Vault API
The Vault API handles all signing operations — EVM transactions, EIP-712 typed data, Solana transactions, and the approval/rejection flow.Sign Transaction (EVM)
Sign and optionally broadcast an EVM transaction. The transaction is evaluated against the agent’s policies before signing.Wallet Actions
Privy-style wallet-action routes expose quote/create/status flows over the existing vault and policy engine.Quote EVM Transfer
Create EVM Transfer
200with statussignedorbroadcastwhen policy allows signing.202with statuspending_approvalwhen policy requires manual approval.403with statusrejectedwhen policy denies the action.429when policy rate limits reject the action.500or502when signing or RPC submission fails; the error body includesdata.actionIdwhen an action row was created.
referenceId for caller-side dedupe and transaction lookup.
ERC20 transfers require an enabled contract-allowlist policy for the token contract and transfer(address,uint256) selector (0xa9059cbb) with recipient allow/block constraints plus maxAmount. Approved ERC20 actions sign or broadcast against the token contract with zero native value, persist token/recipient/amount action metadata, and reject missing allowlists or over-limit amounts before signing. Settled token balance/spend accounting and confirmation polling remain follow-up work.
Create Send-Calls Intent
pending_approval or rejected; execution continues through the manual approval/intents workflow. Calldata-bearing calls are rejected unless selector-specific policy extraction or the explicit unsafe signing opt-in is configured.
Get Transfer Action Status
pending_approval, rejected, signed, broadcast, or failed. Send-calls status is available through transaction and intent history until a dedicated status route is added.
Sign Typed Data (EIP-712)
Sign structured data usingeth_signTypedData_v4. Used for DEX approvals, ERC-20 permits, and other typed signatures.
Sign Solana Transaction
Sign a serialized Solana transaction and optionally broadcast it.Sign Bitcoin PSBT
Sign a scoped Bitcoin PSBT for an agent wallet. The route signs matching wallet inputs only; it does not broadcast the transaction.sign_transaction, or tenant
owner/admin session with recent MFA where configured.
Request Body:
transactionId is Steward’s transaction record ID. When finalize is true
and every input can be finalized, the response may also include
finalizedTxHex, Bitcoin txId, vsize, and feeSats. Steward still does not
broadcast that raw transaction; submit it through your own Bitcoin broadcaster
or indexer integration.
Before signing, Steward decodes standard destination outputs and evaluates the
agent’s spend and address policies. It also enforces Bitcoin raw-signing-chain
policy requirements and fee caps before returning a signed PSBT or finalized
raw transaction metadata.
Safe retry guidance
Provide a stablereferenceId for your business operation and an
Idempotency-Key header when your deployment enforces or accepts idempotency on
sensitive mutations. On network timeouts, retry the same PSBT with the same
caller reference and idempotency key, then query transaction history by
referenceId before creating a replacement request.
If you requested finalize: true, treat a returned finalizedTxHex as a
broadcast-ready artifact that may already have been handed to your own
broadcasting layer. Do not blindly retry downstream broadcast attempts without
checking your broadcaster or indexer for the Bitcoin txId; retrying a
finalized raw transaction is different from retrying Steward PSBT signing.
Encrypted Private Key Import
Encrypted import lets a tenant owner/admin replace an agent wallet key without sending a top-level plaintextprivateKey field. The import session is
one-time, short-lived, stored as an encrypted auth-store record, and bound to
the selected tenant, agent, and chain.
STEWARD_ALLOW_PRIVATE_KEY_IMPORT=true and
STEWARD_ALLOW_VAULT_PRIVATE_KEY_IMPORT=true
Initialize
chain must be "evm" or "solana". The response returns the server X25519
public key, expiry, and AAD fields the client must bind into encryption:
Submit
Encrypt the raw private key client-side withX25519-HKDF-SHA256-AES-256-GCM.
Use the returned importSessionId as the AES-GCM AAD. The HKDF info string is:
400 and do not consume the original session. A
later submit to the original agentId can still succeed. Once the tenant,
agent, chain, envelope shape, and decrypted key validate, Steward atomically
consumes the session before writing the new encrypted wallet. Replays after a
successful submit return 400 with an invalid-or-expired session error.
Session records are serialized through Steward’s KeyStore envelope and stored
through the shared auth StoreBackend: Redis when configured, otherwise
Postgres auth_kv_store when migrations are available, otherwise an in-memory
local-development fallback. This is not an HSM-backed import-session store.
Production deployments should configure Redis or run migrations so init and
submit can land on different API replicas. /ready reports
checks.importSessionStore.source and fails production readiness when the source
is memory unless STEWARD_ALLOW_MEMORY_IMPORT_SESSION_STORE=true. Memory
fallback is not durable across restarts or processes.
Plaintext privateKey fields, malformed envelopes, expired sessions, tenant or
agent mismatches, and failed decryptions fail closed. Audit and webhook metadata
are redacted and never include the plaintext key or ciphertext.
Approve Transaction
Manually approve a pending transaction from the approval queue.Reject Transaction
Reject a pending transaction.Pending Approvals
List transactions awaiting manual approval.Transaction History
List all transactions for an agent.List Transactions
Returns full transaction records for an agent with pagination and filters.referenceId filters transactions whose action payload contains either
referenceId or reference_id. This matches transfer, send-calls,
user-operation, EIP-7702 authorization, raw-signing, and Bitcoin PSBT signing
actions that store caller-provided reference IDs.
Get Transaction
Returns one full transaction record by ID.Get Addresses
List all wallet addresses across chain families.Break-Glass Plaintext Key Import
Import an existing private key into the vault.STEWARD_ALLOW_PRIVATE_KEY_IMPORT=true and STEWARD_ALLOW_VAULT_PRIVATE_KEY_IMPORT=true must be enabled.
Request Body: