Zafeguard Developer Docs
Crypto workflows.
Threshold-MPC keys.
One platform.
100+ components across nine blockchains for visual workflow automation — paired with a client-side MPC SDK for self-custodial signing, and an OAuth 2.0 identity provider for end-user sign-in. Hosted, with the option to self-host every layer.
Start here
Introduction
What Zafeguard is, the workflow model, plans, and a 5-minute getting-started flow.
Caller SDK quickstart
Install @zafeguard/caller-sdk, execute your first component, get a typed result.
MPC SDK
Run threshold-MPC ceremonies client-side with EmbeddedSigner or talk directly to an MPC Agent cluster.
MCP for AI assistants
Connect Claude Desktop, Claude Code, or Cursor — let your AI inspect, execute, and build workflows.
Login with Zafeguard
Add OAuth 2.0 / OIDC sign-in to your app — workspace-scoped access, RS256-signed JWTs.
REST API reference
Endpoints for component execution, workflow runs, status streams, and webhooks.
Two SDKs, one platform
Use them independently or together. The Caller SDK triggers workflows and components on the platform; the MPC SDK lets your application be one of the parties in a threshold-MPC ceremony.
@zafeguard/caller-sdk
Trigger workflows & components
WorkspaceClient and WorkflowClient for executing on-platform automation. Pick .execute() for webhook delivery or .promise() to block on the SSE stream — no polling.
import { WorkspaceClient, ComponentModule } from '@zafeguard/caller-sdk';
const workspace = new WorkspaceClient({
apiKey: process.env.ZAFEGUARD_API_KEY!,
apiSecret: process.env.ZAFEGUARD_API_SECRET!,
});
// Wait for typed result via SSE
const { balance } = await workspace
.call(ComponentModule.GET_EVM_ACCOUNT_BALANCE, {
jsonRpcUrl: 'https://eth-mainnet.g.alchemy.com/v2/KEY',
tokenAddress: '0x0000000000000000000000000000000000000000',
account: '0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045',
})
.promise();@zafeguard/mpc-sdk
Hold an MPC share client-side
EmbeddedSigner for warm-cold wallets (device + N cloud agents at any threshold), or AgentCluster for raw cluster access. Native binaries on Node.js, WebAssembly everywhere else — same API across browser, Expo, Workers.
import { EmbeddedSigner, Curve, RecoveryKind } from '@zafeguard/mpc-sdk';
const signer = new EmbeddedSigner({
agent: [{ baseUrl: 'https://node-1.example', apiKey: '...' }],
threshold: 2,
curve: Curve.Secp256k1,
});
const loaded = await signer.create({ signerId, recovery: { kind: RecoveryKind.Noop } });
const sig = await loaded.sign({ messageHash });Component Library
100+ pre-built components across ten categories — every chain we support, plus HTTP, price oracles, workflow logic, and utilities. Each component ships a typed input/output contract and runs as a stateless executable unit on the workflow engine.
EVM & Ethereum
24 components: send transactions, read & decode contracts, Gnosis Safe multisig flows, Uniswap swaps, cross-chain bridges, address derivation.
Explore →Solana
12 components: build & broadcast transactions, SPL token transfers, program instructions (Memo, System, Token, Token-2022), address derivation.
Explore →Bitcoin, Litecoin, Dogecoin, Dash
28 components across four UTXO chains — wallet derivation, UTXO selection, P2PKH / SegWit / Taproot transaction building, balance queries.
Explore →MPC & Key Management
9 server-side MPC components: DKG, threshold signing, BIP-32 child derivation, encryption. Pairs with the MPC SDK for client-side ceremonies.
Explore →Also available: HTTP, Price Oracles, Workflow Logic (FOR_EACH, BRANCH, SEQUENCER, distributed locks, array variables), and Utilities. See the full component library →
Examples & case studies
End-to-end recipes and architectural walkthroughs. Read these before sizing up the platform for a specific build.
LINE Mini-App Wallet
Self-custodial multi-chain wallet inside a chat app. One root MPC key, deterministic per-user addresses, gas sponsorship, in-app swaps.
Read →Gnosis Safe — Lazy Deploy
Smart account per user that deploys on first use. A relayer MPC key sponsors all gas; no upfront deployment cost.
Read →Gasless Permit2 Transfer
Move ERC-20 tokens without a prior approve() by signing a Permit2 message with an MPC key.
Read →Institution-Grade Key Management
Full 2-of-3 ceremony, custodian setup with Shamir Secret Sharing, JIT node model, rotation, and disaster-recovery playbook.
Read →Browse every example → /examples