> ## Documentation Index
> Fetch the complete documentation index at: https://docs.turnkey.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

export const SolutionCard = ({title, description, icon, href}) => {
  return <a href={href} className="not-prose font-normal group ring-0 ring-transparent cursor-pointer block rounded-lg border border-zinc-950/10 dark:border-white/10 bg-white dark:bg-transparent p-5 no-underline hover:border-primary/40 transition-colors">
      <div style={{
    display: 'flex',
    alignItems: 'flex-start',
    gap: '16px'
  }}>
        <img src={`/images/solutions/light/${icon}.svg`} className="tk-card-icon-img block dark:hidden" alt="" />
        <img src={`/images/solutions/dark/${icon}.svg`} className="tk-card-icon-img hidden dark:block" alt="" />
        <div>
          <div className="font-semibold text-sm text-zinc-950 dark:text-white group-hover:text-primary transition-colors">
            {title}
          </div>
          <div className="text-sm text-zinc-500 dark:text-zinc-400 mt-1">
            {description}
          </div>
        </div>
      </div>
    </a>;
};

## What are company wallets?

Company wallets are custodial wallets owned and operated by your organization. Your team controls the keys and defines who can sign, what they can sign, and under what conditions. **The wallets belong to your business; Turnkey provides the infrastructure to operate them securely at scale.**

Where [embedded wallets](/solutions/embedded-wallets/overview) give each end user their own wallet, company wallets centralize control within your organization. Your backend services, operators, and automated systems sign transactions through Turnkey's API, governed by role-based access controls and the policy engine.

## Why Turnkey for company wallets?

Managing company-controlled keys means solving for security, access control, multi-chain support, and automation, all without exposing private keys to your team or your infrastructure. Turnkey handles this so you can focus on your operations.

With Turnkey, you can:

* Sign millions of transactions with sub-100ms latency via [secure enclaves](/security/secure-enclaves)
* Define role-based access controls so each operator, service, or team member can only sign what they're authorized to
* Require multi-party approval for high-value or sensitive operations
* Support any blockchain with chain-agnostic, arbitrary signing
* Automate workflows like sweeps, payouts, and contract interactions via API
* Import existing keys or export them when needed

## How it works

Your backend authenticates to Turnkey via API key. Inside the secure enclave, the [policy engine](/features/policies/overview) evaluates the request against the signing policies you've defined. If approved, the enclave signs and returns the signature. If denied, no signature is produced.

Private keys never leave the [secure enclave](/security/secure-enclaves). Your operators and services interact with signatures, not keys.

### Access control model

Company wallets use a single [organization](/features/organizations) (or [sub-organizations](/features/sub-organizations) for tenant isolation). Within that org, you define:

* **Users** representing human operators and automated services, each with their own credentials (API keys, passkeys)
* **Tags** grouping users by role (e.g. `deployer`, `treasury-ops`, `sweeper`)
* **Policies** controlling what each role can sign: by recipient address, contract address, function selector, chain ID, transaction value, or any combination

Turnkey is deny-by-default. If no policy explicitly allows an action, it is rejected. See [Policies](/features/policies/overview) and [Policy Language](/features/policies/language).

### Security model

* **Keys never leave the enclave.** Private keys live in [Trusted Execution Environments (TEEs)](/security/secure-enclaves). All signing happens inside verifiable infrastructure; only signatures are returned.
* **Role-scoped access.** Every signing request is evaluated against policies in the enclave. Operators and services can only perform actions they've been explicitly authorized for.
* **Multi-party approval.** For sensitive operations, require multiple approvers before the enclave will sign. See [Co-signing transactions](/features/policies/examples/co-signing-transactions).
* **Trusted vs. untrusted separation.** A breach of your backend does not expose keys or signing capability. The enclave enforces policies independently of your infrastructure.

For a deeper look, see [Security](/security/our-approach) and [Secure Enclaves](/security/secure-enclaves).

## Building with Turnkey

Most company wallet integrations are backend-driven. Use Turnkey's server SDKs to create wallets, sign transactions, and manage policies programmatically from your infrastructure.

Server SDKs are available for [TypeScript](/solutions/company-wallets/integration-guide/javascript-server), [Go](/solutions/company-wallets/integration-guide/golang), [Ruby](/solutions/company-wallets/integration-guide/ruby), [Python](/solutions/company-wallets/integration-guide/python), and [Rust](/solutions/company-wallets/integration-guide/rust). For full control, you can call the [Turnkey API](/api-reference/overview/intro) directly.

The [Turnkey Dashboard](https://app.turnkey.com) serves as an internal GUI for managing wallets, users, and policies. If you need a custom operator-facing interface, you can build one using the [Embedded Wallet Kit](/solutions/embedded-wallets/integration-guide/react/index).

See the [Company Wallets Quickstart](/solutions/company-wallets/quickstart) to get started.

## Use cases

Company wallets serve different needs depending on what you're building. Choose the pattern that matches your operations.

<div style={{display: 'grid', gridTemplateColumns: 'repeat(2, 1fr)', gap: '12px'}}>
  <SolutionCard title="Payment Orchestration" icon="payment-orchestration" href="/solutions/company-wallets/payment-orchestration" description="Automate treasury operations, deposit sweeps, and cross-chain payouts with role-based controls at every transaction." />

  <SolutionCard title="Smart Contract Management" icon="smart-contract-management" href="/solutions/company-wallets/smart-contract-management" description="Deploy, interact with, and upgrade smart contracts with RBAC and multi-party approval for high-value operations." />

  <SolutionCard title="Agentic Wallets" icon="agentic-wallets" href="/solutions/company-wallets/agentic-wallets" description="Wallets operated by AI agents and automated systems with policy-scoped signing authority." />
</div>

## Ready to build?

* [Company Wallets Quickstart](/solutions/company-wallets/quickstart) -- set up your organization, create wallets, and sign your first transaction
* [Policy Quickstart](/features/policies/quickstart) -- define access controls and signing rules for your team
* [SDK Reference](/sdks/introduction) -- server SDKs for TypeScript, Go, Ruby, Python, and Rust