npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@coinbase/cdp-sdk

v1.39.0

Published

SDK for interacting with the Coinbase Developer Platform Wallet API

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

coinbase-ownercoinbase-ownercoinbase-npmcoinbase-npm

Keywords

coinbasecoinbase developer platformcoinbase sdkcdp sdksdkapi

Readme

Coinbase Developer Platform (CDP) TypeScript SDK

Table of Contents

[!TIP]

If you're looking to contribute to the SDK, please see the Contributing Guide.

CDP SDK

This module contains the TypeScript CDP SDK, which is a library that provides a client for interacting with the Coinbase Developer Platform (CDP). It includes a CDP Client for interacting with EVM and Solana APIs to create accounts and send transactions, policy APIs to govern transaction permissions, as well as authentication tools for interacting directly with the CDP APIs.

Documentation

CDP SDK has auto-generated docs for the Typescript SDK.

Further documentation is also available on the CDP docs website:

Installation

npm install @coinbase/cdp-sdk

API Keys

To start, create a CDP API Key. Save the API Key ID and API Key Secret for use in the SDK. You will also need to create a wallet secret in the Portal to sign transactions.

Usage

Initialization

Load client config from shell

One option is to export your CDP API Key and Wallet Secret as environment variables:

export CDP_API_KEY_ID="YOUR_API_KEY_ID"
export CDP_API_KEY_SECRET="YOUR_API_KEY_SECRET"
export CDP_WALLET_SECRET="YOUR_WALLET_SECRET"

Then, initialize the client:

import { CdpClient } from "@coinbase/cdp-sdk";

const cdp = new CdpClient();

Load client config from .env file

Another option is to save your CDP API Key and Wallet Secret in a .env file:

touch .env
echo "CDP_API_KEY_ID=YOUR_API_KEY_ID" >> .env
echo "CDP_API_KEY_SECRET=YOUR_API_KEY_SECRET" >> .env
echo "CDP_WALLET_SECRET=YOUR_WALLET_SECRET" >> .env

Then, load the client config from the .env file:

import { CdpClient } from "@coinbase/cdp-sdk";
import dotenv from "dotenv";

dotenv.config();

const cdp = new CdpClient();

Pass the API Key and Wallet Secret to the client

Another option is to directly pass the API Key and Wallet Secret to the client:

const cdp = new CdpClient({
  apiKeyId: "YOUR_API_KEY_ID",
  apiKeySecret: "YOUR_API_KEY_SECRET",
  walletSecret: "YOUR_WALLET_SECRET",
});

Creating EVM or Solana accounts

Create an EVM account as follows:

const account = await cdp.evm.createAccount();

Import an EVM account as follows:

const account = await cdp.evm.importAccount({
  privateKey: "0x123456",
  name: "MyAccount",
});

Create a Solana account as follows:

const account = await cdp.solana.createAccount();

Import a Solana account as follows:

const account = await cdp.solana.importAccount({
  privateKey: "3MLZ...Uko8zz",
  name: "MyAccount",
});

Exporting EVM or Solana accounts

Export an EVM account as follows:

// by name
const privateKey = await cdp.evm.exportAccount({
  name: "MyAccount",
});

// by address
const privateKey = await cdp.evm.exportAccount({
  address: "0x123",
});

Export a Solana account as follows:

// by name
const privateKey = await cdp.solana.exportAccount({
  name: "MyAccount",
});

// by address
const privateKey = await cdp.solana.exportAccount({
  address: "Abc",
});

Get or Create an EVM account as follows:

const account = await cdp.evm.getOrCreateAccount({
  name: "Account1",
});

Get or Create a Solana account as follows:

const account = await cdp.solana.getOrCreateAccount({
  name: "Account1",
});

Get or Create a Smart Account as follows:

const owner = await cdp.evm.createAccount();
const account = await cdp.evm.getOrCreateSmartAccount({
  name: "Account1",
  owner
});

Creating EVM or Solana accounts with policies

Create an EVM account with policy as follows:

const account = await cdp.evm.createAccount({
  name: "AccountWithPolicy",
  accountPolicy: "abcdef12-3456-7890-1234-567890123456"
})

Create a Solana account with policy as follows:

const account = await cdp.solana.createAccount({
  name: "AccountWithPolicy",
  accountPolicy: "abcdef12-3456-7890-1234-567890123456"
})

Updating EVM or Solana accounts

Update an EVM account as follows:

const account = await cdp.evm.updateAccount({
  addresss: account.address,
  update: {
    name: "Updated name",
    accountPolicy: "1622d4b7-9d60-44a2-9a6a-e9bbb167e412",
  },
});

Update a Solana account as follows:

const account = await cdp.solana.updateAccount({
  addresss: account.address,
  update: {
    name: "Updated name",
    accountPolicy: "1622d4b7-9d60-44a2-9a6a-e9bbb167e412",
  },
});

Testnet faucet

You can use the faucet function to request testnet ETH or SOL from the CDP.

