> For the complete documentation index, see [llms.txt](https://shinkalabs.gitbook.io/hub/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://shinkalabs.gitbook.io/hub/andromeda/capabilities.md). # What you get A snapshot of everything the API exposes. Use the [`/capabilities`](https://api.andromedainfra.pro/capabilities) endpoint to see what is enabled on the deployment you are calling; some features (identity, recovery) are opt-in per deployment. ## Multi-chain core * **Threshold signing over 4 curves.** Ed25519, SECP256K1, SECP256R1, Ristretto. One uniform REST surface. See [dWallets & 2PC-MPC](/hub/andromeda/concepts/dwallets.md). * **The full signing pipeline.** DKG, Presign, Sign, Future-Sign, Imported Key, Re-Encrypt Share, all as stateless REST calls. See [The signing pipeline](/hub/andromeda/guides/signing-pipeline.md). ## Wallet-agnostic and gas-sponsored * **Challenge-based auth.** Users prove control of any credential by signing a 32-byte challenge off-chain. See [Wallet-agnostic & challenge auth](/hub/andromeda/concepts/wallet-agnostic.md). * **Gas sponsor.** Andromeda pays the Solana fees on the flows it controls and submits the transaction for you. ## On-chain policies * **8 Quasar policy templates.** rules-policy, allowlist-destinations, velocity-guard, time-lock, oracle-conditional, passkey-step-up, fhe-gated, session-keys. Each holds the dWallet authority and is enforced on-chain. See [Deploy a policy](/hub/andromeda/guides/deploy-policy.md). * **Session keys with multi-session.** Scoped delegation with on-chain limits on expiry, number of uses, amount per transaction and allowed destination programs; many concurrent sessions per dWallet, each with a monotonic replay nonce. See [Session keys](/hub/andromeda/guides/session-keys.md). ## Recovery (optional) * **Primary and M-of-N quorum recovery.** Single-sig fast path plus a quorum path that stages member contributions in a PDA, so quorum size is not bounded. See [Configure recovery](/hub/andromeda/guides/configure-recovery.md) and [Run a recovery](/hub/andromeda/guides/run-recovery.md). * **Cross-chain recovery schemes.** 7 off-chain ownership-proof schemes plus 4 on-chain credential schemes, all validated by Solana precompiles. See [Recovery schemes](/hub/andromeda/reference/recovery-schemes.md). ## Confidential computing * **The Encrypt FHE surface.** Ciphertexts, graph pipelines, a small DSL, decryption requests, fee accounts, ownership transfer. See [The Encrypt FHE surface](/hub/andromeda/guides/encrypt-fhe.md). * **Confidential workflows.** Authorisation logic that runs on encrypted inputs, gated on-chain by the `fhe-gated` policy before an Ika signature is released. See [Confidential workflows](/hub/andromeda/guides/confidential-workflows.md). ## On-chain awareness and future-sign * **Future-Sign triggers.** Arm a trigger (oracle, slot, event, external webhook); the signature fires when the condition matches. See [Future-Sign triggers](/hub/andromeda/guides/future-sign.md). * **HMAC-signed webhooks.** Replay-protected, retried with backoff, with a dead-letter queue. See [Webhooks](/hub/andromeda/guides/webhooks.md). ## Identity (optional) * **Deterministic identity.** A dWallet address derived from an OAuth provider plus subject, plus email magic link and passkey-as-identity. Any client that authenticates the same account derives the same wallet, so recovery works across clients. See [Identity](/hub/andromeda/concepts/identity.md). * **GDPR endpoints.** Export and delete a user's identifiable data. See [Your data (GDPR)](/hub/andromeda/guides/gdpr.md). ## API surface and developer experience * **API keys with scopes and IP allowlists.** Read, write, admin and wildcard scopes; a CIDR allowlist per key. See [Get an API key](/hub/andromeda/getting-started/api-key.md). * **MCP server with auto-generated tools.** Around 70 tools, registered from the same route catalogue that drives REST (`GET /capabilities` reports the exact count). See [MCP](/hub/andromeda/concepts/mcp.md). * **OpenAPI 3.1.** Every endpoint has a typed schema, with curl, Postman and code samples. See [API reference](/hub/andromeda/api-reference/overview.md). * **Per-policy SDK metadata.** For a deployed policy, the API returns a tarball URL and an install command for a typed TypeScript client. See [Typed TypeScript client](/hub/andromeda/sdks-and-tooling/ts-client.md). ## Operational guarantees * **Idempotency keys.** Safe retries on every mutating endpoint, with byte-identical replay. See [Idempotency keys](/hub/andromeda/guides/idempotency.md). * **Dry-run / Simulate.** Structured diagnostics before you commit. See [Dry-run / Simulate](/hub/andromeda/guides/simulate.md). * **Auto-batching.** Pack many signature requests into the fewest Solana transactions. See [Auto-batching](/hub/andromeda/guides/batching.md). * **Signed, exportable audit log.** A per-tenant ed25519 hash chain you can verify without trusting Andromeda. See [Audit log](/hub/andromeda/guides/audit-log.md). --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://shinkalabs.gitbook.io/hub/andromeda/capabilities.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.