Onboarding (Email + MPC)

1) Create an account / sign in

1. Enter your email address.

2. Retrieve the 6-digit verification code from your email inbox.

3. Enter the code to complete sign-in.

✅ The flow is the same for first-time sign-in and later sign-ins. ✅ You do not create or store a password.

2) What MPC means in practice

Most accounts and wallets depend on one secret such as a password, private key, or seed phrase. If that secret is exposed, the account may be compromised.

MPC reduces that single-secret failure mode by:

• splitting sensitive authentication material into multiple encrypted shares

• storing those shares across independent security boundaries

• requiring multiple shares to reconstruct an authorization operation

What this does not mean

• MPC does not eliminate phishing risk

• MPC does not make you immune to malware

• MPC does not guarantee asset safety if an external service fails

MPC reduces one specific class of risk: single-secret compromise.

3) User security best practices

Even with MPC:

• secure your email account with strong authentication

• secure your email account with a hardware security key (such as YubiKey) where your email provider supports it

• avoid unknown links and unsolicited messages

• avoid public Wi‑Fi for account access

• verify the BASIS domain every time

4) Troubleshooting login

If you do not receive the 6-digit code:

• check your spam or junk folder

• wait a few minutes in case of delivery delay

• confirm you entered the email address correctly

• request a new code

If issues persist, contact [email protected].