Simple Logins
Streamlined access with social, phone or email.
WaaP is a protocol for protected self-custody. It provides consistent, reliable key management across apps, devices, and environments. Embed it anywhere, in your own brand.
Wallet-as-a-ProtocolEverything WaaS has,
and more
Social signons are tablestakes. Do them for free and give your users extreme security + cross-chain gas tanks they can use anywhere.
Feature
WaaPWallet as a Protocol
WaaSe.g., Privy
Self-Custodiale.g., MetaMask
Architecture
Protocol-based, modular, decentralized
Service-based, centralized, siloed
Client-based, decentralized, open
Cost Structure
Free
Subscription-based
Free
Custody Model
Protected Self-Custody (2PC dual-share model)
Semi-Custodial (key sharding with provider)
Full Self-Custody (user bears all risk)
CoreSecurity
No single point of failure (2PC technology)
Distributed risk (Shamir Secret Sharing + TEE)
Seed phrase is single point of failure
Recovery Options
2FA & Native client device biometric recovery
Provider-managed recovery
Seed phrase only (loss = permanent)
Malware ProtectionSecurity
Built-in protection (2PC architecture)
No protection
No protection
Blind Signing ProtectionSecurity
Transaction simulation prevents malicious signatures
No protection
No protection
Policy-Based ControlsSecurity
Spending limits & authorization rules
Not available
Not available
Composability
Works across all dApps
Limited per dApp
Limited (wallet-dependent features)
Modularity
Highly modular (protocol-level)
Limited (provider-dependent features)
Manual seed phrase backup required
User Onboarding
1-click (email, phone, social, Face ID)
1-click (email, social, passkey)
Manual seed phrase backup required
Session Management
Auto-reconnect across browser sessions
Persistent sessions
Manual reconnection
Gas Tank (Sponsored Tx)
Native support across any chain
Possible (requires custom implementation)
Possible (often via third-party services)
Multi-Chain Support
Native (EVM, Stellar and soon SUI)
Native (multiple networks)
Native (multiple networks)
Trust Model
Decentralized (no third party can access funds)
Semi-centralized (trust provider infrastructure)
Trustless (but user bears all responsibility)
Security
Extreme Security
Our threat model is the most comprehensive in the industry. Funds held in WaaP's 2PC-MPC architecture are secure if either the client device, user themselves, WaaP policy engine, third party applications, or app smart contracts are comprimised.
AI Fraud & Scam monitoring
Transaction Simulation
Human Reachable Transactions, No Blind Signing
Flexible Wallet Recovery without Third Parties
Native zk-ID
Offers private, verifiable IDs using zero-knowledge proofs.
Universal Wallet
Embeddable everywhere & scaling composability.
Quick Link Payments
Simple, shareable payment requests.
Effortless Wallet Recovery
Seamless, secure access restoration.
Cross-Chain Compatibility
Support for multi-chain functionality.
Protected Self Custody
Users own their keys for full control.
Gas-Tank Convenience
Pre-load gas tanks for the best user experience.
FAQQuestions,
Questions,
Answered by Humans
WaaP uses 2PC-MPC (Two-Party Multi-Party Computation). Your key is split into two parts: • Your Sovereign Share — derived from your identity/login and fully controlled by you • Security Share — held by a decentralized network or enclave (your choice) that cannot access it on its own No single party ever has full access to your key.
Privy uses Shamir’s Secret Sharing (SSS) and splits your key into two parts: • One stored on Privy-controlled cloud infrastructure • One encrypted and managed by Privy Although labeled “non-custodial,” Privy controls both key shares and the infrastructure, meaning users still depend on Privy to access their wallet.
• Resilience to malware and blind signing that even multisigs, browser extensions, and hardware wallets by themselves do not protect against • Resilience against lost keys • No single point of failure that could drain the wallet if compromised
No. WaaP uses your email address as a universal identifier. Whether you sign in with Google, Discord, Twitter, or email, you always access the same wallet — no duplicate accounts, no confusion.
If a user is onboarded through your WaaP integration, all of their wallet revenue and activity — even across other WaaP-supported ecosystems — is attributed to you as the original onboarder. This attribution can be rewarded in the future.
Yes. Your WaaP wallet works anywhere, without needing permission from WaaP or any third party. You own the account. You control access.
Privy’s wallet is not universal; only functional with a specific app. If you want the user to use any DeFi feature that requires bringing their wallet to multiple apps, use WaaP.
WaaS give you access to a wallet they control. WaaP gives you a wallet you actually own.
