The Capsule Server SDK enables secure server-side signing by allowing you to import client-side sessions. This feature is particularly useful for scenarios where server-side signing operations are necessary.

You can also use the Server SDK with pre-generated wallets if your use case requires wallet creation to occur server-side.

To do this, follow the steps outlined in the Pre-generated Wallet Integration Guide and import the @usecapsule/server-sdk package in your server-side environment instead of the relevant client side package.

Server-Side Setup

1

Client-Side Export

First, export the session from an existing Capsule Client instance on the client-side:

const serializedSession = await capsule.exportSession();

Now securely transfer the serializedSession to the server for import.

2

Server-Side Import

Next, import the serialized session on the server using the Capsule Server SDK:

const capsuleClient = new CapsuleServer(Environment.PRODUCTION, API_KEY);
await capsuleClient.importSession(serializedSession);

Security Note: Implement robust security measures when transferring the serialized session between client and server to prevent unauthorized access.

3

Utilize Imported Session

After importing the session, you can perform signing operations similar to the client-side implementation. Here are two methods:

  1. Direct Signing with Capsule Instance:

    const signature = await capsuleClient.signMessage(walletId, messageToSign);

  2. Signing with Ethers.js Integration:

    import { CapsuleEthersSigner } from '@usecapsule/ethers-v6-integration';

const ethersSigner = new CapsuleEthersSigner(capsuleClient, provider);
const signature = await ethersSigner.signMessage(messageToSign);

    Important: The server can only perform signing operations while the imported session remains valid. The session’s lifespan is directly tied to the client’s active session.

Best Practices

  1. Session Management: Implement proper session management to ensure timely expiration and renewal of imported sessions.
  2. Error Handling: Incorporate robust error handling to manage scenarios where the session may become invalid during server-side operations.
  3. Logging and Monitoring: Implement comprehensive logging and monitoring to track session imports, expirations, and signing activities for security and debugging purposes.

Was this page helpful?

Swift (iOS)Examples Hub