Skip to main content

General FAQs

Which blockchains are supported?

Our thirdweb Embedded Wallet is fully EVM compatible and supports all EVM chains.

Do I need to build separate flows for embedded wallets and external wallets (e.g. MetaMask)?

No! Since our SDK provides the wallet signer, you can build a unified experience with the same code to handle how all your users' wallets interact with signatures and smart contracts.

However, you will need to provide a separate flow to create embedded wallets as you would with any wallet provider (WalletConnect, Coinbase Wallet, etc.).

How do I troubleshoot unexpected console error messages?

Make sure that you are developing on a secure origin, which includes localhost and any site on https://. thirdweb uses cryptography libraries that are unsupported on http://.

If you continue to run into a console error, please contact us with more details.

What is thirdweb’s ability to scale?

thirdweb can create up to 100 wallets/second by default, and can support higher limits (up to 3,000 wallets/second) upon request.

Where can users see assets in their embedded wallet

Users can login to their embedded wallet at https://ews.thirdweb.com/wallet and see the assets held in it.

How do users connect to their embedded wallet in a third-party app?

Users can access it by choosing the thirdweb option in WalletConnect. They will have to choose which "app wallet" they want to connect to the app

What login options does thirdweb support?

We support Google and email out of the box, and embedded wallets can be configured to work with any Open ID Compatible authentication service. We will be adding out of the box support for more social login options soon.

Customization FAQs

Do you support gasless transactions?

Yes. Our Smart Wallet product, used in combination of Embedded Wallet, allows for a fully gasless experience.

Is there a way to display the logged-in email address in the Connect component, similar to the wallet address?

Yes, we show the email by default in the dropdown after you connect. To display the email anywhere else using React or React Native, check out the code snippets for all platforms.

Does the Embedded Wallet product use Smart Wallets?

No, the Embedded Wallet that is created does not use a smart contract wallet. However, Embedded Wallets can work great in combination with smart wallets. This combination allows users to sign in with only their email (Embedded Wallet) and receive a completely gasless user experience (Smart Wallet).

Custom JWT Auth FAQs

Can I use my own Auth service with Embedded Wallets?

Yes, you have the option to use your own Auth provider with the thirdweb Embedded Wallet. For instructions on how to log in using your custom authentication, refer to our Bring your own authentication with Custom JWT guide.

For a user who creates a wallet via the JWT method, can they recover their account via thirdweb?

The user can still recover by authenticating via your application, then using the password that was sent to them to gain access to the wallet on a new device. thirdweb doesn’t have access to the authentication mechanism and would only be able to provide the user access to their wallet if they are already on a device that has the wallet share saved.

Who retains custody over wallets created with custom JWT?

The user has custody of the wallet because (a) thirdweb does not have enough shares to access the wallet because we do not know the password sent to the user to decrypt one of the shares, (b) your app has the auth mechanism, but auth by itself is not enough to access the underlying wallet.

How will my users recover their account in case they lose access to their auth?

Currently, users will rely on the built-in recovery of their auth method. Refer to the How to recover your Google Account or Gmail article as an example.

Soon, developers will be able to toggle on the option for users to add a backup auth method in the case the user loses access to their primary auth method & its recovery.

Security FAQs

How is the private key managed?

The private key is sharded into three pieces. The first piece is stored on the customer’s device, the second piece is stored in Amazon’s KMS and encrypted by the customer’s email/social auth, and the third piece is stored on Paper. At anytime, there needs to be 2/3 pieces for the private key to be reconstructed.

thirdweb is non-custodial because we only have access to the third piece stored on thirdweb’s servers, and we cannot access the other two shards without the user logging into your application.

Our security architecture has been audited by HackerOne and we have an ongoing bounty program to ensure vulnerabilities are being covered.

What happens if thirdweb or my database gets breached?

Using Shamir Secret Sharing technology, your customers’ assets are safe even in the event that thirdweb or you are compromised. This is because the attacker will only be able to access 1 of the 3 shards, and that is not enough to reconstruct the private key.

Is there MFA/2FA for additional security?

Soon, developers will be able to toggle on the option for users to add additional security to their social wallet by adding a user-set password.