Shinami’s Invisible Wallets abstract away Web3 elements like seed phrases, third-party wallet connections, gas fees, and signing popups. They are embedded, backend wallets under the shared custody of your app and Shinami. Both parties must cooperate in order to obtain a valid signature.You’ll find API endpoints and key usage notes below. If you ever need help you can reach out to us.
All methods below that write to the Sui blockchain have their gas fees sponsored by you via a Gas Station you create (see the Sui Gas Station FAQ page of our Help Center for how guidance on how to set up a fund and add free Testnet Sui to it). This is because Invisible Wallets are designed to easily onboard Web2-native users (who may not want to download a wallet app, manage a seed phrase, and complete KYC checks to buy SUI for gas).
AuthenticationYou authenticate via an access key passed in a header (‘X-Api-Key: ACCESS_KEY’) or in the request url, e.g. https://api.us1.shinami.com/sui/wallet/v1/ACCESS_KEY. We recommend using a request header and not putting access keys in your request URLs for reduced visibility (in logs, etc). These steps are done automatically by our TypeScript SDK. Region URLs - us1 above - only work with API keys created in the same region. So, to use this API, you’ll make Wallet Services API keys in our US East - us1 region.For more information, including how to set up an access key with Wallet Services rights, see our Authentication and API Keys guide.
Call this API from your backendShinami Wallet Services do not support CORS requests, so if you call these APIs from your frontend you’ll get a CORS error. This is for security reasons: exposed keys and wallet information could lead to malicious actors signing transactions on behalf of your users.
Rate LimitsWhen you surpass the QPS limit for a key, we return a JSON-RPC error code -32010. We recommend implementing retries with a backoff to handle any rate limits errors that arise. You can also adjust the rate limits of your keys to better balance your QPS allotment across your keys.Error HandlingSee our Error Reference for guidance on the errors you may receive from our services, including a section on errors specific to the Invisible Wallet API.
When you create an Invisible Wallet, you must create, store, link, and never change the following two values:
walletId: Your internal id for a wallet. When you provide us a walletId in a method call, it tells us which Invisible Wallet to use. It could be your internal userId value, or a new arbitrary and unique value you link to the userId.
secret: Your internal secret for a wallet. The sessionToken you generate with it is combined with Shinami data to obtain a signature from the associated wallet. Ideally it would be different for each wallet so that if one secret is compromised the rest are not.
When you create an Invisible Wallet, you forever link its walletId it to the secret you used:
So, if you try to use the walletId with a different secret, you’ll get an error:
Check out our TypeScript tutorial for more code samples and details on the end-to-end flow of creating and using Invisible Wallets to execute sponsored transactions.
For security purposes, you must generate a session token before you create a wallet, or sign or execute transactions. Session tokens are valid and can be reused for 10 minutes.You may also use an instance of ShinamiWalletSigner to manage session token generation and refreshes for a given wallet. This is shown in the methods below that have a sessionToken parameter in an additional sample code tab.Request Parameters
Name
Type
Description
secret
string
Used to encrypt and decrypt a wallet’s private key. Therefore, it must always be used with the same walletId and cannot be changed in the future (see walletId and secret pairing)
Example Request TemplateThe TypeScript example uses the Shinami Clients SDK, which you can install with:
Copy
Ask AI
npm install @shinami/clients
Replace all instances of{{name}} with the actual value for that name
Programmatically generates a unique wallet for a user that is Sui network agnostic (has the same address on Devnet, Testnet, and Mainnet). On the free tier you have a limit of wallet creations per month as shown on the “Sui Wallet Services” tab of the billing page in your dashboard (where you can also see how to upgrade if needed). If you hit this limit, you will get a JSON-RPC code -32012 and should not retry. All other wallet operations will still work for the month, like signing with wallets you’ve already created.
Each walletId only works with the secret you create it with (via the sessionToken you pass to this method). Your application MUST remember the (walletId, secret) pair associated with each Invisible Wallet you create. If you forget or change either of these values, the wallet’s private key will be lost and we cannot recover it for you.
Request Parameters
Name
Type
Description
walletId
string
A unique ID you maintain for the wallet. Can be based on your internal user IDs. Note: you cannot change this value in the future, so do not use a value that you or your users might change, such as an editable username.
sessionToken
string
The token generated by shinami_key_createSession with the unalterable secret you will permanently associate with this walletId (and, ideally, only this walletId).
