Skip to main content
This page covers the client-side prerequisites for the Send API: generating random 12-character base58 invite codes, deriving deterministic Solana secret keys from those codes, and the security requirements for handling invite codes and private keys.

Security

The Send API is designed for transaction building only - it expects and exchanges parameters such as public keys, amounts, and mint addresses. The API does not handle private keys or invite codes for security reasons. All cryptographic operations must be performed client-side:
  • Invite code generation
  • Private key derivation from invite codes
  • Transaction signing
The following sections provide the complete implementation steps required before using the API.
WARNINGCRITICAL SECURITY REQUIREMENTS
  • Never share invite codes or private keys - treat them like passwords or seed phrases
  • Store invite codes securely - use encrypted storage, secure vaults, or environment variables
  • Validate all inputs - ensure invite codes meet expected format before processing
  • Implement proper error handling - avoid exposing sensitive data in logs or error messages
⚠️ Loss of funds: Any exposure of invite codes or private keys may result in permanent loss of funds. Jupiter is not liable for losses due to compromised credentials.

Overview

1
Create invite code.
2
From utils, derive the secret key - a deterministic 64-byte Solana secret key (32 bytes private + 32 bytes public key).
3
Create Solana Keypair instance from the secret key.
4
Post request to get Send transaction.
  • If craft-clawback, requires an additional invitePDA to be passed in.
5
Sign with both sender and recipient keypair, then send transaction and wait for confirmation.

Prerequisite

Dependencies

Imports

Create a utils file to add these functions

Functions

Create Invite Code

Derive Solana Secret Key

Convert Binary To Base58