FAQ - Universal Wallet

FAQ - Universal Wallet

restricted availability

Universal wallets will soon be merged with Dedicated Wallets into a single product line. Universal apps created before February 7, 2024 will work as expected with no change. See our blog post to learn more.


Have a question that isn't answered here? Reach out to us via our help widget in the bottom-right corner of this screen.

#What is the difference between Dedicated Wallet and Universal Wallet?

Dedicated Wallet is a whitelabel solution that allows developers to build the look and feel of their app’s user authentication and wallet experience. Additionally, Dedicated Wallet wallets are scoped to individual dApps. In order for end-users to use their Dedicated Wallet wallets on other dApps, end-users will need to export the private key and import them in a 3rd-party wallet.

Universal Wallet is a web-based authentication and wallet that does not require browser extensions, seed phrases, or downloads. Universal Wallet comes with out-of-the-box functionality and a wide range of web3 features such as:

  • Web2-friendly login methods such as passwordless email and Google One Tap that allows frictionless mainstream user onboarding to your dApp

  • Support for external wallets such as Metamask and Coinbase Wallet so that you don’t have to spend time integrating with wallets

  • Transaction signing modal

  • Send transaction modal

  • Fiat on-ramp

Furthermore, with the soon-to-come premium feature, developers will be able to collect verified email addresses from 3rd-party wallet users. Universal Wallet also lets users use the same wallet across dApps.

#Which blockchains will Universal Wallet support?

Universal Wallet currently supports Ethereum, Polygon and Optimism.

More EVM chains are coming. Submit this feedback form to request for chains you’d like to be supported on. 

#Which payment methods and geographies will be supported for the fiat on-ramp?

Universal Wallet end-users will be able to purchase cryptocurrencies through Magic’s partner fiat on-ramps across 150+ countries and major payment methods including bank transfers and credit cards. 

#Which 3rd-party wallet login options are supported and can they be configurable?

Universal Wallet supports MetaMask and Coinbase Wallet as 3rd-party wallet options. They are displayed by default for all Universal Wallet apps.

Developers can toggle which third-party wallet login options they want to display via the Wallet Providers page of the developer dashboard.  

#Are end-users able to access their seed phrase?

Yes. Authenticated users can access their wallet recovery seed phrase through the 'User Settings' view in their Universal Wallet wallet.

#Does Universal Wallet support MFA or 2FA?

MFA / 2FA is not currently supported but is slated for release for end of 2023.

#Which login methods does Universal Wallet support?

  • Email-based

    • Google One Tap
    • Email (one-time passcode)

  • Email-based account linking

    • Google Login supports Google Accounts with a Gmail domain and non-Gmail Google Login accounts (e.g. G-Suite domains such as `[email protected]`).

    • User's that sign using the email OTP method and/or Google One-Tap will resolve to the same address as long as their gmail address is a personal account with the ending @gmail.com and is automatically linked. Auto-linking is not supported for custom G Suite/Google Workspace domains (such as [email protected]).

  • 3rd-party wallets

    • MetaMask
    • Coinbase Wallet

#How long will users remain logged in?

Sessions last 7 days if a user logs in with email or Google One Tap. Third-party wallet users must manually disconnect to end their session.

#Can developers access Universal Wallet users’ email address?

For email and Google One Tap users, developers can request access via client-side API, read more about it here.

The user's verified email address will be returned if the user consents to sharing. If the user denies the request, developers will not have access to the user's email address. Developers can instead rely on the user's public wallet address as a unique identifier.

In the coming weeks, developers will be able to request a verified email address from 3rd-party wallet users as part of Universal Wallet’s premium offering.

#Where are the private keys stored?

Magic does not store unencrypted private keys. Magic does store encrypted private keys in an iframe in the browser and on Magic’s backend. Our security docs go in-depth with how the process works. 

#Will Universal Wallet be available on other leading NFT marketplaces?

While Universal Wallet will not be available everywhere, the Magic team does have working relationships with many leading NFT marketplaces and dApps via Fortmatic. The Magic team is working on a solution to ensure Universal Wallet users can access leading NFT marketplaces.

#Am I able to configure which third-party wallets are displayed on Universal Wallet?

Currently, MetaMask and Coinbase Wallet are shown by default for all Universal Wallet apps.

Developers can configure which third-party wallet login options they want to display through a toggle function on the developer dashboard.  

#How are MAUs counted between Dedicated Wallet and Universal Wallet?

Magic bills based on total cumulative MAUs across all Dedicated Wallet and Universal Wallet apps. Developers receive 1,000 free MAUs per month, then pay $0.05 per additional MAU. 

#How do I restrict which Domains have access to my API key? 

Magic developers can specify which domains are allowed to use their application's publishable API key by configuring Domain & Mobile Access Whitelisting from the Settings page within the Magic Dashboard. The Domain & Mobile Access Whitelisting configuration is disabled by default for all newly created apps. Only the domains you specify will be accessible by your application when enabled.

To configure domain access, open your application's Settings Page from the Magic Dashboard. From there, you can Edit the list of domains you want to support. Specific domains and wildcards using * are supported. Examples are below:

  • http://localhost
  • https://example.com
  • https://*.example.com
  • http://example.com:8080⁠

There is no need to whitelist domains required to complete any Social Login (i.e., https://accounts.google.com, https://facebook.com, etc.) or Private Key Export (i.e., https://reveal.magic.link) flow. Magic automatically accepts these domains and any other domains on your whitelist.

#Why were Magic product names changed from Magic Connect and Magic Auth?

We have renamed our products as of August 24, 2023 to better represent their capabilities and features."Magic Connect" is now Universal Wallet, emphasizing its interoperability, and "Magic Auth" is now Dedicated Wallet, showcasing its exclusive scoped use for individual applications.

For all existing users of our product, rest assured, these are purely branding changes and your experience, usage, and performance with your current product will remain exactly the same. SDKs are not affected by this change and are untouched; we're just introducing a new way to reference our products.