partnering with capsule to create secure wallets using an email or social login.
How does Capsule work?
Capsule uses a 2-of-2 Multi-Party Computation (MPC) system to securely generate keys for you in your application and keep them safe. Capsule system uses the following technologies to secure your wallet:
  • Passkeys and Secure Enclaves: Instead of storing keys in the browser or relying on easily-compromised social logins for access, Capsule implements the WebAuthN standard, which uses the Hardware Enclaves on your device
  • Distributed MPC: Many web-based wallets, even those who claim to use MPC, often reassemble and store private keys in the browser. Capsule uses distributed Multi-Party Computation (MPC) to ensure that your entire private key is never in one place, much less the browser where it is vulnerable to attack. To learn more about how MPC works, please refer to our developer docs or check out this blog post​
  • Permissions: The convenience of connecting the same wallet to many apps can be risky when not managed with care. Capsule’s permissions system puts you in the driver’s seat on what you allow different apps to access and sign on your behalf. When granting permissions, always make sure you trust the application. If you ever want to adjust permissions, you can do so on the Capsule Portal​
How and where can I use my Capsule-powered wallet?
Once you’ve created a wallet with one of Capsule’s partners, your wallet can be used anywhere that you can connect a wallet.

Security & Privacy

How does Capsule keep my wallet safe?
Capsule offers best in class security and protection against both common and uncommon attack vectors. These include:
  • Login Hacks/SIM Swap Attacks: Even if your email, social login, or phone number is compromised, an attacker would still need to obtain and unlock your device to successfully login or sign a transaction with your Capsule Wallet.
  • Browser-Based Key Extraction Attacks: Many web-based wallets store private keys in the browser. Capsule uses distributed Multi-Party Computation to ensure that your entire private key is never in one place, much less the browser where it is vulnerable to attack. To learn more about how MPC works, please refer to our developer docs or check out this blog post​
  • Resilient & Censorship Resistant: Capsule’s design is censorship-resistant, meaning that no one- not even the application you’re using or Capsule- can prevent you from signing a transaction, either accidentally through an outage or intentionally through blocking a transaction.
Can Capsule access my wallet?
No, never. Only you have both keys that are required to access your wallet.
Can the applications I’m using access my wallet?
No, never. Only you have both keys that are required to access your wallet. Some other embedded wallets may allow applications to access private keys, but with Capsule only you can sign transactions unilaterally.
Does Capsule store any of my personal information?
Capsule stores the authentication mechanism you sign up for and identify an account with, in most cases your provided email. Beyond this, we collect some basic usage logs to assist in resolving bugs and any issues.
Why is Capsule asking me to complete 2 Factor Authentication?
2 Factor Authentication is an optional step to add additional protection to your account. 2FA can be used to speed up the recovery process if you lose access to your devices, and in the future to add more protection to certain types of larger or riskier transactions.

Backup and Recovery

How does Capsule Key management work?
Capsule’s system uses 2 secrets to keep your account safe. Both of these secrets are sensitive, and you should never share them with anyone.
The Backup Key is one of two keys that is used to perform transactions (The other one is protected by the passkey you set up and access to log in). Usually, this is the key Capsule uses to sign transactions you initiate, but we also share this key with you so that in the case of an outage, or if you decide you’d like to transact on your own, you are always able to. If you ever lose this key, you can contact Capsule for a copy. However, you should not share this key with anyone.
The Recovery Secret is used to protect your account in the case your phone or laptop is lost or stolen. You will need this recovery secret to recover access to your account. When possible, you should always add multiple devices to your capsule wallet if you can to ensure that losing a device allows you to access your account without interruption
What is the backup kit email from Capsule for?
The Backup Kit email contains the Backup Key, described above. Please do not share this email with anyone!
What is the recovery secret?
The Recovery Secret (see above) is required to restore access to your account if you lose your phone or laptop, and is different from the 2 keys that are used to sign transactions — its sole purpose is to help you regain access to your account if you lose your device. Keep this secret safe. Please note that if you lose both your recovery secret and all devices that are connected to capsule, it will not be possible to restore access to your account. Your application may choose to help store this secret on your behalf- if this is the case, you’ll need to get in touch with your application if you need to recover your account.
I lost my phone or laptop! How do I recover my wallet?
​The Capsule Portal is the easiest way to regain access to your wallet if it’s been lost. You’ll need the following to restore access
  • Your email account
  • 2FA, if you set it up
  • Your Recovery Secret (see above) — you may need to request this from the application you’re using