Request testnet ETH as follows:

const faucetResp = await cdp.evm.requestFaucet({
  address: evmAccount.address,
  network: "base-sepolia",
  token: "eth",
});

Request testnet SOL as follows:

const faucetResp = await cdp.solana.requestFaucet({
  address: fromAddress,
  token: "sol",
});

Sending transactions

EVM

You can use CDP SDK to send transactions on EVM networks.

import { CdpClient } from "@coinbase/cdp-sdk";
import { parseEther, createPublicClient, http } from "viem";
import { baseSepolia } from "viem/chains";

const publicClient = createPublicClient({
  chain: baseSepolia,
  transport: http(),
});

const cdp = new CdpClient();

const account = await cdp.evm.createAccount();

const faucetResp = await cdp.evm.requestFaucet({
  address: account.address,
  network: "base-sepolia",
  token: "eth",
});

const faucetTxReceipt = await publicClient.waitForTransactionReceipt({
  hash: faucetResp.transactionHash,
});

const { transactionHash } = await cdp.evm.sendTransaction({
  address: account.address,
  network: "base-sepolia",
  transaction: {
    to: "0x4252e0c9A3da5A2700e7d91cb50aEf522D0C6Fe8",
    value: parseEther("0.000001"),
  },
});

await publicClient.waitForTransactionReceipt({ hash: transactionHash });

console.log(
  `Transaction confirmed! Explorer link: https://sepolia.basescan.org/tx/${transactionHash}`,
);

CDP SDK is fully viem-compatible, so you can optionally use a walletClient to send transactions.

import { CdpClient } from "@coinbase/cdp-sdk";
import { parseEther, createPublicClient, http, createWalletClient, toAccount } from "viem";
import { baseSepolia } from "viem/chains";

const publicClient = createPublicClient({
  chain: baseSepolia,
  transport: http(),
});

const cdp = new CdpClient();

const account = await cdp.evm.createAccount();

const faucetResp = await cdp.evm.requestFaucet({
  address: account.address,
  network: "base-sepolia",
  token: "eth",
});

const faucetTxReceipt = await publicClient.waitForTransactionReceipt({
  hash: faucetResp.transactionHash,
});

const walletClient = createWalletClient({
  account: toAccount(serverAccount),
  chain: baseSepolia,
  transport: http(),
});

// Step 3: Sign the transaction with CDP and broadcast it using the wallet client.
const hash = await walletClient.sendTransaction({
  to: "0x4252e0c9A3da5A2700e7d91cb50aEf522D0C6Fe8",
  value: parseEther("0.000001"),
});

console.log(`Transaction confirmed! Explorer link: https://sepolia.basescan.org/tx/${hash}`);

Solana

You can use CDP SDK to send transactions on Solana.

For complete examples, check out sendTransaction.ts, sendManyTransactions.ts, and sendManyBatchedTransactions.ts.

import { CdpClient } from "@coinbase/cdp-sdk";
import "dotenv/config";

import {
  PublicKey,
  SystemProgram,
  SYSVAR_RECENT_BLOCKHASHES_PUBKEY,
  Transaction,
} from "@solana/web3.js";

const cdp = new CdpClient();

const account = await cdp.solana.createAccount();

const faucetResp = await cdp.solana.requestFaucet({
  address: account.address,
  token: "sol",
});

const transaction = new Transaction();
transaction.add(
  SystemProgram.transfer({
    fromPubkey: new PublicKey(account.address),
    toPubkey: new PublicKey("3KzDtddx4i53FBkvCzuDmRbaMozTZoJBb1TToWhz3JfE"),
    lamports: 10000,
  })
);

