Architecture & Security
Technical FAQ
Frequently asked technical questions about implementing and using Para for developers
As you integrate Para into your applications, you may encounter various technical questions. This FAQ aims to address
the most common inquiries from developers, covering aspects of implementation, security, architecture, and integration.
If you don’t find the answer you’re looking for, our comprehensive documentation and support team are available to
assist you further.
For further technical details or questions not covered here, please refer to our documentation or reach out to our
developer support team at .
How is Para's Multi-Party Computation (MPC) implemented?
How is Para's Multi-Party Computation (MPC) implemented?
What signature structure does Para use?
What signature structure does Para use?
Para uses the EIP712-specified transaction signature interface. Additionally, Para publishes an EIP-1193 Provider,
which is most commonly used via the Wagmi Connector. This ensures compatibility with a wide range of Ethereum-based
applications and tools.
How does Para handle session management?
How does Para handle session management?
Para uses sessions as a security measure when signing transactions. By default, session length is 90 minutes.
Developers can implement session refresh logic in their applications to maintain longer sessions if required.
Can Para integrate with Account Abstraction (AA) systems?
Can Para integrate with Account Abstraction (AA) systems?
While Para primarily uses MPC for key management, it is designed to work with ERC-4337 (Account Abstraction) out of
the box. This allows developers to leverage Para’s security features while also taking advantage of AA capabilities if
desired.
How does Para ensure transaction signing capability if its servers go offline?
How does Para ensure transaction signing capability if its servers go offline?
As long as the Cloud Share sent during onboarding is not deleted by the user, they can always refresh keys, export, or
sign transactions independently. This design ensures that Para cannot censor transactions and provides a robust
fallback mechanism. Read our blog post on censorship resistance for more details.
What SDKs does Para offer for integration?
What SDKs does Para offer for integration?
Para offers SDKs for: - TypeScript/React for web developers - React Native for mobile developers - Flutter for
cross-platform mobile development These SDKs provide a consistent interface for wallet management and transaction
signing across different platforms.
How does Para handle key storage and biometric confirmation?
How does Para handle key storage and biometric confirmation?
The biometric key is stored on-device in a secure enclave. For Ethereum-based transactions, Para uses secp256k1 curve
signatures. However, the secure enclave supports the secp256r1 curve. Para generates a secp256r1 key, which is used to
authorize a secp256k1 curve signature for ECDSA signatures, bridging this compatibility gap securely.
How can developers customize the UI and copy in the Para flow?
How can developers customize the UI and copy in the Para flow?
All UI elements and copy in the Para flow are fully configurable. Developers can whitelabel the product to match their
application’s look and feel. While Para aims for a somewhat consistent user experience, copy, colors, and sizes are
fully customizable. Refer to thefor detailed configuration options.
What social login options does Para support?
What social login options does Para support?
How does Para's multi-app architecture work?
How does Para's multi-app architecture work?
Para’s multi-app architecture allows the same wallet to be used across different applications while maintaining
security. It uses a permissions scheme that specifies what types of transactions an application can perform and which
ones require user approval. This is implemented through encrypted User Shares specific to each application and an
allow-list mechanism managed by Para.
How does Para handle wallet recovery in case of device loss?
How does Para handle wallet recovery in case of device loss?
Para implements a robust recovery mechanism involving: 1. A recovery secret generated during wallet setup 2. Option to
add backup devices 3. Two-factor authentication for additional security 4. A key rotation process after recovery to
ensure security The recovery process is managed through the Para Portal, reducing the implementation burden on
individual developers.
What blockchain networks does Para support?
What blockchain networks does Para support?
Para’s architecture is designed to be blockchain-agnostic. It offers native support for: - All EVM-compatible chains -
Cosmos ecosystem - Solana Developers can integrate Para with popular libraries like ethers.js, viem, and CosmJS for
interacting with these networks. For full chain support please see our chain support documentation.
How can developers implement Para's universal embedded wallet feature?
How can developers implement Para's universal embedded wallet feature?
Universal embedded wallets in Para is achieved through:
- Associating wallets with user identities (typically email addresses) rather than individual applications
- Using MPC for secure key sharing across applications
- Implementing a permissions framework for granular access control
- Providing seamless authentication when users access new applications Developers can leverage these features through Para’s SDKs and APIs to enable users to access their wallets across different applications seamlessly.
Can users export their private keys with Para?
Can users export their private keys with Para?
Yes, users can export their private keys with Para. While we don’t see many users export their private keys given Para wallets are universal and usable across apps and chains, users are able to do so in Para Connect.
What's the difference between MPC and a multi-sig?
What's the difference between MPC and a multi-sig?
Multi-sigs require separate private keys to approve a transaction. MPC splits a single private key across multiple parties and parites jointly sign without ever reconstructing the key.