Sign inDemoInstall


Package Overview
File Explorer

Install Socket

Detect and block malicious and high-risk dependencies



Upvest API client library



Upvest Python SDK

CircleCI PyPI version Supported Python versions


The Upvest SDK is available on PYPI. Install with pip:

pip install upvest

The default SDK is lightweight, and user recovery kits are returned as an SVG in string format. If you wish to process the recovery kit in binary format, then additional requirements are necessary:

pip install upvest[recovery]

Note that this may require additional system level dependencies to support PyNaCl.


In order to retrieve your API credentials for using this Python client, you'll need to sign up with Upvest.

API Keys Authentication

The Upvest API uses the notion of tenants, which represent customers that build their platform upon the Upvest API. The end-users of the tenant (i.e. your customers), are referred to as clients. A tenant is able to manage their users directly (CRUD operations for the user instance) and is also able to initiate actions on the user's behalf (create wallets, send transactions).

The authentication via API keys and secret allows you to perform all tenant related operations. Please create an API key pair within the Upvest account management.

The default BASE_URL for both authentication objects is, but feel free to adjust it, once you retrieve your live keys. Next, create an UpvestTenancyAPI object in order to authenticate your API calls:

from upvest.tenancy import UpvestTenancyAPI
tenancy = UpvestTenancyAPI(API_KEY, API_SECRET, API_PASSPHRASE, base_url=BASE_URL) # or base_url=None to use the playground environment (default)

OAuth Authentication

The authentication via OAuth allows you to perform operations on behalf of your user. For more information on the OAuth concept, please refer to our documentation. Again, please retrieve your client credentials from the Upvest account management.

Next, create an UpvestClienteleAPI object with these credentials and your user authentication data in order to authenticate your API calls on behalf of a user:

from upvest.clientele import UpvestClienteleAPI
clientele = UpvestClienteleAPI(CLIENT_ID, CLIENT_SECRET, username, password, base_url=BASE_URL) # or base_url=None to use the playground environment (default)

API Calls

All tenancy related operations must be authenticated using the API Keys Authentication, whereas all actions on a user's behalf need to be authenticated via OAuth. The API calls are built along with those two authentication objects.

The methods allow for passing parameters if needed. If the required arguments are not provided, a respective error will be raised.

Response objects

The response objects are designed around users, wallets, transactions and assets. If you retrieve more than one object (for example: tenancy.users.all()) a list of those objects will be returned.

User object

The user response object has the following properties:

user = tenancy.users.get('username')
user.recoverykit # is None if not just created
Wallet object

The wallet response object has the following properties:

wallet = clientele.wallets.get('wallet_id')
Asset object

The transaction response object has the following properties:

asset, *rest = clientele.assets.all()
Transaction object

The transaction response object has the following properties:

transaction = wallet.transactions.get('transaction_id')



User management
Create a user
user = tenancy.users.create('username','password')
Retrieve a user
user = tenancy.users.get('username')
List all users under tenancy
users = tenancy.users.all()
List a specific number of users under tenancy
users = tenancy.users.list(10)
Change password of a user
user = tenancy.users.get('username').update(password='current_password', new_password='new_password')
Delete a user


List available assets
assets = clientele.assets.all()

Note that it's also possible to retrieve the same list from tenancy.assets.all().

Create a wallet for a user
wallet = clientele.wallets.create('asset_id', 'password')
Retrieve specific wallet for a user
wallet = clientele.wallets.get('wallet_id')
List all wallets for a user
wallets = clientele.wallets.all()
List a specific number of wallets
wallets = clientele.wallets.list(40)
Create transaction
wallet = clientele.wallets.create('asset_id','password')
transaction = wallet.transactions.create('password', 'asset_id', 'quantity', 'fee', 'recipient')
Retrieve specific transaction
wallet = clientele.wallets.create('asset_id','password')
id = wallet.transactions.all()[i].id
transaction = wallet.transactions.get(id)
List all transactions of a wallet for a user
wallet = clientele.wallets.create('asset_id','password')
transactions = wallet.transactions.all()
List a specific number of transactions of a wallet for a user
wallet = clientele.wallets.create('asset_id','password')
transactions = wallet.transactions.list(8)


Tenant creation

The business "Blockchain4Everyone", founded by John, would like to build a platform for Ethereum wallets with easy access and wallet management. Therefore, John visits the Upvest Signup Page, creates an account, and retrieves his API keys from the account management page. He is now able to create the API Keys Authentication object:

# API Keys object
from upvest.tenancy import UpvestTenancyAPI
tenancy = UpvestTenancyAPI(API_KEY, API_SECRET, API_PASSPHRASE, base_url=BASE_URL)

User creation

John sets up his platform and soon has the first person signing up for his service. Jane Apple, his first user, creates an account entering the username Jane Apple and the password very secret. Via an API call from his application's backend to the Upvest API, John creates an account for Jane under his tenancy account with Upvest, by implementing the following call using the API keys object from before:

user = tenancy.users.create('Jane Apple','very secret')
recovery_kit = user.recovery_kit

After the request, John can access the recovery kit in the user instance and pass it on to Jane. Recovery kits are encrypted using a public key whose private counterpart is provided to tenants at sign-up on the Upvest Account Management portal, and not stored by Upvest. In case Jane loses her password, John is able to reset her password on her behalf, using her password and his decryption key, after conducting a proper KYC process in order to prevent identity fraud.

Wallet creation

After creating an account Jane wants to create an Ethereum wallet on John's platform. In order to do that on behalf of Jane, John needs to initialize an OAuth object with his client credentials and Jane's username and password. After doing so, John can easily create a wallet by providing the respective asset_id for Ethereum to the wallets.create() function. The asset_id can be retrieved via a call to the Upvest asset endpoint, using the clientele or tenancy authentication:

from upvest.clientele import UpvestClienteleAPI
clientele = UpvestClienteleAPI(CLIENT_ID, CLIENT_SECRET, 'Jane Apple','very secret', base_url=BASE_URL)

# List assets and their ids
asset_id = clientele.assets.all()[i].id
asset_id = tenancy.assets.all()[i].id

# Create a wallet for Jane on Ethereum with her password and the respective asset_id
ethereum_wallet = clientele.wallets.create(asset_id, 'very secret')
wallet_address = ethereum_wallet.address

Using the address, Jane is now able to receive funds in her Ethereum wallet on John's platform. Thus she sends Ethereumfrom her current Ethereum wallet provider and sends the funds to her newly created wallet on John's platform.

Transaction sending

After a couple of days, Jane would like to buy a new road bike, paying with Ether. The address of the seller is 0x6720d291A72B8673E774A179434C96D21eb85E71 and Jane needs to transfer 1 ETH. As a quantity it's denoted in Wei (Ether's smallest unit), John will need to implement a transformation of this amount. The transaction can be sent via the Upvest API making the following call:

# Retrieve Jane's wallet_id
wallets_of_jane = clientele.wallets.all()
wallet = wallets_of_jane[0]
recipient = '0x6720d291A72B8673E774A179434C96D21eb85E71'

# Send the transaction
transaction = wallet.transactions.create('very secret', 'asset_id', 1000000000000000000, 4000000000, recipient)
txhash = transaction.txhash

That's it! Jane has successfully sent a transaction and is able to monitor it via Etherscan.



Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.


Related posts

SocketSocket SOC 2 Logo


  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc