Circle Wallets secures keys differently depending on the wallet product you choose. Developer-controlled and user-controlled wallets use multi-party computation (MPC). Modular wallets use passkeys. The following table summarizes how keys are secured for each wallet type.Documentation Index
Fetch the complete documentation index at: https://developers.circle.com/llms.txt
Use this file to discover all available pages before exploring further.
| Wallet type | Key type | Who controls | Where keys live |
|---|---|---|---|
| Developer-controlled | MPC | You, using the entity secret | Circle-hosted MPC nodes, or self-hosted |
| User-controlled | MPC | Your user, using their key shard credential | Circle-hosted MPC nodes |
| Modular | Passkey | Your user | Your user’s device (with optional cloud backup) |
Multi-party computation (MPC)
MPC splits the private key into shards held by separate parties, so no single party ever holds the complete key. This means a compromised server or stolen credential alone cannot leak the full key.Developer-controlled wallets
Developer-controlled wallets use 2-of-2 MPC. You can let Circle host both nodes, share hosting with Circle, or host both nodes yourself.- Circle hosts both nodes (default): Signing is protected by an entity secret that you create and store on your server. The entity secret is required to create wallets and sign transactions. This option is ideal for getting started with minimum setup effort.
- Shared node hosting: You and Circle each host one MPC node. Circle provides a keyguard service that you host on your servers to authorize signing before every transaction. This splits private key management across two parties on different servers.
- You host both nodes: You host both MPC nodes with the keyguard service authorizing signing for every transaction. This setup may be required in certain regulatory jurisdictions.