General FAQs
What is the difference between Email Wallet (Self-Recovery) & Email Wallet (Managed Recovery)
Email wallet (with managed recovery code) usage is calculated by monthly active wallets (i.e. active as defined by at least 1 user log-in via email or social within the billing period month). For both the Starter and Pro plan, users receive 10,000 free monthly active wallets + charged $0.02 per incremental monthly active wallet after. Note that wallets with self recovery code is completely free to use.
Which blockchains are supported?
Our thirdweb Embedded Wallet is fully EVM compatible and supports all EVM chains.
How does wallet recovery work?
Recovery is built-in. If the user loses their device, they can sign into a new device and provide the recovery code that was emailed to them to recover their wallet. There is no recovery option if the user loses access to their email.
Do I need to build separate flows for embedded wallets and external wallets (e.g. MetaMask)?
No! Since our SDK provides the wallet signer
, you can build a unified experience with the same code to handle how all your users' wallets interact with signatures and smart contracts.
However, you will need to provide a separate flow to create embedded wallets as you would with any wallet provider (WalletConnect, Coinbase Wallet, etc.).
How do I troubleshoot unexpected console error messages?
Make sure that you are developing on a secure origin, which includes localhost
and any site on https://
. thirdweb uses cryptography libraries that are unsupported on http://
.
If you continue to run into a console error, please contact us with more details.
How much does EWS cost?
Email Wallet (Self-Recovery) are free for unlimited wallets. Email Wallet (Managed Recovery) charges based on a monthly active user (MAU) model which is defined as any sign-in/sign-up inside your application. The first 10,000 MAUs are free. After that, we charge $0.02/wallet. For more pricing information, refer to our pricing page. Volume discounts are available for enterprise customers. Please contact our business team for more information.
What is thirdweb’s ability to scale?
thirdweb can create up to 100 wallets/second by default, and can support higher limits (up to 3,000 wallets/second) upon request.
How can my user create an embedded wallet?
Buyers who don't have a wallet can create one with their email or social login (Google or Twitter).
How can my users transfer the NFT from their embedded wallet?
Buyers can visit My Wallets to view and transfer NFTs in their Embedded Wallets. We cover all gas fees related to transferring and offer a way for users to export their private key.
This page does not support transfers for self-custody wallets like MetaMask.
How can my users transfer Native Tokens (i.e. ETH) from their embedded wallet?
Below is an example on how to implement the ability for your users to transfer Native token from their embedded wallet. To see the front end functionality, you can visit our live Wallets & Auth demo.
How can my users transfer Native Tokens (i.e. ETH) from their embedded wallet?
Below is an example on how to implement the ability for your users to transfer Native token from their embedded wallet. To see the front end functionality, you can visit our live Wallets & Auth demo.
const sendNativeToken = async () => {
setLoading(Features.SEND_NATIVE_TOKEN);
try {
const signer = await wallet?.getEthersJsSigner();
if (!signer) {
throw new Error("Wallet not connected");
}
const tx = await signer.sendTransaction({
to: recipient,
value: ethers.utils.parseEther(amount)
});
setTxStatus(`Transaction hash: ${tx.hash}`);
await tx.wait();
setTxStatus(`Transaction ${tx.hash} has been confirmed`);
} catch (error) {
if (typeof error === 'string') {
console.error("Error sending native token:", error);
setTxStatus(`Error: ${error}`);
} else if (error instanceof Error) {
console.error("Error sending native token:", error.message);
setTxStatus(`Error: ${error.message}`);
} else {
console.error("An unknown error occurred while sending native token");
setTxStatus(`An unknown error occurred`);
}
} finally {
setLoading(null);
}
};
Customization FAQs
Do you support gasless transactions?
Yes. We support transactions using EWS for users who don’t have gas tokens inside their wallet on any L2 chain or Ethereum (on request, contact our team). Our Smart Wallet product, used in combination of Embedded Wallet, also allows for this gasless experience.
Do you support transaction signing?
We provide you with the signer through the SDK when the user is logged in to EWS in your application. This will allow you to create a custom signing experience for your app including signing transactions on behalf of users who are online.
Is there a way to display the logged-in email address in the Connect component, similar to the wallet address?
Yes, we show the email by default in the dropdown after you connect. To display the email anywhere else using React or React Native, including in the Connect modal, you can use the following code snippet:
const activeWallet = useWallet()
(activeWallet as EmbeddedWallet).getEmail()
Does the Embedded Wallet product use Smart Wallets?
No, the Embedded Wallet that is created does not use a smart contract wallet. However, Embedded Wallets can work great in combination with smart wallets. This combination allows users to sign in with only their email (Embedded Wallet) and receive a completely gasless user experience (Smart Wallet).
Custom JWT Auth FAQs
Can I use my own Auth service with Embedded Wallets?
Yes, you have the option to use your own Auth provider with the thirdweb Embedded Wallet. For instructions on how to log in using your custom authentication, refer to our Bring your own authentication with Custom JWT guide.
For a user who creates a wallet via the JWT method, can they recover their account via thirdweb?
The user can still recover by authenticating via your application, then using the password that was sent to them to gain access to the wallet on a new device. thirdweb doesn’t have access to the authentication mechanism and would only be able to provide the user access to their wallet if they are already on a device that has the wallet share saved.
Who retains custody over wallets created with custom JWT?
The user has custody of the wallet because (a) thirdweb does not have enough shares to access the wallet because we do not know the password sent to the user to decrypt one of the shares, (b) your app has the auth mechanism, but auth by itself is not enough to access the underlying wallet.
When will the thirdweb Embedded Wallet support bring-your-own-Auth?
Currently, only the Paper Embedded Wallets support signing in with custom JWT. We are working on bringing over login with custom JWT to the thirdweb Embedded Wallet as well.
How will my users recover their account in case they lose access to their auth?
Currently, users will rely on the built-in recovery of their auth method. Refer to the How to recover your Google Account or Gmail article as an example.
Soon, developers will be able to toggle on the option for users to add a backup auth method in the case the user loses access to their primary auth method & its recovery.
Security FAQs
How is the private key managed?
The private key is sharded into three pieces. The first piece is stored on the customer’s device, the second piece is stored in Amazon’s KMS and encrypted by the customer’s email/social auth, and the third piece is stored on Paper. At anytime, there needs to be 2/3 pieces for the private key to be reconstructed.
thirdweb is non-custodial because we only have access to the third piece stored on thirdweb’s servers, and we cannot access the other two shards without the user logging into your application.
Our security architecture has been audited by HackerOne and we have an ongoing bounty program to ensure vulnerabilities are being covered.
What happens if thirdweb or my database gets breached?
Using MPC technology, your customers’ assets are safe even in the event that thirdweb or you are compromised. This is because the attacker will only be able to access 1 of the 3 shards, and that is not enough to reconstruct the private key.
Is there MFA/2FA for additional security?
Soon, developers will be able to toggle on the option for users to add additional security to their social wallet by adding a user-set password.
Does thirdweb support my existing auth system?
This feature is available upon request. Please contact us.