Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
@turnkey/http
Advanced tools
A lower-level, fully typed HTTP client for interacting with Turnkey API.
For signing transactions and messages, check out the higher-level @turnkey/ethers
or @turnkey/viem
signers.
Turnkey API documentation lives here: https://docs.turnkey.com.
$ npm install @turnkey/http
import { ApiKeyStamper } from "@turnkey/api-key-stamper";
import { TurnkeyClient } from "@turnkey/http";
// This stamper produces signatures using the API key pair passed in.
const stamper = new ApiKeyStamper({
apiPublicKey: "...",
apiPrivateKey: "...",
});
// The Turnkey client uses the passed in stamper to produce signed requests
// and sends them to Turnkey
const client = new TurnkeyClient(
{
baseUrl: "https://api.turnkey.com",
},
stamper
);
// Now you can make authenticated requests!
const data = await client.getWhoami({
organizationId: "<Your organization id>",
});
@turnkey/http
provides fully typed http fetchers for interacting with the Turnkey API. You can find all available methods here. The types of input parameters and output responses are also exported for convenience.
The OpenAPI spec that generates all fetchers is also included in the package.
withAsyncPolling(...)
helperAll Turnkey mutation endpoints are asynchronous (with the exception of private key-related signing endpoints, e.g. /submit/sign_transaction
, /submit/sign_raw_payload
). To help you simplify async mutations, @turnkey/http
provides a withAsyncPolling(...)
wrapper. Here's a quick example:
import { withAsyncPolling, TurnkeyActivityError } from "@turnkey/http";
// Use `withAsyncPolling(...)` to wrap & create a fetcher with built-in async polling support
const fetcher = withAsyncPolling({
request: client.createPrivateKeys,
});
// The fetcher remains fully typed. After submitting the request,
// it'll poll until the activity reaches a terminal state.
try {
const activity = await fetcher({
body: {
/* ... */
},
});
// Success!
console.log(
activity.result.createPrivateKeysResultV2?.privateKeys?.[0]?.privateKeyId
);
} catch (error) {
if (error instanceof TurnkeyActivityError) {
// In case the activity is rejected, failed, or requires consensus,
// a rich `TurnkeyActivityError` will be thrown. You can read from
// `TurnkeyActivityError` to find out why the activity didn't succeed.
//
// For instance, if your activity requires consensus and doesn't have
// enough approvals, you can get the `activityId` from `TurnkeyActivityError`,
// store it somewhere, then re-fetch the activity via `.postGetActivity(...)`
// when the required approvals/rejections are in place.
}
}
See createNewEthereumPrivateKey.ts
in the with-ethers
example.
@turnkey/ethers
: Turnkey Signer for Ethers
@turnkey/viem
: Turnkey Custom Account for Viem
FAQs
Typed HTTP client for interacting with Turnkey API
The npm package @turnkey/http receives a total of 44,245 weekly downloads. As such, @turnkey/http popularity was classified as popular.
We found that @turnkey/http demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.