Cavos - OAuth for Blockchain

Configuration

`CavosConfig`

interface CavosConfig {
  appId: string;                        // Required: App ID from https://cavos.xyz/dashboard
  network?: 'sepolia' | 'mainnet';      // Default: 'sepolia'
  paymasterApiKey?: string;             // Cavos Paymaster API key
  paymasterUrl?: string;                // Custom paymaster endpoint URL
  starknetRpcUrl?: string;              // Custom Starknet RPC URL
  backendUrl?: string;                  // Default: 'https://cavos.xyz'
  enableLogging?: boolean;              // Default: false
  session?: SessionConfig;
  oauthWallet?: Partial<OAuthWalletConfig>;
}

`SessionConfig`

interface SessionConfig {
  sessionDuration?: number;         // Seconds (default: 86400 = 24h)
  renewalGracePeriod?: number;      // Seconds (default: 172800 = 48h)
  defaultPolicy?: SessionKeyPolicy;
}

`OAuthWalletConfig`

Advanced override for contract addresses. Not needed for most integrations — defaults are set per network.

interface OAuthWalletConfig {
  jwksRegistryAddress: string;      // JWKS Registry contract address
  cavosAccountClassHash: string;    // Account contract class hash
  salt?: string;                    // Address derivation salt (default: '0x0')
}

`CavosModalConfig`

interface CavosModalConfig {
  appName?: string;
  appLogo?: string;
  providers?: ('google' | 'apple' | 'email')[];
  primaryColor?: string;
  theme?: 'light' | 'dark';        // Default: 'light'
  onSuccess?: (address: string) => void;
}

Auth

`LoginProvider`

type LoginProvider = 'google' | 'apple';

`UserInfo`

interface UserInfo {
  id: string;       // Composite: '{iss}:{sub}'
  email: string;
  name: string;
  picture: string;
}

Session

`SessionKeyPolicy`

interface SessionKeyPolicy {
  allowedContracts: string[];   // Contract addresses the session key may call
  spendingLimits: Array<{
    token: string;              // ERC-20 contract address
    limit: bigint;              // Max transferable amount in token base units (MUST be bigint)
  }>;
  maxCallsPerTx: number;        // Max calls per multicall transaction
}

[!CAUTION] limit must be a bigint. Never use number — it silently overflows for token amounts with 18 decimals.
// ✅ Correct
limit: BigInt('10000000000000000000')  // 10 STRK
// ❌ Wrong — overflow
limit: 10 * 10**18

`WalletStatus`

interface WalletStatus {
  isDeploying: boolean;           // Account contract is currently being deployed
  isDeployed: boolean;            // Account contract exists on-chain
  isRegistering: boolean;         // Session key is currently being registered on-chain
  isSessionActive: boolean;       // Session key is registered and not expired
  isReady: boolean;               // Fully set up — deployed + session active
  pendingDeployTxHash?: string;   // Deploy tx hash when confirmation timed out
}

Transactions

`Call`

From starknet.js:

interface Call {
  contractAddress: string;  // Contract to call
  entrypoint: string;       // Function name
  calldata?: string[];      // Function arguments (as hex strings or decimal strings)
}

uint256 values (balances, amounts) are always split into two felts: [low, high].

// Transfer 1 STRK (1 × 10^18)
const calldata = [
  recipientAddress,
  '1000000000000000000', // low  (fits in felt252)
  '0',                    // high
];

`TypedData`

SNIP-12 typed data for signMessage():

interface TypedData {
  types: {
    StarknetDomain?: TypeElement[];
    [key: string]: TypeElement[] | undefined;
  };
  primaryType: string;
  domain: Record<string, unknown>;
  message: Record<string, unknown>;
}

interface TypeElement {
  name: string;
  type: string;
}

Errors

`JwtExpiredError`

Thrown by execute() when the OAuth JWT has expired and the session is not yet registered on-chain. The user must re-login.

class JwtExpiredError extends Error {
  readonly code = 'JWT_EXPIRED';
}

import { JwtExpiredError } from '@cavos/react';

try {
  await execute(calls);
} catch (err) {
  if (err instanceof JwtExpiredError) {
    await login('google');
  }
}

Context

`CavosContextValue`

The full type returned by useCavos():

interface CavosContextValue {
  // --- SDK instance ---
  cavos: CavosSDK;

  // --- State ---
  isAuthenticated: boolean;
  user: UserInfo | null;
  address: string | null;
  hasActiveSession: boolean;
  isLoading: boolean;
  walletStatus: WalletStatus;
  sessionPublicKey: string | null;

  // --- Auth ---
  login: (provider: LoginProvider) => Promise<void>;
  sendMagicLink: (email: string) => Promise<void>;
  logout: () => Promise<void>;

  // --- Transactions ---
  execute: (calls: Call | Call[], options?: { gasless?: boolean }) => Promise<string>;
  signMessage: (typedData: TypedData) => Promise<string[]>;

  // --- Session ---
  registerCurrentSession: () => Promise<string>;
  updateSessionPolicy: (policy: SessionKeyPolicy) => void;
  renewSession: () => Promise<string>;
  revokeSession: (sessionKey: string) => Promise<string>;
  emergencyRevokeAllSessions: () => Promise<string>;
  exportSession: () => string;

  // --- Account ---
  isAccountDeployed: () => Promise<boolean>;
  deployAccount: () => Promise<string>;
  getBalance: () => Promise<string>;
  getAssociatedWallets: () => Promise<{ address: string; name?: string }[]>;
  switchWallet: (name?: string) => Promise<void>;

  // --- Modal ---
  openModal: () => void;
  closeModal: () => void;

  // --- Utilities ---
  getOnramp: (provider: OnrampProvider) => string;
  resendVerificationEmail: (email: string) => Promise<void>;
}

Token Addresses (Starknet)

Token	Address (Mainnet + Sepolia)
ETH	`0x049d36570d4e46f48e99674bd3fcc84644ddd6b96f7c741b1562b82f9e004dc7`
STRK	`0x04718f5a0fc34cc1af16a1cdee98ffb20c31f5cd61d6ab07201858f4287c938d`
USDC	`0x053c91253bc9682c04929ca02ed00b3e423f6710d2ee7e0d5ebb06f3ecf368a8` (mainnet only)
USDT	`0x068f5c6a61780768455de69077e07e89787839bf8166decfbf92b645209c0fb8` (mainnet only)

Management API

SDK Classes

Types

Types

Configuration

`CavosConfig`

`SessionConfig`

`OAuthWalletConfig`

`CavosModalConfig`

Auth

`LoginProvider`

`UserInfo`

Session

`SessionKeyPolicy`

`WalletStatus`

Transactions

`Call`

`TypedData`

Errors

`JwtExpiredError`

Context

`CavosContextValue`

Token Addresses (Starknet)

Management API

SDK Classes

Types

​Configuration

​CavosConfig

​SessionConfig

​OAuthWalletConfig

​CavosModalConfig

​Auth

​LoginProvider

​UserInfo

​Session

​SessionKeyPolicy

​WalletStatus

​Transactions

​Call

​TypedData

​Errors

​JwtExpiredError

​Context

​CavosContextValue

​Token Addresses (Starknet)

Configuration

`CavosConfig`

`SessionConfig`

`OAuthWalletConfig`

`CavosModalConfig`

Auth

`LoginProvider`

`UserInfo`

Session

`SessionKeyPolicy`

`WalletStatus`

Transactions

`Call`

`TypedData`

Errors

`JwtExpiredError`

Context

`CavosContextValue`

Token Addresses (Starknet)