// A more recent blockhash is set in the backend by CDP
transaction.recentBlockhash = SYSVAR_RECENT_BLOCKHASHES_PUBKEY.toBase58();
transaction.feePayer = new PublicKey(account.address);

const serializedTx = Buffer.from(
  transaction.serialize({ requireAllSignatures: false })
).toString("base64");

console.log("Transaction serialized successfully");

const txResult = await cdp.solana.sendTransaction({
  network: "solana-devnet",
  transaction: serializedTx,
});

console.log(
  `Transaction confirmed! Explorer link: https://explorer.solana.com/tx/${txResult.signature}?cluster=devnet`
);

EVM Smart Accounts

For EVM, we support Smart Accounts which are account-abstraction (ERC-4337) accounts. Currently there is only support for Base Sepolia and Base Mainnet for Smart Accounts.

Create an EVM account and a smart account as follows:

const evmAccount = await cdp.evm.createAccount();
const smartAccount = await cdp.evm.createSmartAccount({
  owner: evmAccount,
});

Sending User Operations

const userOperation = await cdp.evm.sendUserOperation({
  smartAccount: smartAccount,
  network: "base-sepolia",
  calls: [
    {
      to: "0x0000000000000000000000000000000000000000",
      value: parseEther("0.000001"),
      data: "0x",
    },
  ],
});

In Base Sepolia, all user operations are gasless by default. If you'd like to specify a different paymaster, you can do so as follows:

const userOperation = await cdp.sendUserOperation({
  smartAccount: smartAccount,
  network: "base-sepolia",
  calls: [
    {
      to: "0x0000000000000000000000000000000000000000",
      value: parseEther("0"),
      data: "0x",
    },
  ],
  paymasterUrl: "https://some-paymaster-url.com",
});

EVM Swaps

You can use the CDP SDK to swap tokens on EVM networks using both regular accounts (EOAs) and smart accounts.

The SDK provides three approaches for performing token swaps:

1. All-in-one pattern (Recommended)

The simplest approach for performing swaps. Creates and executes the swap in a single line of code:

Regular Account (EOA):

// Retrieve an existing EVM account with funds already in it
const account = await cdp.evm.getOrCreateAccount({ name: "MyExistingFundedAccount" });

// Execute a swap directly on an EVM account in one line
const { transactionHash } = await account.swap({
  network: "base",
  toToken: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", // USDC on Base
  fromToken: "0x4200000000000000000000000000000000000006", // WETH on Base
  fromAmount: BigInt("1000000000000000000"), // 1 WETH in wei
  slippageBps: 100, // 1% slippage tolerance
});

console.log(`Swap executed: ${transactionHash}`);

Smart Account:

// Create or retrieve a smart account with funds already in it
const owner = await cdp.evm.getOrCreateAccount({ name: "MyOwnerAccount" });
const smartAccount = await cdp.evm.getOrCreateSmartAccount({ name: "MyExistingFundedSmartAccount", owner });

// Execute a swap directly on a smart account in one line
const { userOpHash } = await smartAccount.swap({
  network: "base",
  toToken: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", // USDC on Base
  fromToken: "0x4200000000000000000000000000000000000006", // WETH on Base
  fromAmount: BigInt("1000000000000000000"), // 1 WETH in wei
  slippageBps: 100, // 1% slippage tolerance
  // Optional: paymasterUrl: "https://paymaster.example.com" // For gas sponsorship
});

console.log(`Smart account swap executed: ${userOpHash}`);

// Wait for the user operation to complete
const receipt = await smartAccount.waitForUserOperation({ userOpHash });
console.log(`Status: ${receipt.status}`);

2. Get pricing information

Use getSwapPrice for quick price estimates and display purposes. This is ideal for showing exchange rates without committing to a swap:

const swapPrice = await cdp.evm.getSwapPrice({
  network: "ethereum",
  toToken: "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48", // USDC
  fromToken: "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", // WETH
  fromAmount: BigInt("1000000000000000000"), // 1 WETH in wei
  taker: "0x1234567890123456789012345678901234567890"
});

if (swapPrice.liquidityAvailable) {
  console.log(`You'll receive: ${swapPrice.toAmount} USDC`);
  console.log(`Minimum after slippage: ${swapPrice.minToAmount} USDC`);
}

Note: getSwapPrice does not reserve funds or signal commitment to swap, making it suitable for more frequent price updates with less strict rate limiting - although the data may be slightly less precise.

3. Create and execute separately

Use account.quoteSwap() / smartAccount.quoteSwap() when you need full control over the swap process. This returns complete transaction data for execution:

Important: quoteSwap() signals a soft commitment to swap and may reserve funds on-chain. It is rate-limited more strictly than getSwapPrice to prevent abuse.

Regular Account (EOA):

// Retrieve an existing EVM account with funds already in it
const account = await cdp.evm.getOrCreateAccount({ name: "MyExistingFundedAccount" });

// Step 1: Create a swap quote with full transaction details
const swapQuote = await account.quoteSwap({
  network: "base",
  toToken: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", // USDC
  fromToken: "0x4200000000000000000000000000000000000006", // WETH
  fromAmount: BigInt("1000000000000000000"), // 1 WETH in wei
  slippageBps: 100, // 1% slippage tolerance
});

// Step 2: Check if liquidity is available, and/or perform other analysis on the swap quote
if (!swapQuote.liquidityAvailable) {
  console.error("Insufficient liquidity for swap");
  return;
}

// Step 3: Execute using the quote
const { transactionHash } = await swapQuote.execute();

Smart Account:

// Create or retrieve a smart account with funds already in it
const owner = await cdp.evm.getOrCreateAccount({ name: "MyOwnerAccount" });
const smartAccount = await cdp.evm.getOrCreateSmartAccount({ name: "MyExistingFundedSmartAccount", owner });

// Step 1: Create a swap quote with full transaction details for smart account
const swapQuote = await smartAccount.quoteSwap({
  network: "base",
  toToken: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", // USDC
  fromToken: "0x4200000000000000000000000000000000000006", // WETH
  fromAmount: BigInt("1000000000000000000"), // 1 WETH in wei
  slippageBps: 100, // 1% slippage tolerance
});

// Step 2: Check if liquidity is available, and/or perform other analysis on the swap quote
if (!swapQuote.liquidityAvailable) {
  console.error("Insufficient liquidity for swap");
  return;
}

// Step 3: Execute using the quote
const { userOpHash } = await swapQuote.execute();

// Wait for the user operation to complete
const receipt = await smartAccount.waitForUserOperation({ userOpHash });
console.log(`Status: ${receipt.status}`);

When to use each approach:

  • All-in-one (account.swap() / smartAccount.swap()): Best for most use cases. Simple, handles everything automatically.
  • Price only (getSwapPrice): For displaying exchange rates, building price calculators, or checking liquidity without executing. Suitable when frequent price updates are needed - although the data may be slightly less precise.
  • Create then execute (account.quoteSwap() / smartAccount.quoteSwap()): When you need to inspect swap details, implement custom logic, or handle complex scenarios before execution. Note: May reserve funds on-chain and is more strictly rate-limited.

Key differences between Regular Accounts (EOAs) and Smart Accounts:

  • Regular accounts (EOAs) return transactionHash and execute immediately on-chain
  • Smart accounts return userOpHash and execute via user operations with optional gas sponsorship through paymasters
  • Smart accounts require an owner account for signing operations
  • Smart accounts support batch operations and advanced account abstraction features

All approaches handle Permit2 signatures automatically for ERC20 token swaps. Make sure tokens have proper allowances set for the Permit2 contract before swapping.

Example implementations

To help you get started with token swaps in your application, we provide the following fully-working examples demonstrating different scenarios:

Regular account (EOA) swap examples:

Smart account swap examples:

BYO wallet (viem) regular account (EOA) swap examples:

BYO wallet (viem + account abstraction) smart account swap examples:

Note: The viem smart account examples require additional dependencies (permissionless package) and external service setup (bundler, optional paymaster). For simpler smart account usage, consider CDP's built-in smart account features instead.

Transferring tokens

EVM

For complete examples, check out evm/account.transfer.ts and evm/smartAccount.transfer.ts.

