
Overview
Privy provides secure, server-side key management for Starknet wallets. With Privy, you can:- Create and manage Starknet wallets for users
- Sign transactions server-side without exposing private keys
- Support social login and email-based authentication
- Integrate with existing Privy authentication flows
Why Use Privy?
- ✅ Security: Private keys never leave Privy’s secure infrastructure
- ✅ User Experience: Social login and email-based authentication
- ✅ Server-Side Signing: Sign transactions on your backend
- ✅ Multi-Chain: Same infrastructure for multiple blockchains
- ✅ Gasless Transactions: Configure AVNU Paymaster for sponsored transactions (see AVNU Paymaster Integration)
Wallet ownership model
Privy supports two ways to use wallets. Choosing the wrong one can lead to JWT or auth errors, so use this as a guide:| Wallet type | Requires user JWT? | Best for |
|---|---|---|
| Server-managed | No | Backend signing, custodial flows |
| User-owned | Yes | End-user auth, user-linked wallets |
- Server-managed: Create wallets without linking to a Privy user (omit
user_id/ owner). Your backend signs withPrivyClient(app credentials). No end-user JWT is required for signing. This is the model used in the examples below and fits Starkzap’s server-signing flow. - User-owned: Create wallets with
user_id(or owner) so the wallet is tied to a Privy user. Access and signing then require that user’s JWT. Use this when the end user must prove identity and own the wallet in Privy’s sense.
Setup
1. Install Privy
2. Initialize Privy Client
3. Create a Starknet Wallet
Integration with Starkzap
Server-Side Signing Endpoint
Create an endpoint that signs transaction hashes using Privy:Client-Side Integration
Use Privy with Starkzap:Complete Example
Backend (Express.js)
Frontend
React Native Integration
For React Native applications, use@privy-io/expo:
Resources
Best Practices
- Never expose private keys - Always use server-side signing
- Authenticate requests - Verify user identity before signing
- Use HTTPS - Always use secure connections for signing endpoints
- Handle errors gracefully - Provide user-friendly error messages
- Monitor usage - Track wallet creation and signing operations