QUICKSTART/ 02 · BYOK

Bring your own key

Signing lives in @0xsend/external-signing. Private keys stay in your process — CWS only ever sees the public key. The CLI uses this package internally; the same primitives are available when you embed CWS in a service.

bash

npm install @0xsend/external-signing

Supported keys

Three curves ship with the package:

Factory	Algorithm	Notes
`createP256Signer`	`p256` (ECDSA over NIST P-256)	The CLI default. Widely supported by HSMs, secure enclaves, and FIDO2 authenticators.
`createSecp256k1Signer`	`secp256k1` (ECDSA over secp256k1)	The same curve as Bitcoin and Ethereum. Pick this if you already manage keys with EVM tooling.
`createEd25519Signer`	`ed25519` (EdDSA over Curve25519)	Deterministic, fastest verification, no random nonce required.

OnboardRedeem the secret Send gave you using the key you just chose.