General
Is the embedded wallet global?
No, embedded wallets are scoped to your app only. If a user uses the same email to sign in to a different app, that app will manage a different wallet entirely. However, the user is able to get a global view of all their application-scoped Paper wallets by logging into the My Wallets page.
Benefits:
- Each app has access to wallets created on their app only and cannot manage wallets from other apps.
- Users only see tokens sent/purchased from your app.
- Some behind-the-scenes information can be shared to improve the user experience, such as saved payment methods and KYC verification provided to Paper. Apps can never view this information (see Security & Privacy FAQ).
How much does Embedded Wallet Service cost?
Paper charges based on a monthly active user (MAU) model which is defined as any sign-in/sign-up inside your application. The first 1,000 MAUs is free. After that, we charge $0.03/wallet. See Pricing for more details.
Volume discounts are available for enterprise customers. Contact us here.
- A wallet is active when a user signs in or makes a transaction. Unlike competing wallet providers, you are not charged for inactive or idle wallets!
Which blockchains are supported?
- Ethereum, Sepolia, Goerli
- Polygon, Mumbai
- Optimisim Goerli
- Binance Smart Chain and Testnet
- Avalanche
- Arbitrum, Arbitrum-Nova and Artbitrum Goerli
Do I need to build separate flows for embedded wallets and external wallets (e.g. MetaMask)?
No! Since our SDK provides the wallet signer, you can build a unified experience with the same code to handle how all your users' wallets interact with signatures and smart contracts.
However, you will need to provide a separate flow to create embedded wallets as you would with any wallet provider (WalletConnect, Coinbase Wallet, etc.).
Can the embedded wallet be used outside my app?
Yes! Your application's embedded wallets are able to use the My Wallets page to sign in to their wallet, view their NFTs, and connect to web3 apps via WalletConnect.
How do I troubleshoot unexpected console error messages?
Make sure that you are developing on a secure origin, which includes localhost and any site on https://. Paper uses cryptography libraries that are unsupported on http://.
If you continue to run into a console error, please contact us with more details.
How much does EWS cost?
Paper charges based on a monthly active user (MAU) model which is defined as any sign-in/sign-up inside your application. The first 1,000 MAUs is free. After that, we charge $0.03/wallet. Volume discounts are available for enterprise customers. Contact us here.
What is Paper’s ability to scale?
Paper can create up to 100 wallets/second by default, and can support higher limits (up to 3,000 wallets/second) upon request.
Are the wallets interoperable?
Your users will be able to connect to any web3 dApp that supports WalletConnect by logging into withpaper.com/wallet. An example of this would be listing on OpenSea.
Soon, we’ll also be introducing a WalletConnect SDK that lets you implement a WalletConnect interface inside your own app.
How can my user create an embedded wallet?
Buyers who don't have a wallet can create one with their email or social login (Google or Twitter).
How can my user transfer the NFT from their embedded wallet?
Buyers can visit My Wallets to view and transfer NFTs in their Embedded Wallets. We cover all gas fees related to transferring and offer a way for users to export their private key.
This page does not support transfers for self-custody wallets like MetaMask.
Security
How is the private key managed?
The private key is sharded into three pieces. The first piece is stored on the customer’s device, the second piece is stored in Amazon’s KMS and encrypted by the customer’s email/social auth, and the third piece is stored on Paper. At anytime, there needs to be 2/3 pieces for the private key to be reconstructed.
Paper is non-custodial because we only have access to the third piece stored on Paper’s servers, and we cannot access the other two shards without the user logging into your application.
Our security architecture has been audited by HackerOne and we have an ongoing bounty program to ensure vulnerabilities are being covered.
What happens if Paper or my database gets breached?
Using MPC technology, your customers’ assets are safe even in the event that Paper or you are compromised. This is because the attacker will only be able to access 1 of the 3 shards, and that is not enough to reconstruct the private key.
How will my users recover their account in case they lose access to their auth?
Currently, users will rely on the built-in recovery of their auth method. Here is an example for Google.
Soon, developers will be able to toggle on the option for users to add a back-up auth method in the case the user loses access to their primary auth method & its recovery.
Is there MFA/2FA for additional security?
Soon, developers will be able to toggle on the option for users to add additional security to their social wallet by adding a user-set password.
Does Paper support my existing auth system?
This feature is available upon request. Please contact us here.
- For more security & privacy FAQ, click here.
Customization
Do you support gasless transactions?
Yes. We support transactions using EWS for users who don’t have gas tokens inside their wallet on any L2 chain or Ethereum (on request, contact us here).
Do you support transaction signing?
We provide you with the signer through the SDK when the user is logged in to EWS in your application. This will allow you to create a custom signing experience for your app including signing transactions on behalf of users who are online.
Can I white-label the wallet?
You can completely white-label the wallet experience and we provide API & SDK endpoints to make this easier. We currently have metadata APIs for NFTs, and a way to pull token balance.