The TDK API allows game developers to send on-chain transactions from smart backend wallets, powering game features like admin updates, airdrops, and more. If the transaction needs to originate from the end user’s Treasure Account, consider sending transactions as users instead.

Setup

1

Get backend wallet

Check in with the Treasure team to receive your smart backend wallet address and AWS KMS key ARN.
2

Create AWS role

Create a new IAM role in your AWS account with the following policy attached, filling in the AWS KMS key ARN from the previous step:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowKmsTdkBackendWalletAccess",
            "Effect": "Allow",
            "Action": [
                "kms:GetPublicKey",
                "kms:Verify",
                "kms:Sign"
            ],
            "Resource": "<awsKmsKeyArn>"
        }
    ]
}
Provide the Treasure team with the new role’s ARN to complete the setup process.

Prerequisites

Usage

import {
  createTreasureConnectClient,
  generateBackendWalletSignature,
  TDKAPI,
} from "@treasure-dev/tdk-core";

const chainId = 421614;

const client = createTreasureConnectClient({
  // The TDK client ID provided by the Treasure team
  clientId: "...",
});

// The AWS KMS key ARN provided by the Treasure team
const kmsKey = "...";

const { backendWallet, signature, expirationTime } =
  await generateBackendWalletSignature({
    client,
    chainId,
    kmsKey,
  });

const tdk = new TDKAPI({
  baseUri: "https://tdk-api.spellcaster.lol",
  chainId,
  backendWallet,
});

await tdk.transaction.create(
  {
    address: "0x55d0cf68a1afe0932aff6f36c87efa703508191c",
    abi: [
      {
        type: "function",
        name: "transfer",
        stateMutability: "nonpayable",
        inputs: [
          {
            name: "recipient",
            type: "address",
          },
          {
            name: "amount",
            type: "uint256",
          },
        ],
        outputs: [
          {
            type: "bool",
          },
        ],
      },
    ] as const,
    functionName: "transfer",
    args: [
      "...", // recipient address
      1000000000000000000000n, // 1,000
    ],
  },
  {
    backendWalletSignature: signature,
    backendWalletSignatureExpiration: expirationTime,
  },
);
The key change in the above flow is that the TDKAPI client doesn’t need to be created with a user’s auth token. Instead, the backend wallet signature is specified in the transaction options that will be verified by the TDK API. If using direct API requests instead of the TDKAPI client, please provide the signature in the X-Backend-Wallet-Signature header and the expirationTime in the X-Backend-Wallet-Signature-Expiration header. See full generateBackendWalletSignature function documentation for more AWS KMS client configuration options.

Example

An example script showcasing this process is available on GitHub.