@runonflux/aa-schnorr-multisig-sdk
Advanced tools
A typescript library for creating ERC-4337 Account Abstraction which utilizes Schnorr Signatures for multi signatures.
Current library provide utilities to sign/send User Operation's with Schnorr Signer. Alchemy Account Kit used to send User Operations. To better understand usage of library go to Examples section.
Never reuse public nonces. Reusing them will cryptographically expose your private keys and lead to a loss of funds. Implement robust nonce management in your application is crucial for security, make sure to delete nonce after usage and never use it again.
Construction of multisignature address uses salts. Ensure salts are deterministic and consistent to maintain cross-wallet compatibility. Usage of different salts will lead to different multisignature address. Use the following salts that are used by SSP Wallet:
accountSalt: aasaltfactorySalt: aafactorysaltInstall via npm:
npm install @runonflux/aa-schnorr-multisig-sdk
Or clone the repository:
git clone https://github.com/RunOnFlux/account-abstraction.git
cd account-abstraction/aa-schnorr-multisig-sdk
npm i
To get started, explore our examples and documentation. Ensure you have a .env file configured with the necessary environment variables as shown in .env.sample.
Found a bug? Please report it on our issue tracker.
This project is licensed under the MIT License.
SSP Wallet is a multi-signature multi-asset wallet that uses this AA Schnorr Multi-Signature SDK for EVM chains. Check out the SSP Wallet repository for more information and proper usage of the library
The smart contracts and SDK underwent a comprehensive security audit by Halborn finalised in February 2025.
📄 Smart Contracts Audit
📄 SDK Audit
main branch. Contracts were redeployed, and the main branch is recommended for production while master branch is an archive where audits were assessed and perfectly safe to continue using. (Fix PR)main branch. Be noted that examples are using hard coded values, furthermore this library requires proper nonce management on the client side, and following a strict error-throwing approach. (Fix PR)FAQs
Account Abstraction Schnorr Multi-Signatures SDK
We found that @runonflux/aa-schnorr-multisig-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket Threat Research maps a rare inside look at OtterCookie’s npm-Vercel-GitHub chain, adding 197 malicious packages and evidence of North Korean operators.
Research
Socket researchers identified a malicious Chrome extension that manipulates Raydium swaps to inject an undisclosed SOL transfer, quietly routing fees to an attacker wallet.
Research
/Security News
Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.