Skip to main content
This guide covers integration with chains that have Tier 2 support. For a complete list of supported chains, refer to the chains overview.
To integrate Privy with chains that have Tier 2 support (e.g., Sui, Tron), follow these steps:
  1. Create a wallet with the appropriate chain type specified.
  2. Utilize Privy’s “raw sign” functionality to sign transaction hashes or message hashes.

Full example

Below is a complete example of how to create a wallet, build a transaction, sign it with Privy’s rawSign and broadcast it onchain. We use Aptos here, but the pattern is the same for all Tier 2 chains.
1

Create a wallet

import {PrivyClient} from '@privy-io/node';

const privy = new PrivyClient({
  appId: process.env.PRIVY_APP_ID,
  appSecret: process.env.PRIVY_APP_SECRET
});

// Create an Aptos wallet for a user
const wallet = await privy.wallets().create({
  user_id: 'your-user-id',
  chain_type: 'aptos'
});

console.log('Wallet ID:', wallet.id);
console.log('Wallet Address:', wallet.address);
console.log('Public Key:', wallet.public_key);
2

Build the transaction

import {
  Aptos,
  AptosConfig,
  Network,
  AccountAddress,
  generateSigningMessageForTransaction
} from '@aptos-labs/ts-sdk';

// Connect to Aptos network
const aptos = new Aptos(
  new AptosConfig({
    network: Network.MAINNET
  })
);

const address = AccountAddress.from(wallet.address);

// Build a transaction (e.g., transfer APT tokens)
const transaction = await aptos.transaction.build.simple({
  sender: address,
  data: {
    function: '0x1::coin::transfer',
    typeArguments: ['0x1::aptos_coin::AptosCoin'],
    functionArguments: [
      '0xRecipientAddress...', // recipient
      100000000 // amount in Octas (0.1 APT)
    ]
  }
});

// Generate the message that needs to be signed
const message = generateSigningMessageForTransaction(transaction);
3

Sign with Privy

import {toHex} from 'viem';

// Sign the transaction using Privy's raw sign endpoint
const signatureResponse = await privy.wallets().rawSign(wallet.id, {
  params: {
    hash: toHex(message)
  }
});

const signature = signatureResponse as unknown as string;
console.log('Signature:', signature);
4

Broadcast the transaction

import {
  AccountAuthenticatorEd25519,
  Ed25519PublicKey,
  Ed25519Signature
} from '@aptos-labs/ts-sdk';

// Create the authenticator with public key and signature
const authenticator = new AccountAuthenticatorEd25519(
  new Ed25519PublicKey(wallet.public_key),
  new Ed25519Signature(signature.slice(2))
);

// Submit the transaction
const pendingTransaction = await aptos.transaction.submit.simple({
  transaction,
  senderAuthenticator: authenticator
});

// Wait for confirmation
const executedTransaction = await aptos.waitForTransaction({
  transactionHash: pendingTransaction.hash
});

console.log('Transaction hash:', executedTransaction.hash);
console.log('Transaction status:', executedTransaction.success);

Chain specific implementation examples

Note that the “raw sign” functionality signs the provided hash directly without any additional byte manipulation. Ensure that your hash includes any required prefixes or suffixes before signing.

Stellar

Stellar implements the EdDSA signing algorithm using the Ed25519 curve. The following example demonstrates hash signing for Stellar transactions:

Cosmos

Cosmos utilizes the ECDSA signing algorithm with the secp256k1 curve. Below is an implementation example for signing hashes on Cosmos:

Sui

Sui supports multiple cryptographic schemes, with Privy’s implementation utilizing the Ed25519 curve and EdDSA signing algorithm. The following example demonstrates transaction signing for Sui, please note that the transaction bytes should be the full intentMessage: Privy’s “raw sign” endpoint supports policy evaluation for field_source of sui_transaction_command and sui_transfer_objects_command with bytes, encoding and hash_function. See example of Sui policies.
When an amount condition is configured on the sui_transfer_objects_command field_source, always configure the sui_transaction_command to allow MergeCoins, SplitCoins and TransferObjects only. Transactions containing commands like MakeMoveVec, MoveCall, Publish, or Upgrade are not supported for now.

Tron

Tron implements the ECDSA signing algorithm using the secp256k1 curve. Privy’s implementation returns 64-byte ECDSA signatures (r || s), while Tron requires 65-byte signatures that include a recovery ID (v) as the final byte. The recovery ID is essential because a 64-byte signature could correspond to two different addresses/private keys. The 65th byte, which can be either 0x1b or 0x1c (derived from 0 or 1 plus 27, following Ethereum standards), resolves this ambiguity. The following example demonstrates message signing and verification for Tron: Privy’s “raw sign” endpoint supports policy evaluation for TransferContract and TriggerSmartContract type of transactions with bytes, encoding and hash_function. See example of Tron policies.

Bitcoin (segwit)

Bitcoin (segwit) supports the ECDSA signing algorithm using the secp256k1 curve. Use Privy’s raw sign functionality to sign each input utxo for your Bitcoin segwit transaction. Note that segwit support is separate from Bitcoin taproot or legacy transactions.

Near

With Privy, you can create Near-implicit accounts and sign over arbitrary data. Below is an example of how to create, sign, and send a Near transaction using Privy. (Note that Near requires accounts to be funded sending transactions.)

Ton

All wallets on Ton are smart contract accounts, and Ed25519 keypairs are used to sign transactions on behalf of the smart contracts. When creating a wallet via Privy, Privy will generate the Ed25519 keypair and predetermine the address of the wallet contract, assuming that the wallet uses WalletContractV4 with a workchain of 0. Privy will not deploy the contract itself; that is the responsibility of the developer. If you’d like to deploy a different wallet contract with the same keypair, the address will be different, but the request to Privy’s API will remain the same.

Spark

Checkout this recipe to get started with Spark wallets.

Starknet

On Starknet, all wallets are smart contract accounts. The wallet address is the contract address, and therefore is derived from account-specific data—namely, the account class hash, the constructor data, and the public key returned from the Privy API. The address returned from the Privy API assumes the use of Ready’s v0.5.0 account class hash and the constructor call data, as shown below in the example. After creating a starknet wallet with Privy, STRK tokens must be sent to the address for the wallet. Then, the developer must deploy the account. If you wish to use a different account contract than Ready 0.5.0, we suggest maintaining the address-to-Privy-wallet mapping yourself at this time and ignoring the address returned from the Privy API.

Aptos

Aptos is a Move VM chain which uses ed25519 keypairs for signing transactions. Below is an example of how to sign and send a transaction using Privy. See more developer docs here.

Movement

Movement is a Move VM chain that uses the Aptos chain standards. Below is an example of how to sign and send a transaction using Privy. See more developer docs here.