You can transfer tokens between accounts using the transfer function:

const sender = await cdp.evm.createAccount({ name: "Sender" });

const { transactionHash } = await sender.transfer({
  to: "0x9F663335Cd6Ad02a37B633602E98866CF944124d",
  amount: 10000n, // equivalent to 0.01 USDC
  token: "usdc",
  network: "base-sepolia",
});

You can then wait for the transaction receipt with a viem Public Client:

import { createPublicClient, http } from "viem";
import { baseSepolia } from "viem/chains";

const publicClient = createPublicClient({
  chain: baseSepolia,
  transport: http(),
});

const receipt = await publicClient.waitForTransactionReceipt({ hash: transactionHash });

Smart Accounts also have a transfer function:

const sender = await cdp.evm.createSmartAccount({
  owner: privateKeyToAccount(generatePrivateKey()),
});
console.log("Created smart account", sender);

const { userOpHash } = await sender.transfer({
  to: "0x9F663335Cd6Ad02a37B633602E98866CF944124d",
  amount: 10000n, // equivalent to 0.01 USDC
  token: "usdc",
  network: "base-sepolia",
});

One difference is that the transfer function returns the user operation hash, which is different from the transaction hash. You can use the returned user operation hash in a call to waitForUserOperation to get the result of the transaction:

const receipt = await sender.waitForUserOperation({
  hash: userOpHash,
});

if (receipt.status === "complete") {
  console.log(
    `Transfer successful! Explorer link: https://sepolia.basescan.org/tx/${receipt.userOpHash}`,
  );
} else {
  console.log(`Something went wrong! User operation hash: ${receipt.userOpHash}`);
}

Using Smart Accounts, you can also specify a paymaster URL:

await sender.transfer({
  to: "0x9F663335Cd6Ad02a37B633602E98866CF944124d",
  amount: "0.01",
  token: "usdc",
  network: "base-sepolia",
  paymasterUrl: "https://some-paymaster-url.com",
});

Transfer amount must be passed as a bigint. To convert common tokens from whole units, you can use utilities such as parseEther and parseUnits from viem.

await sender.transfer({
  to: "0x9F663335Cd6Ad02a37B633602E98866CF944124d",
  amount: parseUnits("0.01", 6), // USDC has 6 decimals
  token: "usdc",
  network: "base-sepolia",
});

You can pass usdc or eth as the token to transfer, or you can pass a contract address directly:

await sender.transfer({
  to: "0x9F663335Cd6Ad02a37B633602E98866CF944124d",
  amount: parseUnits("0.000001", 18), // WETH has 18 decimals. equivalent to calling `parseEther("0.000001")`
  token: "0x4200000000000000000000000000000000000006", // WETH on Base Sepolia
  network: "base-sepolia",
});

You can also pass another account as the to parameter:

const sender = await cdp.evm.createAccount({ name: "Sender" });

const receiver = await cdp.evm.createAccount({ name: "Receiver" });

await sender.transfer({
  to: receiver,
  amount: 10000n, // equivalent to 0.01 USDC
  token: "usdc",
  network: "base-sepolia",
});

Solana

For complete examples, check out solana/account.transfer.ts.

You can transfer tokens between accounts using the transfer function, and wait for the transaction to be confirmed using the confirmTransaction function from @solana/web3.js:

import { LAMPORTS_PER_SOL } from "@solana/web3.js";

const sender = await cdp.solana.createAccount();

const connection = new Connection("https://api.devnet.solana.com");

const { signature } = await sender.transfer({
  to: "3KzDtddx4i53FBkvCzuDmRbaMozTZoJBb1TToWhz3JfE",
  amount: 0.01 * LAMPORTS_PER_SOL,
  token: "sol",
  network: connection,
});

const { blockhash, lastValidBlockHeight } = await connection.getLatestBlockhash();

const confirmation = await connection.confirmTransaction(
  {
    signature,
    blockhash,
    lastValidBlockHeight,
  },
  "confirmed",
);

if (confirmation.value.err) {
  console.log(`Something went wrong! Error: ${confirmation.value.err.toString()}`);
} else {
  console.log(
    `Transaction confirmed: Link: https://explorer.solana.com/tx/${signature}?cluster=devnet`,
  );
}

You can also easily send USDC:

const { signature } = await sender.transfer({
  to: "3KzDtddx4i53FBkvCzuDmRbaMozTZoJBb1TToWhz3JfE",
  amount: "0.01",
  token: "usdc",
  network: "devnet",
});

If you want to use your own Connection, you can pass one to the network parameter:

import { Connection } from "@solana/web3.js";

const connection = new Connection("YOUR_RPC_URL");

const { signature } = await sender.transfer({
  to: "3KzDtddx4i53FBkvCzuDmRbaMozTZoJBb1TToWhz3JfE",
  amount: "0.01",
  token: "usdc",
  network: connection,
});

Account Actions

Account objects have actions that can be used to interact with the account. These can be used in place of the cdp client.

