# Documentation

## Docs

- [Authentication Model](https://docs.dev.litprotocol.com/architecture/authModel.md): How accounts, API keys, PKPs, groups, and the TEE root key compose into a programmable KMS — and how self-sovereign vs SaaS emerges from configuration.
- [Entity Relationships](https://docs.dev.litprotocol.com/architecture/diagram.md): Entity relationships, on-chain vs TEE boundaries, and how self-sovereign vs SaaS emerges from configuration — not modes.
- [Groups](https://docs.dev.litprotocol.com/architecture/groups.md): How groups organize wallets, actions, and usage keys in Lit Chipotle.
- [Overview](https://docs.dev.litprotocol.com/architecture/index.md): How Lit Chipotle's three composable layers — TEE enclave, on-chain permissions, and IPFS — work together to provide programmable key management.
- [Chain of Trust Reference](https://docs.dev.litprotocol.com/architecture/verification/chain-of-trust.md): What each verification layer checks and why it matters — application, platform, network, and governance.
- [Full Verification Guide](https://docs.dev.litprotocol.com/architecture/verification/full-verification.md): Step-by-step commands to verify every layer of the Lit Chipotle chain of trust: hardware attestation, application code, TLS certificates, and on-chain governance.
- [Security & Verification](https://docs.dev.litprotocol.com/architecture/verification/index.md): How to verify that your connection to Lit Chipotle terminates inside a genuine TEE running unmodified code.
- [On-Chain KMS](https://docs.dev.litprotocol.com/architecture/verification/onchain-kms.md): How Lit Chipotle's root keys are gated by smart contracts on Base — not by Phala or Lit — and how to verify the KMS is active and configured correctly.
- [Verify in 30 Seconds](https://docs.dev.litprotocol.com/architecture/verification/quick-verify.md): One click to confirm the Lit Chipotle API server is running unmodified code inside a genuine Intel TDX enclave — plus three commands to verify it yourself.
- [Lit Protocol](https://docs.dev.litprotocol.com/index.md): One programmable runtime for everything between an event and a signed action. Read from any source, compute inside a chain-secured TEE, write to any chain or API — with no backend to trust.
- [Lit Actions SDK](https://docs.dev.litprotocol.com/lit-actions/chipotle.md)
- [Examples](https://docs.dev.litprotocol.com/lit-actions/examples.md): Common Lit Action patterns covering signing, encryption, decryption, HTTP fetching, contract calls, sending ETH, gating ERC-20 transfers on sanctions data, multi-source price oracles, AI-consensus prediction-market resolution, and permissionless cross-chain token bridging.
- [Module Imports](https://docs.dev.litprotocol.com/lit-actions/imports.md): Lit Actions can now import third-party ESM packages directly from jsDelivr. Every import is pinned to an exact version and verified with SHA-384 integrity hashes before any code reaches the runtime.
- [Overview](https://docs.dev.litprotocol.com/lit-actions/index.md): Lit Actions are immutable JavaScript programs stored on IPFS and executed by the Lit network. They can sign data, encrypt and decrypt secrets, and make arbitrary HTTP requests — all in a verifiable, trustless way.
- [Limits](https://docs.dev.litprotocol.com/lit-actions/limits.md): Default resource limits for Lit Actions on the Chipotle network.
- [Changes](https://docs.dev.litprotocol.com/lit-actions/migration/changes.md)
- [Encryption & Decryption](https://docs.dev.litprotocol.com/lit-actions/migration/encryption.md): How encryption and decryption work in Chipotle compared to the official Lit SDK's access-control-conditions approach.
- [Patterns](https://docs.dev.litprotocol.com/lit-actions/patterns.md): Common design patterns for Lit Actions: writing gating logic in plain JavaScript, using action-identity signing to produce immutable proofs, and structuring encrypt/decrypt flows around PKP wallets.
- [Secrets](https://docs.dev.litprotocol.com/lit-actions/secrets.md): How to use secrets — API keys, tokens, credentials — inside a Lit Action. The PKP-as-vault model, the encrypt-once / decrypt-at-runtime lifecycle, where to store ciphertexts, and how to rotate.
- [API Mode vs ChainSecured Mode](https://docs.dev.litprotocol.com/management/account_modes.md): How the two account ownership models differ, when to choose each, and how to move from API mode to ChainSecured.
- [API](https://docs.dev.litprotocol.com/management/api_direct.md): Using the API directly to configure Chipotle and execute actions.
- [API Keys](https://docs.dev.litprotocol.com/management/api_keys.md): Understanding account keys and usage keys in Lit Chipotle.
- [Crypto Payments](https://docs.dev.litprotocol.com/management/crypto.md): How to add funds to your Lit Chipotle account using cryptocurrency via Stripe.
- [Dashboard](https://docs.dev.litprotocol.com/management/dashboard.md)
- [Pricing](https://docs.dev.litprotocol.com/management/pricing.md): Credit-based pricing for Lit Chipotle — management operations, Lit Action execution, and how to top up your account.
- [Quick Start](https://docs.dev.litprotocol.com/quickstart.md): Go from zero to a running Lit Action in a few minutes using the Lit Dashboard or the REST API.