Vincent
Get started

Enforce policy before every signature. Act across any chain or API.

Lit lets teams run authorization logic, compliance checks, and asset controls inside a chain-secured TEE before any key signs. Build cross-chain apps and agent workflows without trusting a backend, custodian, or multisig.

Start building
Talk to an engineer
VERIFY
On-chain state · APIs · identities · risk data
DECIDE
Policy logic in a chain-secured TEE
AUTHORIZE
Signatures · decryptions · API actions
Emblem Vault Logo

Lit Protocol's revolutionary programmable encryption transforms Emblem Vault into a living ecosystem where AI agents like Hustle operate autonomously across chains. By embedding intelligence directly into vaults, we're creating self-sovereign digital entities that execute complex cross-chain operations with unprecedented security.

Shannon, Founder

Beacon Protocol Logo

Lit Protocol enables us to provide unprecedented levels of data sovereignty and interoperability by using programmable keys that run on rules established by our protocol. Beacon Protocol's private data layer makes private data accessible to AI models and agents available across multiple chains and doesn't require centralized keys or a single point of failure like other data projects.

Phil, Founder

Tria Logo

Lit is a cornerstone in our vision for frictionless, chain-abstracted payments. At Tria, we're building intent-driven, wallet-agnostic primitives where users can transact across ecosystems without technical hassles like juggling wallets, gas fees, bridging etc. lit's programmable key management gives us the cryptographic trust layer to make that magic possible. Together, we're turning decentralized auth from a dev tool into a superpower for mainstream payments.

Parth, Co-founder

Genius Logo

Lit Protocol transformed our products through trustless multiparty compute. For Genius Bridge Protocol, Lit's encrypted runtime powers our universal solver - a decentralized agent using native DEX liquidity for faster, cheaper cross-VM intents without centralized relayers. With Genius Terminal, Lit's programmable encryption enables non-custodial multi-wallet management, DCAs, limit orders, and stop losses. Lit isn't just technology - it's the foundation for our next-gen DeFi solutions.

Brihu, Co-founder

What it looks like

One policy file. Checks, decides, signs.

A Lit Action is JavaScript that runs inside the network's TEE. Use it to verify conditions, enforce policy, and produce signatures only when your rules pass. Deploy once, bind signing authority to code, and govern upgrades on-chain.

policy-gated-transfer.action.ts
// Inside a Lit Action — policy enforcement in a chain-secured TEE

// Verify off-chain risk and compliance signals
const sanctions = await fetch(SANCTIONS_API + "/" + recipient).then(r => r.json());
const risk = await fetch(RISK_API + "/" + recipient).then(r => r.json());

// Verify on-chain state
const provider = new ethers.providers.JsonRpcProvider(BASE_RPC);
const vault = new ethers.Contract(vaultAddress, vaultAbi, provider);
const role = await vault.roles(sender);
const dailySpent = await vault.dailySpent(sender);

// Decide, then sign only if policy passes
if (!sanctions.blocked && risk.score < threshold && role.canTransfer) {
  if (dailySpent.add(amount).gt(role.dailyLimit)) throw new Error("over limit");

  const pk = await Lit.Actions.getLitActionPrivateKey();
  const wallet = new ethers.Wallet(pk, provider);
  const tx = await vault.connect(wallet).transfer(recipient, amount);
  Lit.Actions.setResponse({ response: tx.hash });
} else {
  Lit.Actions.setResponse({ response: "policy_denied" });
}
Why TEE, not consensus

Backend speed. Verifiable controls.
Enclave-secured execution.

Most automation forces a tradeoff: trust a backend operator, rely on a multisig, or wait for slow consensus on every decision. Lit takes a different path. Policy code runs inside a TEE — an enclave the hardware itself cryptographically attests to. Keys never leave. Operators can't inspect secrets.

The TEE's identity, its allowed code, and its signing authority are all governed on-chain. Teams can enforce security, compliance, and governance rules at runtime while keeping the latency and flexibility of programmable infrastructure.

The properties

Policy before every signature.
Fast enough for production.

Policy
Custom checks before signing
Attestation
TEE identity and code hash verifiable
Key safety
Keys never leave the network
Surface
Any HTTP, any chain, any API
Patterns shipping today

Security and policy patterns shipping today.

Solver vaults
Keep inventory behind a policy-gated signer so bots can fill orders, but compromised boxes cannot drain funds.
Policy-gated bridging
Verify source-chain events, limits, and risk signals before signing destination-chain mints or releases.
Tamper-resistant oracle policies
Aggregate external and on-chain data inside a TEE, then sign only when freshness, quorum, and deviation rules pass.
Verifiable AI decisioning
Run model or resolver logic in a TEE, attest the code path, and sign outcomes according to transparent rules.
Compliance-gated transfers
Screen wallets, enforce jurisdictional or protocol policies, and deny signatures for blocked recipients before assets move.

Check. Enforce. Sign.
Anywhere.

One programmable policy layer for everything that must happen before a key signs.

Read the docs
Get in touch