Core Insight: API mode and ChainSecured mode aren’t a toggle in the code — they’re an emergent property of how you configure the same system. The only things that vary are who owns the account (a Lit-managed credential vs a SAFE or EOA you control) and what scopes the API keys have. The contracts don’t know or care.
Entity Boundaries
The system spans four distinct trust boundaries. Understanding what lives where is essential to reasoning about security.
User / External
TEE Enclave (Phala / dstack)
On-Chain (Base)
IPFS (Content-addressed)
Entity Relationships
Execution Flow (Inside the TEE)
Management Paths
There are two paths for making structural changes (creating groups, adding PKPs, updating scopes):
Path A: Via TEE Relay (convenience)
TEE checks scopes and submits the transaction on the user’s behalf.
Path B: Direct to Chain (ChainSecured mode)
Owner submits transactions directly — TEE is not involved.
API Key Scopes
Permission Matrix
Configuration Comparison
The same system, two very different security postures — determined entirely by who the owner is and what scopes the keys carry.
API Mode
Fast iteration, broad scopes, managed recovery
ChainSecured Mode
Auditable governance, restricted scopes, SAFE multisig