Example Request TemplateThe TypeScript example uses the Shinami Clients SDK, which you can install with:
Copy
Ask AI
npm install @shinami/clients
Replace all instances of{{name}} with the actual value for that name
Signs a fully constructed transaction so that it can be executed. This is a low level API - it requires integration with Gas Station API and Sui API for transaction sponsorship (if needed) and execution. This method gives you more control over how you submit transactions to Sui compared to shinami_wal_executeGaslessTransactionBlock, which sponsors, signs, and executes an Invisible Wallet transaction in one method call.Request Parameters
Name
Type
Description
walletId
string
Your unique, internal id for the associated Invisible Wallet.
sessionToken
string
The token generated by shinami_key_createSession with the same secret you used when creating this wallet.
txBytes
SDK: string | Uint8ArraycURL: string
BCS serialized TransactionData, which includes gas data. It lacks only the sender’s signature (which this method generates) before it can be submitted to the chain. If string, assumed to be Base64 encoded.
Example Request TemplateThe TypeScript example uses the Shinami Clients SDK, which you can install with:
Copy
Ask AI
npm install @shinami/clients
Replace all instances of{{name}} with the actual value for that name
Base64 encoded transaction signature, signed by the wallet key. To be used alongside the txBytes sent to this method and the gas sponsor’s signature (if applicable) in a call to sui_executeTransactionBlock
Signs a personal message using an Invisible Wallet. The signature can be verified with the PersonalMessage intent scope. The request template below titled End-to-end example with ShinamiWalletSigner - Shinami TS SDK shows an end-to-end example of signing and a message and verifying a signature.Request Parameters
Name
Type
Description
walletId
string
Your unique, internal id for the associated Invisible Wallet.
sessionToken
string
The token generated by shinami_key_createSession with the same secret you used when creating this wallet.
message
string
Message bytes to be signed. See an example in the request template below titled End-to-end example with ShinamiWalletSigner - Shinami TS SDK
wrapBcs
boolean
Optional. Set it to true when calling the API directly to match the verification behavior of the Sui TypeScript SDK. When using the Shinami TypeScript SDK it’s set to true by default.
Example Request TemplateThe TypeScript example uses the Shinami Clients SDK, which you can install with:
Copy
Ask AI
npm install @shinami/clients
Replace all instances of{{name}} with the actual value for that name
Sponsors, signs, and executes a gasless transaction from a wallet. This is a convenient end-to-end method for submitting sponsored transactions to the chain when you also use Shinami Gas Station. It sponsors the transaction using the Gas Station fund tied to the access key used to make the request. To see how to set up an Access Key with rights to all services, see our Authentication and API Keys guide. Note that this call produces a Node service sui_executeTransactionBlock request which counts against your daily request total (and so your billing).Important notes
To call this method, you need an access key that is authorized for all of these Shinami products: Wallet Services, Gas Station, Node Service.
You cannot use the gas object in a sponsored transaction for other purposes: For example, you cannot write const [coin] = txb.splitCoins(txb.gas,[txb.pure(100)]); because it’s accessing txb.gas. If you try to sponsor a TransactionKind that uses the gas object you will get a JSON-RPC -32602 error back from the Gas Station sponsorship attempt.
Shinami sponsorship fees: We charge a small fee (in SUI) per sponsorship request to cover our costs. For details, visit the Billing tab in your Shinami dashboard.
Request Parameters
Name
Type
Description
walletId
string
Your unique, internal id for the associated Invisible Wallet.
sessionToken
string
The token generated by shinami_key_createSession with the same secret you used when creating this wallet.
<ExecuteTransactionRequestType> - Optional. The execution request type (WaitForEffectsCert or WaitForLocalExecution). Note that calling this method - via our SDK or otherwise - does not have the same result as using the Mysten SDK v 1.6 and above for executeTransactionBlock in that it does not also call waitForTransaction to poll the Fullnode to ensure that the transaction has been indexed after execution. If you require read-after-write consistency you will need to explicitly call waitForTransaction after calling this method.
SDK-only: tx
GaslessTransaction
TransactionKind and additional optional data sender, gasBudget, and gasPrice. The result of a call to buildGaslessTransaction.
cURL only: txBytes
string
Base64 encoded TransactionKind (as opposed to TransactionData) bytes. So, it does not include gas information.
cURL only: gasBudget
string
(Optional) The gas budget you wish to use for the transaction, in MIST. The transaction will fail if the gas cost exceeds this value.
- If provided, we use the value as the budget of the sponsorship.
- If omitted, we estimate the transaction cost for you. We then add a buffer (5% for non-shared objects, 25% for shared objects) and use that total value as the budget of the sponsorship.
Auto-budgeting notes
As a part of auto-budgeting, we put your transactionBytes through a sui_dryRunTransactionBlock request as a free service before we attempt to sponsor it. This call will generate error messages for certain invalid transactions, such as if the transactionBytes are transferring an object that’s not owned by the sender address you provide. We’ll return these errors back to you, which should be the same as if you had made a sui_dryRunTransactionBlock request yourself. We do not do this step if you manually budget, so any issues that would be caught by sui_dryRunTransactionBlock will instead produce an error when you try to execute the transaction.
