Skip to main content

Constructor

new CavosSDK(config: CavosConfig)

CavosConfig

interface CavosConfig {
  appId: string;
  network?: 'sepolia' | 'mainnet';
  paymasterApiKey?: string;
  starknetRpcUrl?: string;
  enableLogging?: boolean;
  passkeyModal?: {
    title?: string;
    description?: string;
    buttonText?: string;
  };
}

Initialization

init()

async init(): Promise<void>
Initialize SDK and restore existing session.

Authentication

login(provider, credentials?, redirectUri?)

async login(
  provider: 'google' | 'apple' | 'firebase',
  credentials?: { email: string; password: string },
  redirectUri?: string
): Promise<void>
Start authentication flow. For Google/Apple: 
await sdk.login('google');
await sdk.login('apple');
For Firebase email/password: 
await sdk.login('firebase', {
  email: 'user@example.com',
  password: 'password123'
});
Throws:
  • EmailNotVerifiedError - Firebase email not verified yet
  • Error - Invalid credentials or authentication failed

register(provider, credentials)

async register(
  provider: 'firebase',
  credentials: { email: string; password: string }
): Promise<void>
Register a new user with email/password via Firebase. 
await sdk.register('firebase', {
  email: 'user@example.com',
  password: 'secure123'
});
// User receives verification email
Throws:
  • EmailVerificationRequiredError - Registration successful, verification email sent
  • Error with error: 'rate_limited' - Too many requests, check wait_seconds property
  • Error - Email already registered or invalid input

isEmailVerified(email)

async isEmailVerified(email: string): Promise<boolean>
Check if an email address has been verified. 
const verified = await sdk.isEmailVerified('user@example.com');
if (!verified) {
  showResendButton();
}

resendVerificationEmail(email)

async resendVerificationEmail(email: string): Promise<void>
Resend verification email for unverified Firebase accounts. 
await sdk.resendVerificationEmail('user@example.com');
// User receives new verification email
Throws:
  • Error with error: 'rate_limited' - Too many requests
  • Error with error: 'already_verified' - Email already verified
  • Error - Failed to send email
Rate Limits:
  • Registration/resend: 60 seconds between emails per user

loginWithGoogle(redirectUri?)

async loginWithGoogle(redirectUri?: string): Promise<void>
Helper method for Google OAuth login.

loginWithApple(redirectUri?)

async loginWithApple(redirectUri?: string): Promise<void>
Helper method for Apple OAuth login.

handleCallback(authDataString)

async handleCallback(authDataString: string): Promise<void>
Handle OAuth callback data (used internally by React provider).

logout()

async logout(): Promise<void>
Clear session and wallet data.

isAuthenticated()

isAuthenticated(): boolean

getUserInfo()

getUserInfo(): UserInfo | null

deleteAccount()

async deleteAccount(): Promise<void>
Permanently delete user account.

Wallet

createWallet()

async createWallet(): Promise<void>
Create or recover wallet (smart flow).

getAddress()

getAddress(): string | null

hasWallet()

async hasWallet(): Promise<boolean>
Check if wallet exists on backend.

getBalance()

async getBalance(): Promise<string>
Get ETH balance in wei.

getFundingAddress()

getFundingAddress(): string | null

isAccountDeployed()

async isAccountDeployed(): Promise<boolean>

getWalletStatus()

getWalletStatus(): WalletStatus
Get detailed wallet deployment and session state. 
const status = sdk.getWalletStatus();

console.log('Deployed:', status.isDeployed);
console.log('Session active:', status.isSessionActive);
console.log('Ready:', status.isReady);
WalletStatus interface: 
interface WalletStatus {
  isDeployed: boolean;      // Account contract deployed on-chain
  isSessionActive: boolean; // Session key registered and not expired
  isReady: boolean;         // Both deployed and session active
}

deployAccount()

async deployAccount(): Promise<string>
Manually deploy account. Returns transaction hash.

retryWalletUnlock()

async retryWalletUnlock(): Promise<void>
Retry biometric unlock after cancellation.

Passkey-Only

hasPasskeyOnlyWallet()

async hasPasskeyOnlyWallet(): Promise<boolean>

loadPasskeyOnlyWallet()

async loadPasskeyOnlyWallet(): Promise<void>

recoverWalletWithPasskey()

async recoverWalletWithPasskey(): Promise<void>

clearPasskeyOnlyWallet()

async clearPasskeyOnlyWallet(): Promise<void>

Transactions

execute(calls, options?)

async execute(
  calls: Call | Call[],
  options?: { gasless?: boolean }
): Promise<string>
Execute transaction(s). Returns transaction hash.

signMessage(message)

async signMessage(message: string | TypedData): Promise<Signature>

Session

hasActiveSession()

hasActiveSession(): boolean

createSession()

async createSession(): Promise<void>

registerCurrentSession()

async registerCurrentSession(): Promise<string>
Register the current session key on-chain. Returns transaction hash. 
const txHash = await sdk.registerCurrentSession();
console.log('Session registered:', txHash);
[!IMPORTANT] After this method completes, walletStatus.isSessionActive will be updated to true.

revokeSession(sessionKey?)

async revokeSession(sessionKey?: string): Promise<string>
Revoke a session key on-chain. If no sessionKey is provided, revokes the current session. Returns transaction hash. 
// Revoke current session
await sdk.revokeSession();

// Revoke specific session
await sdk.revokeSession('0x123abc...');
[!NOTE] This operation uses JWT signature verification on-chain.

emergencyRevokeAllSessions()

async emergencyRevokeAllSessions(): Promise<string>
Revoke all active sessions for the wallet by incrementing the global revocation epoch. Returns transaction hash. 
await sdk.emergencyRevokeAllSessions();
[!WARNING] This invalidates all sessions immediately. You’ll need to create and register a new session to transact again.

exportSession()

exportSession(): string
Export the current session as a base64-encoded token for use in CLI or other tools. 
const token = sdk.exportSession();
console.log('Session token:', token);

// Use in Cavos CLI
// export CAVOS_TOKEN="<token>"
// cavos balance
[!NOTE] Only export sessions when walletStatus.isSessionActive is true.

Onramp

getOnramp(provider)

getOnramp(provider: 'RAMP_NETWORK'): string
Get fiat onramp URL.

Advanced

getAccount()

getAccount(): Account | null
Get starknet.js Account instance.

getSessionAccount()

getSessionAccount(): Account | null

deleteWallet()

async deleteWallet(): Promise<void>
Delete wallet from cloud storage.