New here? Start with the Quick Start
Create an account, fund it, and run your first Lit Action in a few minutes — then follow the guide for your use case below.
What do you want to build?
Pick your use case. Each guide takes you from a fresh account to a working, verifiable result, and flags the administrative pieces (keys, funding, permissions) as you meet them.Signing
Create a wallet the network holds for you, sign messages and transactions from code, and verify every signature. Covers conditional signing, EVM and Solana, and non-custodial co-signing.
Encryption & decryption
Encrypt secrets so only code you’ve authorized on-chain can decrypt them. Covers the encrypt/decrypt round trip, storing ciphertext anywhere, and using encrypted API keys inside actions.
Use cases in the wild
Patterns people build on these two primitives, with runnable code for each.Cross-chain actions
Read state on one chain, sign on another — bridges, mirrors, and replays without a multisig in the middle.
Custom oracles
Aggregate any HTTP or RPC feed inside the TEE, sign the result, deliver it anywhere a signature is trusted.
Conditional signing
Sign only when on- or off-chain conditions hold — sanctions screens, price thresholds, KYC checks, dispute windows.
Encrypted secrets
Encrypt API keys, credentials, or user data — decryptable only by an action you’ve authorized on-chain.
Administer your account
Everything you need to operate what you build — you’ll meet each of these inside the guides, and they’re all collected under Administration in the sidebar.Dashboard
Web GUI for accounts, API keys, wallets (PKPs), IPFS actions, and groups.
API Keys
Your master account key vs. scoped, rotatable usage keys — and how to manage both.
Pricing & Funding
Credit-based billing, what’s metered vs. free, and paying by card, crypto, or LITKEY.
Account Modes
API mode vs. ChainSecured mode — picking an ownership model and migrating between them.
REST API
Drive every management workflow from cURL, the lightweight JS SDK, or your own OpenAPI client.
Errors
What
402 Payment Required and friends mean, and how to fix them.How it works
How the runtime works and how trust is established.Chain Secured
Your keys’ authority lives on-chain; an attested TEE enforces it by reading the chain.
Architecture
The three layers: chain-secured TEE, on-chain permissions, and IPFS-hosted actions.
Auth Model
How API keys, scopes, and account ownership combine to authorize requests.
Verification
Attest that the enclave is running the code it claims to be running.
Reference
Lit Actions SDK
Functions available inside an action: signing, encryption, HTTP, response.
OpenAPI / Swagger
Full REST API schema — generate clients in any language.