Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.chipipay.com/llms.txt

Use this file to discover all available pages before exploring further.

The @chipi-stack/chipi-passkey package handles the browser side of passkey authentication for Chipi wallets. The user authenticates with biometrics — Touch ID, Face ID, Windows Hello, Android biometrics — and the wallet’s private key stays on their device.

What you build with this

  • Sign-up without a password. The user taps Touch ID once; you get back a public key + credential id and create their wallet.
  • Sign every transaction with biometrics. No PIN prompt, no password modal, no copy-pasted seed phrase.
  • Recover lost passkeys. A second passkey on a different device, or a PIN fallback at the SDK boundary, both keep the wallet recoverable.

Install

npm install @chipi-stack/chipi-passkey
# or pnpm / yarn
Browser-only. The package depends on navigator.credentials and crypto.subtle; it does not run on Node or Bun server entry points.

Pick your path

There are two wallet types — the SDK supports passkeys for both, but the entry point differs.

SHHH wallets (default)

Use createShhhPasskey + signShhhMessage. The P-256 key stays inside the platform authenticator. No PIN. This is the path new integrations should take.

Legacy CHIPI v29 wallets

Use createWalletPasskey + getWalletEncryptKey. The WebAuthn PRF extension derives an encryption key that unlocks a stored STARK key. Still supported.

Browser support

The platform authenticator must be available — that’s iOS 15+ Safari, modern Chrome / Edge, Firefox 122+ on macOS / Windows, Android 9+ Chrome. The package exposes isWebAuthnSupported() so you can branch your UI: 
import { isWebAuthnSupported } from "@chipi-stack/chipi-passkey";

if (!isWebAuthnSupported()) {
  // Render the PIN fallback flow instead of a "Sign up with passkey" button.
}

Related

  • Quickstart — register a passkey and sign a transaction, end to end
  • API reference — every exported function
  • When passkeys fail — what to do when the browser changes, the user loses their device, or biometrics break