> ## Documentation Index
> Fetch the complete documentation index at: https://docs.privy.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Sui

> Create Sui wallets, sign transactions and messages, and enforce policies with Privy

With Privy, your app can create embedded Sui wallets, sign transactions and messages, and enforce
Privy's [policy engine](/controls/policies/overview) to constrain what each wallet can do. Sui uses
the [raw\_sign](/wallets/using-wallets/other-chains) endpoint for signing, and its policies can inspect individual
transaction commands and transfers.

Sui wallets use the Ed25519 curve and the EdDSA signing algorithm. Your app signs Sui
transaction commands and transfers. Then, submit the signed transaction to the network
using the Sui SDK.

## Features

Privy's Sui support includes everything your app needs to onboard users and move assets on Sui:

* **Embedded Sui wallets**: create self-custodial Sui wallets for users with the `sui` chain type.
* **Transaction signing**: sign the full Sui [intent
  message](https://docs.sui.io/develop/transactions/transaction-auth/intent-signing) for any
  transaction, then submit it with the Sui SDK.
* **Message signing**: sign arbitrary messages for authentication or offchain verification.
* **Policy enforcement**: constrain transactions and message signing with Privy's
  policy engine.
* **Server and client SDKs**: manage Sui wallets from your backend with Privy's
  [server SDKs](/basics/get-started/platforms) or directly from your app.

## Sign a transaction

Sign the full [intent message](https://docs.sui.io/develop/transactions/transaction-auth/intent-signing)
for a transaction with Privy's raw\_sign endpoint, then verify or submit it with the Sui SDK.

```typescript theme={"system"}
import {messageWithIntent} from '@mysten/sui/cryptography';

// Build the transaction, then wrap its BCS bytes in a Sui intent message
const intentMessage = messageWithIntent('TransactionData', txBytes);
const bytes = Buffer.from(intentMessage).toString('hex');

// Sign the intent message with Privy raw sign. Sui uses `blake2b256` and `hex` or `base64`.
const {signature} = await privy.wallets().rawSign(walletId, {
  params: {bytes, encoding: 'hex', hash_function: 'blake2b256'}
});

// Submit the bytes and signature using the Sui SDK
```

## Enforce policies

Sui wallets support Privy's policy engine, so your app can constrain both transactions and message
signing:

* **Transaction commands**: allowlist the supported commands — `TransferObjects`, `SplitCoins`, and
  `MergeCoins` — using the `sui_transaction_command` field source.
* **Transfer limits**: cap amounts and restrict recipients using the `sui_transfer_objects_command`
  field source.
* **Message signing**: constrain the messages a wallet can sign using the `message` field source.
* **System conditions**: gate signing on values such as the current timestamp using the `system`
  field source.

Configure decoded transaction rules with the `signTransactionBytes` method, and message-signing
rules with the `signRawMessageBytes` method. See [Sui policy
documentation](/controls/policies/example-policies/sui) for more information and example policies.
