> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dynamic.xyz/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Recovering an Embedded Wallet

<Card title="Recommended: JavaScript SDK with React Hooks" icon="react" color="#4779FE">
  For new React apps, we recommend the JavaScript SDK with React Hooks (`@dynamic-labs-sdk/react-hooks`) instead of the legacy React SDK documented here. The JS SDK comes with many benefits such as a much smaller bundle size and other optimizations. Use the [React quickstart (JavaScript SDK)](/javascript/reference/react-quickstart) to get started.
</Card>

## Standard Recovery Flow

Dynamic's embedded wallets use a 2-of-2 threshold signature scheme where one [User Share](/overview/wallets/embedded-wallets/mpc/glossary#user-share) is held by the user on their device and a [Dynamic Server Share](/overview/wallets/embedded-wallets/mpc/glossary#dynamic-server-share) is held by Dynamic. For basic recovery scenarios, when a user logs in on a new device:

1. The user authenticates with their credentials
2. Dynamic provides their encrypted copy of the User Share
3. The share is decrypted through the [Encryption Proxy Service](/overview/wallets/embedded-wallets/mpc/glossary#encryption-proxy-service) (Dynamic does not have access to encryption/decryption keys)
4. The decrypted share is stored on the new device
5. The wallet is ready for use immediately

This process happens invisibly to the end user, providing a seamless recovery experience. In other words, the user does not need to know a recovery occurred.

## Enhanced Security with Password Protection

For additional security, users can opt to protect their stored User Share with [Password Encryption](/overview/wallets/embedded-wallets/mpc/glossary#password-encryption). See [Password encryption](/react/wallets/embedded-wallets/mpc/password-encryption) to implement it in your app.

* The stored User Share is encrypted with the user's password
* When recovering on a new device, users must enter their password to decrypt the share
* Without the correct password, the stored share cannot be accessed
* This provides an extra layer of security but requires users to remember their password

You can toggle this option as required or optional in your developer dashboard.

## Cloud Backup Recovery (2-of-3 Setup)

Users can enable additional recovery options through [User Share Backup Options](/overview/wallets/embedded-wallets/mpc/glossary#user-share-backup-options), storing their User Share to Google Drive, Apple iCloud, or downloading it locally.

<Card title="Google Drive backup setup" icon="google" href="/react/wallets/embedded-wallets/mpc/google-drive-backup">
  Learn how to configure Google Drive as a backup option, including enabling the API and understanding the required OAuth scopes.
</Card>

<Frame>
  <img src="https://mintcdn.com/dynamic-docs/Mu-tjFQVUvR9RrdN/images/mpc/mpc-2of3.png?fit=max&auto=format&n=Mu-tjFQVUvR9RrdN&q=85&s=ab1fee1a31f5a311a133ea185538b814" alt="" width="2872" height="2500" data-path="images/mpc/mpc-2of3.png" />
</Frame>

When cloud backup is enabled:

* The system automatically upgrades to a 2-of-3 threshold scheme through [Key Resharing](/overview/wallets/embedded-wallets/mpc/glossary#key-resharing)
* The user maintains their local [User Share](/overview/wallets/embedded-wallets/mpc/glossary#user-share)
* A copy of the User Share is stored using their chosen backup option
* Dynamic continues to secure the [Dynamic Server Share](/overview/wallets/embedded-wallets/mpc/glossary#dynamic-server-share)

This creates three recovery paths:

1. Using the stored User Share from backup + Dynamic Server Share
2. Using the local User Share + Dynamic Server Share
3. Using the local User Share + stored User Share from backup ([Independent Recovery](/overview/wallets/embedded-wallets/mpc/glossary#independent-recovery))

When a user has access to both their local User Share and the stored backup copy, they can perform Independent Recovery without requiring Dynamic's share. As long as they are logged in and have access to the client-side SDK, they can use these two shares to export their private key completely independently of Dynamic's systems. This ensures a critical self-custody guarantee, allowing users to recover their wallet even if Dynamic’s services are unavailable.

<Note>
  We also offer additional more sophisticated recovery configurations including custom threshold schemes and [Developer-Hosted Backups](/overview/wallets/embedded-wallets/mpc/glossary#developer-hosted-backups), see our [Advanced Features documentation](/overview/wallets/embedded-wallets/mpc/advanced).
</Note>

## Related

* [Password encryption](/react/wallets/embedded-wallets/mpc/password-encryption) - Add password protection to the User Share
* [Google Drive backup setup](/react/wallets/embedded-wallets/mpc/google-drive-backup) - Configure Google Drive as a backup option
