Wallet / Auth·EVM · Solana
Coinbase Developer Platform
Coinbase Developer Platform: server wallets, embedded wallets, Smart Wallet, OnchainKit React components, AgentKit, and onramp APIs. Server wallets sign inside AWS Nitro Enclaves; embedded wallets give end users custodial-grade wallets without seed phrases.
- 01server-side wallet signing
- 02AI agent wallets
- 03embedded consumer wallets
- 04Base + EVM apps
- 05OnchainKit React UI
- pnpm add @coinbase/cdp-sdk @coinbase/onchainkit viem
| Variable | Scope | Description |
|---|---|---|
| CDP_API_KEY_ID | Server | Coinbase Developer Platform API key ID (server-side only). |
| CDP_API_KEY_SECRET | Server | Coinbase Developer Platform API key secret used to sign CDP API requests. |
| CDP_WALLET_SECRET | Server | CDP wallet secret used to authorize wallet operations for server wallets. |
| NEXT_PUBLIC_ONCHAINKIT_API_KEY | Client | Public OnchainKit / CDP client API key used by the OnchainKitProvider. |
Use the Coinbase Developer Platform for server-controlled wallets and OnchainKit for UI. Server-side, instantiate `new CdpClient()` with the CDP API key + secret + wallet secret, then create accounts with `cdp.evm.createAccount()` or `cdp.solana.createAccount()` and send transactions via `account.sendTransaction(...)`. On the client, wrap the app in `<OnchainKitProvider apiKey={NEXT_PUBLIC_ONCHAINKIT_API_KEY} chain={base}>` and drop in `<Wallet />`, `<Identity />`, `<Transaction />`, and `<Swap />` components. For ERC-4337 Smart Wallet support, add the Coinbase Wallet SDK / Smart Wallet connector to wagmi.
- ⚑Server wallet keys live inside AWS Nitro Enclaves — you cannot export raw private keys; treat the CDP wallet secret like a root key and store it only in a managed secret store.
- ⚑CDP supports EVM chains and Solana, but feature coverage differs (e.g. policy engine, gas sponsorship). Check per-network availability before assuming parity.
- ⚑OnchainKit assumes a specific wagmi + viem version — version drift between OnchainKit, wagmi, and viem is the #1 cause of `Type 'X' is not assignable` build errors.
- ⚑Onramp + Base Pay flows require KYC'd Coinbase accounts in some regions; non-KYC users will hit a wall mid-flow if you don't handle the geo / verification state.
- ⚑CDP API keys auth-sign requests with EC/Ed25519 keys, not bearer tokens — you must use the SDK's signer or generate JWTs correctly; raw `fetch` will return 401.