Faster, Cheaper, and Built for the Agent Era

Lit Protocol is launching a new signing, encryption, and immutable compute network called Chipotle — a ground-up rebuild of how Lit Actions work, designed to be radically simpler, significantly cheaper, and natively accessible to AI agents and HTTP-native workflows.

Chipotle builds on the TEE-protected execution that Lit already uses, but introduces a major architectural improvement: the Lit Actions execution engine is now fully decoupled from the key management system (KMS), with key orchestration moving on-chain via TEE root of trust. The result is a faster, cheaper, and more modular system — delivering the same programmable signing and encryption developers expect from Lit, through a standard REST API that anything — a curl command, a Python script, an AI agent — can call directly.

For existing developers on Datil and Naga: Chipotle is live in dev now — you can start exploring the Dashboard, API, and Docs today. Once it reaches production, Datil and Naga will sunset 30 days later, targeting March 25th. We'll publish detailed migration guides and tooling well before that window opens. The conceptual model is familiar — the integration surface is just dramatically simpler.

What Developers Actually Get From This Upgrade

The single biggest change in Chipotle isn’t the trust model — it’s the developer experience.

No SDK required. Just simple HTTP.

The current Lit network requires an SDK to coordinate threshold signing across multiple nodes. Chipotle replaces all of that with a straightforward REST API. You authenticate with an API key, send a request, and get a response. That’s it.

This works from any language, any platform, any runtime. No client-side cryptography, no SDK dependency management, no coordination logic in your application code.

And if you want an SDK, we still make a JS SDK available to you and - even better - it’s now simple to roll your own in whatever language you need from the OpenAPI specification.

An Onchain Dashboard for Managing Everything

Chipotle ships with a web dashboard where you can create accounts, generate scoped API keys, spin up wallets (PKPs), register IPFS-pinned Lit Actions, and organize everything into permission groups — all without writing a line of code. The dashboard is a frontend to the same REST API, so everything you do there is reproducible programmatically. The backend for the dashboard is smart contacts. 

Groups: Scoped Permissions That Make Sense

Chipotle introduces Groups — a simple but powerful way to organize access control. A group combines wallets, permitted actions, and API keys into a single logical unit. You can scope a usage API key to only run specific Lit Actions against specific wallets, or open things up with flags like all_wallets_permitted. This is the kind of fine-grained control that was previously painful to wire up and is now a first-class primitive.

Built for Agents and x402

This is where Chipotle gets interesting for the AI agent ecosystem. Because the entire interface is a standard authenticated HTTP API, AI agents can integrate Lit signing and encryption as naturally as they call any other web service. There’s no SDK to bundle into an agent runtime, no complex client-side state to manage.

Combined with the x402 payment standard, this creates a clean model: agents discover Lit’s capabilities, pay per request, and execute programmable signing — all over HTTP. Lit becomes infrastructure that agents can use autonomously, not something that requires a human developer to wire up for each integration.

For teams building agent wallets, autonomous trading systems, or any workflow where software needs to hold and use keys programmatically, Chipotle is designed to be the execution layer you reach for.What Stays the Same

Lit Actions still work the way you expect. You write JavaScript, it runs in the same hardened Deno-based sandbox, and you gate signing and decryption with programmable logic. Your mental model of programmable key usage doesn’t change. The execution environment just got faster and the integration surface got simpler.

What’s Under the Hood

The architectural change that makes all of this possible is the move from threshold cryptography to TEE-based execution.

The Old Model: Threshold Cryptography

Lit’s current network distributes key shares across multiple nodes that must coordinate to sign or decrypt. This provides strong decentralization guarantees, but it comes with real costs: every operation requires multi-node coordination, which means higher latency, higher infrastructure expense, and scaling complexity that’s inherent to the architecture.

The New Model: Verifiable TEE

Chipotle executes Lit Actions inside hardware-backed Trusted Execution Environments with verifiable builds and ‘proof of cloud’. The key properties:

Decentralized root of trust. TEEs provide hardware remote attestation, on-chain verification of enclave identity, and deterministic measurement of the code running inside the TEE. The trust anchor is cryptographic and publicly verifiable.

Single-machine execution. Each request runs inside one TEE enclave rather than coordinating across multiple nodes. This is why Chipotle is faster and cheaper: you eliminate the coordination overhead entirely.

End-to-end encryption into the enclave. The HTTPS termination happens inside the TEE itself. The TLS private key lives in the enclave. There’s no middleware layer where plaintext is exposed.

On-chain key management. Keys are managed on-chain, with access control enforcement, release gating, and multisig authorization for upgrades. New releases go through on-chain governance before they touch production.

Migration from Naga

Here’s the timeline:

Now: Chipotle is in dev. The API and dashboard are available at api.dev.litprotocol.com and dashboard.dev.litprotocol.com.

Production launch: Date TBA. We’ll announce with at least two weeks notice.

Naga sunset: 30 days after Chipotle reaches production.

For most Lit Actions developers, migration is straightforward:

We will provide migration tooling, documentation, and hands-on support as the production launch approaches. If you’re running Lit Actions in production today, reach out to us — we want to make sure your transition is smooth.

Payments and $LITKEY

Chipotle introduces a pay-per-request model with LITKEY on Base. Details on pricing, payment integration, and potential support for additional currencies (including USDC) will be published closer to the production launch.

Roadmap

The initial Chipotle release includes Lit Actions, signing and decryption gating, the REST API and dashboard, Phala TEE execution, on-chain KMS integration, and LITKEY payments.

Future expansion will cover additional programmable cryptography primitives, multi-region scaling, expanded payment options, and advanced policy frameworks.

Get Started

Chipotle is live in dev today. You can explore and interact with the API and dashboard now:

Dashboard: dashboard.dev.litprotocol.com

API: api.dev.litprotocol.com

Docs: docs.dev.litprotocol.com

If you have questions or want early access to the production network, reach out to the Lit team (Discord).