EVM account actions

Here are some examples for actions on EVM accounts.

For example, instead of:

const balances = await cdp.evm.listTokenBalances({
  address: account.address,
  network: "base-sepolia",
});

You can use the listTokenBalances action:

const account = await cdp.evm.createAccount();
const balances = await account.listTokenBalances({ network: "base-sepolia" });

EvmAccount supports the following actions:

  • listTokenBalances
  • requestFaucet
  • signTransaction
  • sendTransaction
  • transfer

EvmSmartAccount supports the following actions:

  • listTokenBalances
  • requestFaucet
  • sendUserOperation
  • waitForUserOperation
  • getUserOperation
  • transfer

Solana account actions

Here are some examples for actions on Solana accounts.

const balances = await cdp.solana.signMessage({
  address: account.address,
  message: "Hello, world!",
});

You can use the signMessage action:

const account = await cdp.solana.createAccount();
const { signature } = await account.signMessage({
  message: "Hello, world!",
});

SolanaAccount supports the following actions:

  • requestFaucet
  • signMessage
  • signTransaction

Policy Management

You can use the policies SDK to manage sets of rules that govern the behavior of accounts and projects, such as enforce allowlists and denylists.

Create a Project-level policy that applies to all accounts

This policy will accept any account sending less than a specific amount of ETH to a specific address.

const policy = await cdp.policies.createPolicy({
  policy: {
    scope: "project",
    description: "Project-wide Allowlist Policy",
    rules: [
      {
        action: "accept",
        operation: "signEvmTransaction",
        criteria: [
          {
            type: "ethValue",
            ethValue: "1000000000000000000",
            operator: "<=",
          },
          {
            type: "evmAddress",
            addresses: ["0x000000000000000000000000000000000000dEaD"],
            operator: "in",
          },
        ],
      },
    ],
  },
});

Create an Account-level policy

This policy will accept any transaction with a value less than or equal to 1 ETH to a specific address.

const policy = await cdp.policies.createPolicy({
  policy: {
    scope: "account",
    description: "Account Allowlist Policy",
    rules: [
      {
        action: "accept",
        operation: "signEvmTransaction",
        criteria: [
          {
            type: "ethValue",
            ethValue: "1000000000000000000",
            operator: "<=",
          },
          {
            type: "evmAddress",
            addresses: ["0x000000000000000000000000000000000000dEaD"],
            operator: "in",
          },
        ],
      },
    ],
  },
});

Create a Solana Allowlist Policy

const policy = await cdp.policies.createPolicy({
  policy: {
    scope: "account",
    description: "Account Allowlist Policy",
    rules: [
      {
        action: "accept",
        operation: "signSolTransaction",
        criteria: [
          {
            type: "solAddress",
            addresses: ["DtdSSG8ZJRZVv5Jx7K1MeWp7Zxcu19GD5wQRGRpQ9uMF"],
            operator: "in",
          },
        ],
      },
    ],
  },
});

List Policies

You can filter by account:

const policy = await cdp.policies.listPolicies({
  scope: "account",
});

You can also filter by project:

const policy = await cdp.policies.listPolicies({
  scope: "project",
});

Retrieve a Policy

const policy = await cdp.policies.getPolicyById({
  id: "__POLICY_ID__",
});

Update a Policy

This policy will update an existing policy to accept transactions to any address except one.

const policy = await cdp.policies.updatePolicy({
  id: "__POLICY_ID__",
  policy: {
    description: "Updated Account Denylist Policy",
    rules: [
      {
        action: "accept",
        operation: "signEvmTransaction",
        criteria: [
          {
            type: "evmAddress",
            addresses: ["0x000000000000000000000000000000000000dEaD"],
            operator: "not in",
          },
        ],
      },
    ],
  },
});

Delete a Policy

[!WARNING] Attempting to delete an account-level policy in-use by at least one account will fail.

const policy = await cdp.policies.deletePolicy({
  id: "__POLICY_ID__",
});

Validate a Policy

If you're integrating policy editing into your application, you may find it useful to validate policies ahead of time to provide a user with feedback. The CreatePolicyBodySchema and UpdatePolicyBodySchema can be used to get actionable structured information about any issues with a policy. Read more about handling ZodErrors.

