Skip to main content

dynamic_waas_sdk/
lib.rs

1//! # dynamic-waas-sdk
2//!
3//! Rust SDK for Dynamic Labs `WaaS` — create and manage MPC wallets from a
4//! backend service.
5//!
6//! Stateless v1 contract: every operation that touches an existing wallet
7//! takes explicit `wallet_properties` + `external_server_key_shares`
8//! parameters. Nothing is held inside the client across calls. See the
9//! design doc at `docs/design/rust-sdk.md` for the full contract.
10//!
11//! ## Quick start
12//!
13//! ```no_run
14//! use dynamic_waas_sdk::{DynamicWalletClient, DynamicWalletClientOpts};
15//!
16//! # async fn ex() -> Result<(), dynamic_waas_sdk::Error> {
17//! let mut client = DynamicWalletClient::new(
18//!     DynamicWalletClientOpts::new("env-id"),
19//! )?;
20//! client.authenticate_api_token("dyn_...").await?;
21//!
22//! let wp = client.fetch_wallet_metadata("0xabc...").await?;
23//! # Ok(())
24//! # }
25//! ```
26//!
27//! For chain-specific signing, depend on `dynamic-waas-sdk-evm` or
28//! `dynamic-waas-sdk-svm` (T8/T9 in the rust-sdk epic).
29
30#![doc(html_favicon_url = "https://dynamic.xyz/favicon.ico")]
31#![doc(html_logo_url = "https://dynamic.xyz/logo.svg")]
32#![forbid(unsafe_code)]
33
34// Re-exports from -core for one-stop ergonomics.
35pub use dynamic_waas_sdk_core::{
36    BackupLocation, BackupLocationInfo, ChainName, Environment, Error, KeyShareBackupInfo,
37    RefreshResult, ReshareResult, Result, ServerKeyShare, ThresholdSignatureScheme,
38    UpdatePasswordResult, WalletProperties,
39};
40
41// Re-exports from -mpc for chain-client crates that need MessageHash etc.
42// `EcdsaSigner` and `Ed25519Signer` are intentionally NOT re-exported —
43// customers don't need them; the chain clients (T8/T9) own MPC signers
44// internally.
45pub use dynamic_waas_sdk_mpc::{MessageHash, MpcError};
46
47pub use client::{DynamicWalletClient, DynamicWalletClientOpts};
48pub use delegated_client::{DelegatedWalletClient, DelegatedWalletClientOpts};
49pub use dynamic_waas_sdk_mpc::EcdsaSignature;
50pub use webhook::{
51    decrypt_delegated_webhook_data, DecryptedWebhookData, EncryptedDelegatedPayload,
52};
53
54// Orchestration helpers — chain client crates (T8/T9) use these to
55// implement their `create_wallet_account` and `sign_message` methods.
56pub use backup::{run_backup_dynamic, run_mark_external_no_backup, run_recover_key_shares};
57pub use export::{run_export_ecdsa, run_export_ed25519};
58pub use keygen::{run_keygen, KeygenOpts, KeygenOutput};
59pub use keygen_ed25519::{run_keygen_ed25519, KeygenOptsEd25519, KeygenOutputEd25519};
60pub use sign::{run_sign_ecdsa, SignOpts};
61pub use sign_ed25519::{run_sign_ed25519, SignOptsEd25519};
62
63pub mod mpc_config;
64
65mod backup;
66mod client;
67mod crypto;
68mod delegated_client;
69mod export;
70mod keygen;
71mod keygen_ed25519;
72mod sign;
73mod sign_ed25519;
74mod webhook;
75
76/// Authentication-required error message reused across orchestration
77/// helpers. Centralised so the wording stays consistent and Sonar's
78/// duplicated-literal rule has nothing to flag.
79pub(crate) const AUTH_REQUIRED_MSG: &str =
80    "client must be authenticated; call authenticate_api_token first";