Skip to main content
Core Insight: API mode and ChainSecured mode aren’t a toggle in the code — they’re an emergent property of how you configure the same system. The only things that vary are who owns the account (a Lit-managed credential vs a SAFE or EOA you control) and what scopes the API keys have. The contracts don’t know or care.

Entity Boundaries

The system spans four distinct trust boundaries. Understanding what lives where is essential to reasoning about security.

User / External

TEE Enclave (Phala / dstack)

On-Chain (Base)

IPFS (Content-addressed)


Entity Relationships


Execution Flow (Inside the TEE)


Management Paths

There are two paths for making structural changes (creating groups, adding PKPs, updating scopes):

Path A: Via TEE Relay (convenience)

TEE checks scopes and submits the transaction on the user’s behalf.

Path B: Direct to Chain (ChainSecured mode)

Owner submits transactions directly — TEE is not involved.

API Key Scopes


Permission Matrix


Configuration Comparison

The same system, two very different security postures — determined entirely by who the owner is and what scopes the keys carry.

API Mode

Fast iteration, broad scopes, managed recovery

ChainSecured Mode

Auditable governance, restricted scopes, SAFE multisig