{
  "slug": "safe/sdk",
  "title": "Safe SDK",
  "description": "The @cuitty/safe package shape, client and server halves, and framework subpaths.",
  "url": "https://cuitty.com/docs/safe/sdk",
  "markdown_url": "https://cuitty.com/docs/safe/sdk.md",
  "json_url": "https://cuitty.com/docs/safe/sdk.json",
  "frontmatter": {
    "title": "Safe SDK",
    "description": "The @cuitty/safe package shape, client and server halves, and framework subpaths.",
    "order": 7,
    "section": "Safe",
    "updatedAt": "2026-06-09"
  },
  "headings": [
    {
      "depth": 1,
      "slug": "safe-sdk",
      "text": "Safe SDK"
    },
    {
      "depth": 2,
      "slug": "client-half",
      "text": "Client half"
    },
    {
      "depth": 2,
      "slug": "server-half",
      "text": "Server half"
    },
    {
      "depth": 2,
      "slug": "core-integration",
      "text": "Core integration"
    },
    {
      "depth": 2,
      "slug": "framework-subpaths",
      "text": "Framework subpaths"
    }
  ],
  "body_markdown": "# Safe SDK\n\nSafe follows the Cuitty SDK initiative: one package per product, with subpath exports for each runtime surface.\n\n```text\n@cuitty/safe\n@cuitty/safe/client\n@cuitty/safe/server\n@cuitty/safe/types\n@cuitty/safe/react\n@cuitty/safe/solid\n@cuitty/safe/dsl\n@cuitty/safe/connectors\n@cuitty/safe/crypto\n@cuitty/safe/css\n```\n\nDo not create dash packages such as `@cuitty/safe-client`.\n\n## Client half\n\nThe client is a typed HTTP consumer generated from the root wire protocol.\n\n```ts\nimport { createSafeClient } from \"@cuitty/safe/client\";\n\nconst safe = createSafeClient({\n  baseUrl: \"http://localhost:4361\",\n  auth,\n});\n\nawait safe.resolve(\"acme/dev/database-url\");\nawait safe.secrets.put(\"acme/dev/github-token\", { value: tokenFromShell });\nawait safe.safes.create({ account: \"acme\", safe: \"dev\", provider: \"local\" });\n```\n\nUse `POST /api/safe/resolve` for resolution so references and values do not end up in URL paths or access logs.\n\n## Server half\n\nThe server half owns product logic and can be embedded instead of calling REST routes.\n\n```ts\nimport { createSafeServer } from \"@cuitty/safe/server\";\n\nconst safe = await createSafeServer({\n  indexPath: \".cuitty/safe/index.json\",\n});\n\nawait safe.resolve(\"acme/dev/database-url\");\n```\n\nProvider implementations must redact values before throwing or logging.\n\n## Core integration\n\n`@cuitty/core` remains a thin aggregator. It may lazy-load Safe and pass shared auth, transport, endpoint discovery, and mock mode into `createSafeClient`, but it must not implement resolving, crypto, provider mapping, 1Password auth, or Persist writes.\n\n```ts\nconst cuitty = createCuitty({\n  products: [\"safe\"],\n  endpoints: { safe: \"http://localhost:4361\" },\n  auth,\n});\n\nawait cuitty.safe?.resolve(\"acme/dev/database-url\");\n```\n\n## Framework subpaths\n\nReact and Solid components should be functionally equivalent. Components may display refs, provider status, audit metadata, scan findings, and connector health. They must not receive decrypted values unless the user explicitly enters reveal mode.",
  "body_html": "<h1 id=\"safe-sdk\">Safe SDK</h1>\n<p>Safe follows the Cuitty SDK initiative: one package per product, with subpath exports for each runtime surface.</p>\n<pre class=\"astro-code github-dark\" style=\"background-color:#24292e;color:#e1e4e8; overflow-x: auto;\" tabindex=\"0\" data-language=\"text\"><code><span class=\"line\"><span>@cuitty/safe</span></span>\n<span class=\"line\"><span>@cuitty/safe/client</span></span>\n<span class=\"line\"><span>@cuitty/safe/server</span></span>\n<span class=\"line\"><span>@cuitty/safe/types</span></span>\n<span class=\"line\"><span>@cuitty/safe/react</span></span>\n<span class=\"line\"><span>@cuitty/safe/solid</span></span>\n<span class=\"line\"><span>@cuitty/safe/dsl</span></span>\n<span class=\"line\"><span>@cuitty/safe/connectors</span></span>\n<span class=\"line\"><span>@cuitty/safe/crypto</span></span>\n<span class=\"line\"><span>@cuitty/safe/css</span></span></code></pre>\n<p>Do not create dash packages such as <code>@cuitty/safe-client</code>.</p>\n<h2 id=\"client-half\">Client half</h2>\n<p>The client is a typed HTTP consumer generated from the root wire protocol.</p>\n<pre class=\"astro-code github-dark\" style=\"background-color:#24292e;color:#e1e4e8; overflow-x: auto;\" tabindex=\"0\" data-language=\"ts\"><code><span class=\"line\"><span style=\"color:#F97583\">import</span><span style=\"color:#E1E4E8\"> { createSafeClient } </span><span style=\"color:#F97583\">from</span><span style=\"color:#9ECBFF\"> \"@cuitty/safe/client\"</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"></span>\n<span class=\"line\"><span style=\"color:#F97583\">const</span><span style=\"color:#79B8FF\"> safe</span><span style=\"color:#F97583\"> =</span><span style=\"color:#B392F0\"> createSafeClient</span><span style=\"color:#E1E4E8\">({</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  baseUrl: </span><span style=\"color:#9ECBFF\">\"http://localhost:4361\"</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  auth,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">});</span></span>\n<span class=\"line\"></span>\n<span class=\"line\"><span style=\"color:#F97583\">await</span><span style=\"color:#E1E4E8\"> safe.