import { CreatePolicyBodySchema, UpdatePolicyBodySchema } from "@coinbase/cdp-sdk";

// Validate a new Policy with many issues, will throw a ZodError with actionable validation errors
try {
  CreatePolicyBodySchema.parse({
    description: "Bad description with !#@ characters, also is wayyyyy toooooo long!!",
    rules: [
      {
        action: "acept",
        operation: "unknownOperation",
        criteria: [
          {
            type: "ethValue",
            ethValue: "not a number",
            operator: "<=",
          },
          {
            type: "evmAddress",
            addresses: ["not an address"],
            operator: "in",
          },
          {
            type: "evmAddress",
            addresses: ["not an address"],
            operator: "invalid operator",
          },
        ],
      },
    ],
  });
} catch (e) {
  console.error(e);
}

Supported Policy Rules

We currently support the following policy rules:

End-user Management

You can use the End User SDK to manage the users of your applications.

Create End User

You can create an end user with authentication methods and optionally create EVM and Solana accounts for them.

const endUser = await cdp.endUser.createEndUser({
  authenticationMethods: [
    { type: "email", email: "[email protected]" }
  ],
  evmAccount: { createSmartAccount: true },
  solanaAccount: { createSmartAccount: false },
});

console.log(endUser);

Validate Access Token

When your end user has signed in with an Embedded Wallet, you can check whether the access token they were granted is valid, and which of your user's it is associated with.

try {
  const endUser = await cdp.endUser.validateAccessToken({
      accessToken,
  });
  console.log(endUser)
} catch(e) {
  // the access token is not valid or expired
}

Authentication tools

This SDK also contains simple tools for authenticating REST API requests to the Coinbase Developer Platform (CDP). See the Auth README for more details.

Error Reporting

This SDK contains error reporting functionality that sends error events to CDP. If you would like to disable this behavior, you can set the DISABLE_CDP_ERROR_REPORTING environment variable to true.

DISABLE_CDP_ERROR_REPORTING=true

Usage Tracking

This SDK contains usage tracking functionality that sends usage events to CDP. If you would like to disable this behavior, you can set the DISABLE_CDP_USAGE_TRACKING environment variable to true.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Support

For feature requests, feedback, or questions, please reach out to us in the #cdp-sdk channel of the Coinbase Developer Platform Discord.

Security

If you discover a security vulnerability within this SDK, please see our Security Policy for disclosure information.

FAQ

Common errors and their solutions.

TypeScript compilation errors with generateJwt or moduleResolution

If you encounter TypeScript compilation errors when using the CDP SDK, particularly with generateJwt or import statements, you may need to update your TypeScript configuration.

Error symptoms:

  • Type errors with generateJwt function
  • Module resolution errors
  • Import/export type mismatches

Solution:

Update your tsconfig.json to use a modern module resolution strategy. Change moduleResolution from node to node16 or nodenext:

{
  "compilerOptions": {
    "moduleResolution": "node16",  // or "nodenext"
    // ... other options
  }
}

The CDP SDK is built as an ESM package and moduleResolution: "node16" or "nodenext" should be used for proper type resolution. The legacy "node" setting doesn't correctly resolve ESM package exports.

AggregateError [ETIMEDOUT]

This is an issue in Node.js itself: https://github.com/nodejs/node/issues/54359. While the fix is implemented, the workaround is to set the environment variable:

export NODE_OPTIONS="--network-family-autoselection-attempt-timeout=500"

Error [ERR_REQUIRE_ESM]: require() of ES modules is not supported.

Use Node v20.19.0 or higher. CDP SDK depends on jose v6, which ships only ESM. Jose supports CJS style imports in Node.js versions where the require(esm) feature is enabled by default (^20.19.0 || ^22.12.0 || >= 23.0.0). See here for more info.

Jest encountered an unexpected token

If you're using Jest and see an error like this:

Details:

/Users/.../node_modules/jose/dist/webapi/index.js:1
({"Object.<anonymous>":function(module,exports,require,__dirname,__filename,jest){export { compactDecrypt } from './jwe/compact/decrypt.js';
                                                                                  ^^^^^^

SyntaxError: Unexpected token 'export'

Add a file called jest.setup.ts next to your jest.config file with the following content:

jest.mock("jose", () => {});

Then, add the following line to your jest.config file:

setupFilesAfterEnv: ["<rootDir>/jest.setup.ts"],