Expand description
§dynamic-waas-sdk
Rust SDK for Dynamic Labs WaaS — create and manage MPC wallets from a
backend service.
Stateless v1 contract: every operation that touches an existing wallet
takes explicit wallet_properties + external_server_key_shares
parameters. Nothing is held inside the client across calls. See the
design doc at docs/design/rust-sdk.md for the full contract.
§Quick start
use dynamic_waas_sdk::{DynamicWalletClient, DynamicWalletClientOpts};
let mut client = DynamicWalletClient::new(
DynamicWalletClientOpts::new("env-id"),
)?;
client.authenticate_api_token("dyn_...").await?;
let wp = client.fetch_wallet_metadata("0xabc...").await?;For chain-specific signing, depend on dynamic-waas-sdk-evm or
dynamic-waas-sdk-svm (T8/T9 in the rust-sdk epic).
Modules§
- mpc_
config - MPC scheme configuration ported from
python/dynamic_wallet_sdk/mpc_config.py.
Structs§
- Backup
Location Info - Decrypted
Webhook Data - Result of decrypting a delegated-wallet webhook.
- Delegated
Wallet Client - Customer-side delegated
WaaSclient. Acts on behalf of one end-user wallet at a time using a delegated API key sourced from a webhook. - Delegated
Wallet Client Opts - Construction options for
DelegatedWalletClient. - Dynamic
Wallet Client - Top-level
WaaSclient. Authenticate once, then pass it around. All per-wallet state is supplied explicitly to each method. - Dynamic
Wallet Client Opts - Construction options for
DynamicWalletClient.#[non_exhaustive]so we can add fields non-breakingly. - Ecdsa
Signature - ECDSA signature in canonical form.
- Encrypted
Delegated Payload - Wire format of one encrypted webhook field.
- KeyShare
Backup Info - Per-share backup pointer metadata. Returned by mutating ops
(
refresh_wallet,reshare,update_password) and persisted alongside the correspondingWalletPropertiesin the customer’s cache. - Keygen
Opts - Options for
run_keygen. - Keygen
Opts Ed25519 - Keygen
Output - Output of
run_keygen— the building block chain clients use to implementcreate_wallet_account. - Keygen
Output Ed25519 - Message
Hash - 32-byte hash used as input to ECDSA signing.
- Refresh
Result - Reshare
Result - Server
KeyShare - Sign
Opts - Options for
run_sign_ecdsa. All fields required. - Sign
Opts Ed25519 - Update
Password Result - Wallet
Properties - Non-sensitive wallet metadata. Safe for normal caches.
Enums§
- Backup
Location - Where a key share is stored. Mirrors
BackupLocationenum from the Python SDK (python/dynamic_wallet_sdk/constants.py). - Chain
Name - Chain identifier — matches Python
ChainTypeand NodeChainName. - Environment
- Error
- MpcError
- Threshold
Signature Scheme - MPC threshold signature scheme.
Functions§
- decrypt_
delegated_ webhook_ data - Decrypt the two encrypted blobs delivered in a delegated-wallet webhook (the server key share + the per-wallet API key) using the customer’s RSA private key.
- run_
backup_ dynamic - Encrypt the customer’s shares with
password, upload them to Dynamic’s backup store, then mark the wallet active with oneBackupLocation::Dynamicper share. - run_
export_ ecdsa - Export an ECDSA wallet’s xpriv. Caller is the only “exporter” — server
- run_
export_ ed25519 - Export an Ed25519 (Solana) wallet’s private key. Returns the raw
bytes the engine delivers — Solana hands back a 64-byte expanded keypair
(
seed || pubkey). Chain clients extract the seed if they want the 32-byte form. - run_
keygen - run_
keygen_ ed25519 - run_
mark_ external_ no_ backup - Mark the wallet active without uploading anything to Dynamic’s backup
store. Used when the caller has set
back_up_to_dynamic=false— they’re vaulting shares themselves and only need the relay to flip the wallet from “pending” → “active”. - run_
recover_ key_ shares - Recover the customer’s shares from Dynamic’s backup store, decrypt
with
password, and return them. The caller re-vaults the result. - run_
sign_ ecdsa - run_
sign_ ed25519 - Returns the raw 64-byte Ed25519 signature.