> ## Documentation Index
> Fetch the complete documentation index at: https://developers.circle.com/llms.txt
> Use this file to discover all available pages before exploring further.

# How passkeys and modules work

> How a passkey signs modular wallet operations and how modules extend the wallet's behavior.

A modular wallet is a Modular Smart Contract Account (MSCA) controlled by a
passkey. Modules can extend the wallet, for example to restrict transfers to an
onchain allowlist.

## Passkeys

A passkey is the default signer for a modular wallet. It uses the
[WebAuthn](https://www.w3.org/TR/webauthn-3/) standard. The key pair is
generated on the user's device and stored in a secure enclave or password
manager. The user signs with biometrics or device unlock. No seed phrase or
password.

**What to know:**

* Passkeys use the `secp256r1` curve. Each signature includes WebAuthn metadata.
* The key never leaves the user's device. Your app can't read it, Circle can't
  read it, and it can't be phished.
* The [modular wallets SDKs](/sdks/modular/overview) handle passkey login and
  signing through `webAuthnAccount`.
* When the user signs, the SDK submits the signed user operation to a bundler,
  which broadcasts it onchain. Gas can be sponsored through
  [Gas Station](/wallets/gas-station) with `paymaster: true`.

<Note>
  Need an EOA-based signer instead of a passkey, for example when your app
  already uses a third-party auth provider like
  [Dynamic](https://www.dynamic.xyz/) to manage user identity? See [Dynamic
  integration](/wallets/modular/use-dynamic-as-a-signer) for the pattern.
</Note>

### Backup and recovery

Passkeys replace traditional private keys, so backup matters. Synced passkeys
(through Apple iCloud Keychain or Google Password Manager) restore on any device
the user signs into. Device-bound passkeys like YubiKey do not sync. Losing that
device means losing access unless the user has another credential.

Circle adds recovery keys as a backup. A recovery key has the same permissions
as a passkey. It uses ECDSA signatures and is self-custodial. No central
authority can restore it. Users can register multiple recovery keys.

<Warning>
  The passkey and any recovery keys are the only ways to access a modular
  wallet. Neither Circle nor your application can recover user wallets if every
  credential is lost.
</Warning>

For implementation details, see
[Set up passkey recovery](/wallets/modular/set-up-passkey-recovery).

## Modules

Modules are contracts that extend a modular wallet's behavior at runtime. They
add capabilities or enforce rules the base wallet lacks.

**What to know:**

* Modules follow the [ERC-6900](https://eips.ethereum.org/EIPS/eip-6900)
  standard, which defines how MSCAs plug in optional logic.
* Every modular wallet starts with the passkey signer as a built-in module. You
  attach more modules to extend behavior.
* You can also build custom modules against the ERC-6900 standard to fit
  application-specific logic.

### Supported modules

| Module             | Description                                                                                                                                                           | Module address                                                    |
| ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- |
| Passkey (WebAuthn) | Default signer for the modular wallet. Built in.                                                                                                                      | Built-in                                                          |
| Address Book       | Restricts transfers (ERC-20, ERC-721, ERC-1155) to a list of onchain allowlisted addresses. Useful for treasury vaults that should only send to known counterparties. | Mainnet and testnet: `0x0000000d81083B16EA76dfab46B0315B0eDBF3d0` |
