> ## Documentation Index
> Fetch the complete documentation index at: https://vincent-feature-cpl-357-docs-revamp.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Lit Protocol

> Signing and encryption, programmable. Run JavaScript inside a chain-secured TEE that can sign on any chain and encrypt or decrypt data — with no backend to trust.

Lit gives your app two cryptographic superpowers without a backend to trust: **signing** (wallets whose keys never leave a secure enclave, driven by code you control) and **encryption** (data only your authorized code can decrypt). Both are powered by [Lit Actions](/lit-actions/index) — immutable JavaScript programs that run inside a chain-secured TEE, with key permissions governed on-chain.

<Card title="New here? Start with the Quick Start" icon="rocket" href="/quickstart" horizontal>
  Create an account, fund it, and run your first Lit Action in a few minutes — then follow the guide for your use case below.
</Card>

## What do you want to build?

Pick your use case. Each guide takes you from a fresh account to a working, verifiable result, and flags the administrative pieces (keys, funding, permissions) as you meet them.

<CardGroup cols={2}>
  <Card title="Signing" icon="signature" href="/guides/signing">
    Create a wallet the network holds for you, sign messages and transactions from code, and verify every signature. Covers conditional signing, EVM and Solana, and non-custodial co-signing.
  </Card>

  <Card title="Encryption & decryption" icon="lock" href="/guides/encryption">
    Encrypt secrets so only code you've authorized on-chain can decrypt them. Covers the encrypt/decrypt round trip, storing ciphertext anywhere, and using encrypted API keys inside actions.
  </Card>
</CardGroup>

Not sure which nouns mean what? [Core Concepts](/concepts) explains the five things every Lit app is made of — accounts, API keys, wallets (PKPs), actions, and groups — in one page.

## Use cases in the wild

Patterns people build on these two primitives, with runnable code for each.

<CardGroup cols={2}>
  <Card title="Cross-chain actions" icon="arrows-left-right" href="/lit-actions/examples#11-cross-chain-burn-mint-bridge">
    Read state on one chain, sign on another — bridges, mirrors, and replays without a multisig in the middle.
  </Card>

  <Card title="Custom oracles" icon="globe" href="/lit-actions/examples#9-median-price-oracle-across-three-exchanges">
    Aggregate any HTTP or RPC feed inside the TEE, sign the result, deliver it anywhere a signature is trusted.
  </Card>

  <Card title="Conditional signing" icon="shield-check" href="/lit-actions/examples#8-gate-an-erc-20-transfer-on-on-chain-sanctions-data-cross-chain">
    Sign only when on- or off-chain conditions hold — sanctions screens, price thresholds, KYC checks, dispute windows.
  </Card>

  <Card title="Encrypted secrets" icon="key" href="/lit-actions/examples#2-encrypt-a-secret">
    Encrypt API keys, credentials, or user data — decryptable only by an action you've authorized on-chain.
  </Card>
</CardGroup>

## Administer your account

Everything you need to operate what you build — you'll meet each of these inside the guides, and they're all collected under **Administration** in the sidebar.

<CardGroup cols={3}>
  <Card title="Dashboard" icon="browser" href="/management/dashboard">
    Web GUI for accounts, API keys, wallets (PKPs), IPFS actions, and groups.
  </Card>

  <Card title="API Keys" icon="key" href="/management/api_keys">
    Your master account key vs. scoped, rotatable usage keys — and how to manage both.
  </Card>

  <Card title="Pricing & Funding" icon="credit-card" href="/management/pricing">
    Credit-based billing, what's metered vs. free, and paying by card, crypto, or LITKEY.
  </Card>

  <Card title="Account Modes" icon="users-gear" href="/management/account_modes">
    API mode vs. ChainSecured mode — picking an ownership model and migrating between them.
  </Card>

  <Card title="REST API" icon="code" href="/management/api_direct">
    Drive every management workflow from cURL, the lightweight JS SDK, or your own OpenAPI client.
  </Card>

  <Card title="Errors" icon="triangle-exclamation" href="/management/errors">
    What `402 Payment Required` and friends mean, and how to fix them.
  </Card>
</CardGroup>

## How it works

How the runtime works and how trust is established.

<CardGroup cols={2}>
  <Card title="Chain Secured" icon="link" href="/architecture/chain-secured">
    Your keys' authority lives on-chain; an attested TEE enforces it by reading the chain.
  </Card>

  <Card title="Architecture" icon="layer-group" href="/architecture/index">
    The three layers: chain-secured TEE, on-chain permissions, and IPFS-hosted actions.
  </Card>

  <Card title="Auth Model" icon="shield-check" href="/architecture/authModel">
    How API keys, scopes, and account ownership combine to authorize requests.
  </Card>

  <Card title="Verification" icon="badge-check" href="/architecture/verification/index">
    Attest that the enclave is running the code it claims to be running.
  </Card>
</CardGroup>

## Reference

<CardGroup cols={2}>
  <Card title="Lit Actions SDK" icon="book" href="/lit-actions/chipotle">
    Functions available inside an action: signing, encryption, HTTP, response.
  </Card>

  <Card title="OpenAPI / Swagger" icon="file-code" href="https://api.chipotle.litprotocol.com/core/v1/swagger-ui">
    Full REST API schema — generate clients in any language.
  </Card>
</CardGroup>
