Skip to main content
Cavos provides invisible wallet infrastructure for Starknet applications. Users authenticate with familiar methods (Google, Apple, or Passkeys) and get a fully functional wallet without managing seed phrases or installing extensions.

Key Features

Session Keys

Sign once, transact infinitely. Users authenticate once and all subsequent transactions are signed automatically without prompts.

Passkey Security

Private keys are encrypted with device biometrics (FaceID/TouchID) and used only for session creation.

Gasless Transactions

Users can transact without holding ETH. All gas fees are sponsored via AVNU Paymaster.

Cross-Platform

SDKs for both web (React) and mobile (React Native) with unified APIs.

How Session Keys Work

Cavos uses session keys as the core transaction signing mechanism:
  1. User authenticates with Google, Apple, or a passkey
  2. Session is created automatically with a temporary keypair (valid for 1 hour)
  3. Private key is cleared from memory immediately after session creation
  4. All transactions are signed with the session key - no additional prompts needed
[!NOTE] The user’s private key is only used once to authorize the session. After that, it’s removed from memory for maximum security.

Choose Your Platform

Web SDK

For React web applications. Uses WebAuthn for passkey authentication.

React Native SDK

For iOS and Android apps. Uses native passkeys with platform authenticators.

Quick Example

import { CavosProvider, useCavos, useSession } from '@cavos/react';

function App() {
  return (
    <CavosProvider config={{ appId: 'your-app-id' }}>
      <WalletDemo />
    </CavosProvider>
  );
}

function WalletDemo() {
  const { login, address, execute } = useCavos();
  const { hasActiveSession, createSession } = useSession();

  // After login, create a session to enable signature-free transactions
  const handleLogin = async () => {
    await login('google');
    await createSession({
      allowedMethods: [
        { contractAddress: '0x...', selector: 'transfer' },
      ],
      expiresAt: Date.now() + 60 * 60 * 1000, // 1 hour
    });
  };

  if (!address) {
    return <button onClick={handleLogin}>Login with Google</button>;
  }

  // Transactions are signed automatically with the session key
  const handleTransfer = async () => {
    const txHash = await execute({
      contractAddress: '0x...',
      entrypoint: 'transfer',
      calldata: ['0x...', '1000000000000000000', '0'],
    });
    console.log('Transaction:', txHash);
  };

  return (
    <div>
      <p>Connected: {address}</p>
      <p>Session: {hasActiveSession ? 'Active' : 'Inactive'}</p>
      <button onClick={handleTransfer}>Send (No Signature)</button>
    </div>
  );
}