Embedded wallets even your grandparents can use

TSS-MPC, or Threshold Signature Scheme with Multi-Party Computation, is a cryptographic method that allows multiple parties to jointly generate a single digital signature, enhancing security by distributing the signing power among participants without revealing the private key to any single party.

You can think of an embedded wallet like a powerful web-account. An embedded wallet is a programmable web3 crypto wallet that can be issued invisibly to customers on your website. Customers with an embedded wallet can immediately receive digital tokens and make on-chain interactions without needing to go through the complexities of understanding the intricacies of typical EOA wallets like metamask or Phantom.

Passkeys are a new type of passwordless authentication designed to be more secure and convenient than traditional passwords. They are based on the Web Authentication (WebAuthn) standard, which uses public key cryptography to create a secure link between a user’s device and a website or app. They were developed by the FIDO alliance (made up of companies like Apple, Google, Microsoft, Amazon, 1Password, among others).

Unlike traditional passwords, which create friction and pose phishing risks, passkeys leverage a familiar pattern of using a biometric (FaceID, or TouchID) to securely create and store a credential to the user’s device.

Dynamic uses passkeys as a security method to authenticate and gate access to embedded wallet private keys. Specifically, passkeys are used to ensure that your users are in control of their private keys by leveraging secure enclaves. By simple analogy, passkeys and secure enclaves are similar to a safety deposit box vault. That is, your end users have a key to access their locked box (i.e., wallet), while enjoying the benefits of having the box secured with vault-level security. The safety deposit box is inside the vault, but only the end user, with their key, can access the contents inside the box. After authenticating via email or social, users are prompted to create a passkey with their device (e.g., biometrics). This grants them a wallet and enables transaction signing with that passkey. The wallet’s private key is encrypted at rest, and only decrypted within secure enclaves with a signature from the user’s passkey.

Please refer to our recovery guide here.

Our embedded wallet offering is non-custodial.

Yes! Instead of spinning up an EOA wallet, you can leverage our account abstraction integrations from providers such as ZeroDev to turn your wallet into a smart contract wallet. Read more in the AA guide.

Passkeys come with multiple built in security benefits. Specifically, unlike a password or passcode, a user doesn’t have to remember information with a passkey, and that information can’t be phished from the user. In addition, because passkeys are tied to your iCloud or Google accounts, they are protected by Apple and Google’s security. Even if your sim gets swapped, an attacker would farther have to gain access to your iCloud account or Google keychain in order to get access to your passkey.