npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@agent-shield/custody-crossmint

v0.1.4

Published

Crossmint TEE custody adapter for AgentShield — hardware-enclave signing for AI agents

Downloads

453

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

pinadoptpullpinadoptpull

Keywords

solanaai-agentteecustodycrossminthardware-enclavewallet

Readme

@agent-shield/custody-crossmint

Crossmint TEE custody adapter for AgentShield — hardware-enclave signing for AI agents. The private key never leaves the Trusted Execution Environment.

@agent-shield/custody-crossmint wraps Crossmint's Intel TDX-backed wallets into a standard WalletLike interface that works with shield() and the rest of the AgentShield ecosystem. Your agent gets a signing interface; the private key stays in hardware.

Installation

npm install @agent-shield/custody-crossmint @solana/web3.js

Optional peer dependency: @agent-shield/solana (for shield() integration)

Quick Start

import { shield } from "@agent-shield/solana";
import { crossmint } from "@agent-shield/custody-crossmint";

// Create a TEE-backed wallet and wrap it with spending controls
const wallet = shield(
  await crossmint({ apiKey: "sk_production_..." }),
  { maxSpend: "500 USDC/day" }
);

// Use like any other wallet — signing happens in hardware
await wallet.signTransaction(tx);

Zero-Config from Environment

import { shield } from "@agent-shield/solana";
import { crossmintFromEnv } from "@agent-shield/custody-crossmint";

// Reads CROSSMINT_API_KEY from environment
const wallet = shield(await crossmintFromEnv(), { maxSpend: "500 USDC/day" });

API Reference

crossmint(config, client?): Promise<CrossmintWallet>

Create a CrossmintWallet from explicit configuration. If no locator is provided, a new wallet is created via the Crossmint API.

const wallet = await crossmint({ apiKey: "sk_production_..." });
console.log(wallet.publicKey.toBase58()); // Solana address

crossmintFromEnv(client?): Promise<CrossmintWallet>

Create a CrossmintWallet from environment variables. Throws if CROSSMINT_API_KEY is not set.

CrossmintWallet

Implements WalletLike — compatible with shield(), Solana Agent Kit, and any code expecting a standard wallet interface.

| Property/Method | Description | |-----------------|-------------| | publicKey | Solana PublicKey of the TEE-backed wallet | | locator | Crossmint wallet locator string | | provider | Always "crossmint" | | signTransaction(tx) | Sign via TEE — serializes tx, sends to Crossmint, returns signed tx | | signAllTransactions(txs) | Sign multiple transactions sequentially via TEE | | CrossmintWallet.create(config, client?) | Static factory method |

CrossmintRESTClient

Default SDK client that calls Crossmint's REST API directly. Used automatically when no custom client is provided.

| Method | Description | |--------|-------------| | createWallet(params) | Create a new wallet via Crossmint API | | getWallet(locator) | Get an existing wallet's address by locator | | signTransaction(locator, transaction, encoding) | Sign a serialized transaction |

Configuration Utilities

| Export | Description | |--------|-------------| | configFromEnv() | Parse CrossmintWalletConfig from environment variables | | validateConfig(config) | Validate config, throw on missing/invalid fields | | CROSSMINT_ENV_KEYS | Environment variable key constants |

Configuration

CrossmintWalletConfig

interface CrossmintWalletConfig {
  apiKey: string;              // Required — Crossmint server-side API key
  locator?: string;            // Existing wallet locator (creates new if omitted)
  chain?: string;              // Default: "solana"
  signerType?: "api-key" | "evm-keypair";  // Default: "api-key"
  baseUrl?: string;            // Default: "https://www.crossmint.com"
  linkedUser?: string;         // User identifier for wallet association
}

Environment Variables

| Variable | Required | Default | Description | |----------|----------|---------|-------------| | CROSSMINT_API_KEY | Yes | — | Server-side API key (needs wallets.create + wallets:transactions.sign scopes) | | CROSSMINT_WALLET_LOCATOR | No | — | Existing wallet locator (creates new wallet if omitted) | | CROSSMINT_SIGNER_TYPE | No | api-key | "api-key" (custodial) or "evm-keypair" | | CROSSMINT_BASE_URL | No | https://www.crossmint.com | API base URL override | | CROSSMINT_LINKED_USER | No | — | Linked user for wallet association |

Integration with shield()

import { shield, ShieldDeniedError } from "@agent-shield/solana";
import { crossmint } from "@agent-shield/custody-crossmint";

const teeWallet = await crossmint({ apiKey: "sk_..." });
const protectedWallet = shield(teeWallet, {
  maxSpend: ["500 USDC/day", "10 SOL/day"],
  blockUnknownPrograms: true,
  rateLimit: { maxTransactions: 60, windowMs: 3_600_000 },
});

// Two layers of protection:
// 1. Private key in TEE — agent code never sees it
// 2. shield() enforces spending caps before signing
try {
  await protectedWallet.signTransaction(tx);
} catch (error) {
  if (error instanceof ShieldDeniedError) {
    console.log("Policy blocked:", error.violations[0].suggestion);
  }
}

Related Packages

| Package | Description | |---------|-------------| | @agent-shield/solana | Client-side wallet wrapper (shield()) | | @agent-shield/sdk | On-chain vault SDK (Level 3 enforcement) | | @agent-shield/core | Pure TypeScript policy engine | | @agent-shield/mcp | MCP server for AI tools | | @agent-shield/plugin-elizaos | ElizaOS integration (supports Crossmint custody) |

Support

License

MIT