Passkeys gate access to users' wallets, enabling only them to sign transactions.
Your users sign in just as they would to any other web2 website.
Facilitate ERC-20 token interaction without logins. Generate non-custodial wallets programmatically through email addresses, triggering deposits on app engagement.
Help your customers get crypto instantly with a single-click from our dashboard.
Secure your wallet seamlessly with FaceID or a password manager. Choose familiar options like email codes for added security.
We’ve built the first native integration with our partners Zerodev and Alchemy (coming soon) to make smart contract wallets seamlessly fit into your Dapp
& more to come...
Use Dynamic’s auth solution, authorization tools, and user management system
alongside leading wallet-as-a-service providers.
What is TSS-MPC?
TSS-MPC, or Threshold Signature Scheme with Multi-Party Computation, is a cryptographic method that allows multiple parties to jointly generate a single digital signature, enhancing security by distributing the signing power among participants without revealing the private key to any single party.
What is an Embedded Wallet?
You can think of an embedded wallet like a powerful web-account. An embedded wallet is a programmable web3 crypto wallet that can be issued invisibly to customers on your website. Customers with an embedded wallet can immediately receive digital tokens and make on-chain interactions without needing to go through the complexities of understanding the intricacies of typical EOA wallets like metamask or Phantom.
What are passkeys?
Passkeys are a new type of passwordless authentication designed to be more secure and convenient than traditional passwords. They are based on the Web Authentication (WebAuthn) standard, which uses public key cryptography to create a secure link between a user’s device and a website or app. They were developed by the FIDO alliance (made up of companies like Apple, Google, Microsoft, Amazon, 1Password, among others).
Unlike traditional passwords, which create friction and pose phishing risks, passkeys leverage a familiar pattern of using a biometric (FaceID, or TouchID) to securely create and store a credential to the user’s device.
How is Dynamic using passkeys?
Dynamic uses passkeys as a security method to authenticate and gate access to embedded wallet private keys. Specifically, passkeys are used to ensure that your users are in control of their private keys by leveraging secure enclaves. By simple analogy, passkeys and secure enclaves are similar to a safety deposit box vault. That is, your end users have a key to access their locked box (i.e., wallet), while enjoying the benefits of having the box secured with vault-level security. The safety deposit box is inside the vault, but only the end user, with their key, can access the contents inside the box. After authenticating via email or social, users are prompted to create a passkey with their device (e.g., biometrics). This grants them a wallet and enables transaction signing with that passkey. The wallet’s private key is encrypted at rest, and only decrypted within secure enclaves with a signature from the user’s passkey.
How does recovery work?
Please refer to our recovery guide here.
Are embedded wallets custodial or non-custodial?
Our embedded wallet offering is non-custodial.
Can I pair this with Account Abstraction?
Yes! Instead of spinning up an EOA wallet, you can leverage our account abstraction integrations from providers such as ZeroDev to turn your wallet into a smart contract wallet. Read more in the AA guide.
How do passkeys protect against sim swapping and phishing attempts?
Passkeys come with multiple built in security benefits. Specifically, unlike a password or passcode, a user doesn’t have to remember information with a passkey, and that information can’t be phished from the user. In addition, because passkeys are tied to your iCloud or Google accounts, they are protected by Apple and Google’s security. Even if your sim gets swapped, an attacker would farther have to gain access to your iCloud account or Google keychain in order to get access to your passkey.