</span><span style=\"color:#B392F0\">resolve</span><span style=\"color:#E1E4E8\">(</span><span style=\"color:#9ECBFF\">\"acme/dev/database-url\"</span><span style=\"color:#E1E4E8\">);</span></span>\n<span class=\"line\"><span style=\"color:#F97583\">await</span><span style=\"color:#E1E4E8\"> safe.secrets.</span><span style=\"color:#B392F0\">put</span><span style=\"color:#E1E4E8\">(</span><span style=\"color:#9ECBFF\">\"acme/dev/github-token\"</span><span style=\"color:#E1E4E8\">, { value: tokenFromShell });</span></span>\n<span class=\"line\"><span style=\"color:#F97583\">await</span><span style=\"color:#E1E4E8\"> safe.safes.</span><span style=\"color:#B392F0\">create</span><span style=\"color:#E1E4E8\">({ account: </span><span style=\"color:#9ECBFF\">\"acme\"</span><span style=\"color:#E1E4E8\">, safe: </span><span style=\"color:#9ECBFF\">\"dev\"</span><span style=\"color:#E1E4E8\">, provider: </span><span style=\"color:#9ECBFF\">\"local\"</span><span style=\"color:#E1E4E8\"> });</span></span></code></pre>\n<p>Use <code>POST /api/safe/resolve</code> for resolution so references and values do not end up in URL paths or access logs.</p>\n<h2 id=\"server-half\">Server half</h2>\n<p>The server half owns product logic and can be embedded instead of calling REST routes.</p>\n<pre class=\"astro-code github-dark\" style=\"background-color:#24292e;color:#e1e4e8; overflow-x: auto;\" tabindex=\"0\" data-language=\"ts\"><code><span class=\"line\"><span style=\"color:#F97583\">import</span><span style=\"color:#E1E4E8\"> { createSafeServer } </span><span style=\"color:#F97583\">from</span><span style=\"color:#9ECBFF\"> \"@cuitty/safe/server\"</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"></span>\n<span class=\"line\"><span style=\"color:#F97583\">const</span><span style=\"color:#79B8FF\"> safe</span><span style=\"color:#F97583\"> =</span><span style=\"color:#F97583\"> await</span><span style=\"color:#B392F0\"> createSafeServer</span><span style=\"color:#E1E4E8\">({</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  indexPath: </span><span style=\"color:#9ECBFF\">\".cuitty/safe/index.json\"</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">});</span></span>\n<span class=\"line\"></span>\n<span class=\"line\"><span style=\"color:#F97583\">await</span><span style=\"color:#E1E4E8\"> safe.</span><span style=\"color:#B392F0\">resolve</span><span style=\"color:#E1E4E8\">(</span><span style=\"color:#9ECBFF\">\"acme/dev/database-url\"</span><span style=\"color:#E1E4E8\">);</span></span></code></pre>\n<p>Provider implementations must redact values before throwing or logging.</p>\n<h2 id=\"core-integration\">Core integration</h2>\n<p><code>@cuitty/core</code> remains a thin aggregator. It may lazy-load Safe and pass shared auth, transport, endpoint discovery, and mock mode into <code>createSafeClient</code>, but it must not implement resolving, crypto, provider mapping, 1Password auth, or Persist writes.</p>\n<pre class=\"astro-code github-dark\" style=\"background-color:#24292e;color:#e1e4e8; overflow-x: auto;\" tabindex=\"0\" data-language=\"ts\"><code><span class=\"line\"><span style=\"color:#F97583\">const</span><span style=\"color:#79B8FF\"> cuitty</span><span style=\"color:#F97583\"> =</span><span style=\"color:#B392F0\"> createCuitty</span><span style=\"color:#E1E4E8\">({</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  products: [</span><span style=\"color:#9ECBFF\">\"safe\"</span><span style=\"color:#E1E4E8\">],</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  endpoints: { safe: </span><span style=\"color:#9ECBFF\">\"http://localhost:4361\"</span><span style=\"color:#E1E4E8\"> },</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  auth,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">});</span></span>\n<span class=\"line\"></span>\n<span class=\"line\"><span style=\"color:#F97583\">await</span><span style=\"color:#E1E4E8\"> cuitty.safe?.</span><span style=\"color:#B392F0\">resolve</span><span style=\"color:#E1E4E8\">(</span><span style=\"color:#9ECBFF\">\"acme/dev/database-url\"</span><span style=\"color:#E1E4E8\">);</span></span></code></pre>\n<h2 id=\"framework-subpaths\">Framework subpaths</h2>\n<p>React and Solid components should be functionally equivalent. Components may display refs, provider status, audit metadata, scan findings, and connector health. They must not receive decrypted values unless the user explicitly enters reveal mode.</p>",
  "links_out": []
}