In the time between sponsorship and execution, shared objects can change in a way that increases their transaction cost. Therefore, we encourage you to execute sponsored transactions quickly, if possible, to ensure that the sponsorship amount is sufficient. This is why we add a larger buffer on auto-budgeted sponsorships when a shared object is involved. While we believe this buffer will work in most cases, we encourage you to monitor the success rate of your auto-budgeted transactions to gauge whether your specific use-case requires manually setting an even larger gasBudget.
Example Request TemplateThe TypeScript example uses the Shinami Clients SDK, which you can install with:
Copy
Ask AI
npm install @shinami/clients
Replace all instances of{{name}} with the actual value for that name
Beneficiary Graph APIThis API interacts with the Account Graph Move package.
Designates a beneficiary account for this wallet in the specified beneficiary graph instance. Calling this method multiple times will override the previous designations.Apps participating in Bullshark Quests can use this method to link up Shinami Invisible Wallets with their users’ self-custody wallets. This way, the user’s self-custody wallet (the beneficiary, containing a Bullshark NFT) will get credit for actions done by the associated Invisible Wallet. This method accepts any value that is a possible Sui Address someone could own. It does not guarantee that anyone actually owns a keypair for it and can sign transactions from it (because it does not require the beneficiary address owner to sign a transaction).This method will use your Shinami Gas Station fund to pay for the transaction. It sponsors the transaction using the Gas Station fund tied to the access key used to make the request. To see how to set up an Access Key with rights to all services, see our Authentication and API Keys guide. Note that this call produces a Node service sui_executeTransactionBlock request which counts against your daily request total (and so your billing).We explicitly wait for the transaction to have been check-pointed and indexed by the Fullnode before returning a response to you to ensure read-after-write consistency.
To call this method, you need an access key that is authorized for all of these Shinami products:
Wallet Services (for signing the transaction)
Gas Station (for sponsoring the transaction)
Node Service (for executing the transaction)
Request Parameters
Name
Type
Description
walletId
string
Your unique, internal id for the associated invisible wallet whose beneficiary you’re setting.
sessionToken
string
The token generated by shinami_key_createSession with the same secret you used when creating this wallet.
beneficiaryGraphId
string
<ObjectID> - Id of the beneficiary graph instance.
beneficiaryAddress
string
<SuiAddress> - Address of the beneficiary account.
Example Request TemplateThe TypeScript example uses the Shinami Clients SDK, which you can install with:
Copy
Ask AI
npm install @shinami/clients
Replace all instances of{{name}} with the actual value for that name
Beneficiary Graph APIThis API interacts with the Account Graph Move package.
Clears any beneficiary designation for this wallet in the specified beneficiary graph instance.This method will use your Shinami Gas Station fund to pay for the transaction. It sponsors the transaction using the Gas Station fund tied to the access key used to make the request. To see how to set up an Access Key with rights to all services, see our Authentication and API Keys guide. Note that this call produces a Node service sui_executeTransactionBlock request which counts against your daily request total (and so your billing).We explicitly wait for the transaction to have been check-pointed and indexed by the Fullnode before returning a response to you to ensure read-after-write consistency.
To call this method, you need an access key that is authorized for all of these Shinami products:
Wallet Services
Gas Station
Node Service
Request Parameters
Name
Type
Description
walletId
string
Your unique, internal id for the associated Invisible Wallet whose beneficiary you’re unsetting.
sessionToken
string
The token generated by shinami_key_createSession with the same secret you used when creating this wallet.
beneficiaryGraphId
string
<ObjectID> - Id of the beneficiary graph instance.
Example Request TemplateThe TypeScript example uses the Shinami Clients SDK, which you can install with:
Copy
Ask AI
npm install @shinami/clients
Replace all instances of{{name}} with the actual value for that name
Beneficiary Graph APIThis API interacts with the Account Graph Move package.
Gets the beneficiary designation for this wallet in the specified beneficiary graph instance. This is a convenience method on top of suix_getDynamicFieldObject.
To call this method, you need an access key that is authorized for all of these Shinami products:
Wallet Services
Node Service
Request Parameters
Name
Type
Description
walletId
string
Your unique, internal id for the associated Invisible Wallet whose beneficiary you’re asking for.
beneficiaryGraphId
string
<ObjectID> - Id of the beneficiary graph instance
Example Request TemplateThe TypeScript example uses the Shinami Clients SDK, which you can install with:
Copy
Ask AI
npm install @shinami/clients
Replace all instances of{{name}} with the actual value for that name
// The wallet has a beneficiary in the provided beneficiary graph{ "jsonrpc":"2.0", "result":"0xa39edfb89e6a21e89570711845c6c8f412d86bb208e571faf6ea1fc6470172d7", "id":1}// The wallet does not have a beneficiary in the provided beneficiary graph{ "jsonrpc":"2.0", "result":null, "id":1}
