LIT-Protocol · Ansonhkg · Oct 30, 2025 · Oct 28, 2025 · Oct 30, 2025
@@ -78,7 +78,7 @@ console.log("🧔🏻‍♂️ BobsAccount:", BobsAccount.address);
 Alice decides who can decrypt her encrypted data
 
 <Tip>
-  See SDK Reference for more details on the Access Control Conditions Builder. [Access Control Conditions Builder Reference](/sdk/sdk-reference/access-control-conditions/functions/createAccBuilder)
+  See the [Access Control Conditions Builder Reference API](/sdk/sdk-reference/access-control-conditions/functions/createAccBuilder) for more details on how to build access control conditions.
 </Tip>
 
 ### Build Access Control Conditions

@@ -4,8 +4,7 @@ description: "Use your PKP to sign a message with the selected chain and scheme.
 ---
 
 <Tip>
-  See SDK Reference for more details on the PKP Sign. [PKP Sign
-  Reference](/sdk/sdk-reference/lit-client/functions/createLitClient#chain-raw-pkpsign)
+  See the [PKP Sign Reference API](/sdk/sdk-reference/lit-client/functions/createLitClient#chain-raw-pkpsign) for more details on how to sign a message with your PKP.
 </Tip>
 
 # Prerequisites

@@ -15,13 +15,13 @@ description: "Implement custom PKP authentication methods with Lit Actions"
 
 Custom Authentication allows <b>dApp owners</b> to provide PKPs (Programmable Key Pairs) to their users without requiring them to understand blockchain technology or manage private keys. Instead of forcing users to learn new authentication methods, you can leverage your existing authentication systems (OAuth, APIs, databases) while providing them with powerful web3 capabilities.
 
-This demonstrates the complete <b>dApp-centric custom authentication</b> flow from both perspectives: the <b>Site Owner</b> who sets up the system and the User who interacts with it.
+This demonstrates the complete <b>dApp-centric custom authentication</b> flow from both perspectives: the <b>Site Owner</b> who sets up the system and the <b>User</b> who interacts with it.
 
 # Overview
 
 In this example:
 
-- site owners control the PKP minting process and provide immutable validation logic via IPFS.
+- Site owners control the PKP minting process and provide immutable validation logic via IPFS.
 - Users get pre-minted PKPs and authenticate through the site owner's validation Lit Action.
 
 # Site Owner Walkthrough

@@ -49,7 +49,7 @@ description: "Discord Authentication uses your Discord account to authenticate v
   </Step>
 
     <Step title="Generate Auth Context">
-Use your newly minted PKP to create an AuthContext. This method will cache two things:
+Use your PKP's public key to create an AuthContext. This method will cache two things:
 1. session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
     - A public key - shared with the Lit nodes
     - A secret key (private key) - kept securely on the client
@@ -59,7 +59,7 @@ Use your newly minted PKP to create an AuthContext. This method will cache two t
 
 const authContext = await authManager.createPkpAuthContext({
   authData: authData, // <-- Retrieved earlier
-  pkpPublicKey: pkpInfo.pubkey, // <-- Minted earlier
+  pkpPublicKey: pkpInfo.pubkey,
   authConfig: {
     resources: [
       ["pkp-signing", "*"],

@@ -38,7 +38,7 @@ description: "Externally Owned Account (EOA) authentication uses your existing E
 
   <Step title="Authenticate with EOA">
 
-Use the WalletClientAuthenticator/ViemAccountAuthenticator to authenticate your connected wallet and generate auth data.
+Use the `WalletClientAuthenticator` or `ViemAccountAuthenticator` to authenticate your connected wallet and generate auth data.
 
   <CodeGroup>
 ```ts wagmi
@@ -97,17 +97,17 @@ You can select an existing PKP associated with your account or mint a new one.
   </Step>
 
   <Step title="Generate Auth Context">
-Use your newly minted PKP to create an AuthContext. This method will cache two things:
+Use your PKP's public key to create an AuthContext. This method will cache two things:
 1. session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
     - A public key - shared with the Lit nodes
     - A secret key (private key) - kept securely on the client
-2. Delegation AuthSig aka. the inner auth sig - a cryptographic attestation from the Lit Protocol nodes that authorises your session key to act on behalf of your PKP.
+2. Delegation AuthSig (aka. the inner auth sig) - a cryptographic attestation from the Lit Protocol nodes that authorises your session key to act on behalf of your PKP.
 
 ```ts
 
 const authContext = await authManager.createPkpAuthContext({
   authData: authData, // <-- Retrieved earlier
-  pkpPublicKey: pkpInfo.pubkey, // <-- Minted earlier
+  pkpPublicKey: pkpInfo.pubkey,
   authConfig: {
     resources: [
       ["pkp-signing", "*"],

@@ -49,7 +49,7 @@ description: "Google Authentication uses your Google account to authenticate via
   </Step>
 
     <Step title="Generate Auth Context">
-Use your newly minted PKP to create an AuthContext. This method will cache two things:
+Use your PKP's public key to create an AuthContext. This method will cache two things:
 1. session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
     - A public key - shared with the Lit nodes
     - A secret key (private key) - kept securely on the client
@@ -59,7 +59,7 @@ Use your newly minted PKP to create an AuthContext. This method will cache two t
 
 const authContext = await authManager.createPkpAuthContext({
   authData: authData, // <-- Retrieved earlier
-  pkpPublicKey: pkpInfo.pubkey, // <-- Minted earlier
+  pkpPublicKey: pkpInfo.pubkey,
   authConfig: {
     resources: [
       ["pkp-signing", "*"],

@@ -6,7 +6,7 @@ description: "Stytch TOTP 2FA Authentication is a secondary authentication metho
 # Prerequisites
 
 <Warning>
-  ⚠️ Backend Required: This authentication method requires a backend service
+  Backend Required: This authentication method requires a backend service
   that handles Stytch Email OTP operations. The auth service already has the
   implementation in place with the `/stytch/email/send-otp` and
   `/stytch/email/verify-otp` endpoints, but they are disabled by default. Simply
@@ -121,7 +121,7 @@ const authData = await StytchWhatsAppOtpAuthenticator.authenticate({
 
     <Step title="Generate Auth Context">
 
-Use your newly minted PKP to create an AuthContext. This method will cache two things:
+Use your PKP's public key to create an AuthContext. This method will cache two things:
 
 1. session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
    - A public key - shared with the Lit nodes
@@ -131,7 +131,7 @@ Use your newly minted PKP to create an AuthContext. This method will cache two t
 ```ts
 const authContext = await authManager.createPkpAuthContext({
   authData: authData, // <-- Retrieved earlier
-  pkpPublicKey: pkpInfo.pubkey, // <-- Minted earlier
+  pkpPublicKey: pkpInfo.pubkey,
   authConfig: {
     resources: [
       ["pkp-signing", "*"],

@@ -6,7 +6,7 @@ description: "Stytch Email OTP Authentication uses Stytch's Email OTP service to
 # Prerequisites
 
 <Warning>
-⚠️ Backend Required: This authentication method requires a backend service that handles Stytch Email OTP operations. The auth service already has the implementation in place with the `/stytch/email/send-otp` and `/stytch/email/verify-otp` endpoints, but they are disabled by default. Simply run your auth service at the configured URL to enable Stytch Email OTP functionality.
+Backend Required: This authentication method requires a backend service that handles Stytch Email OTP operations. The auth service already has the implementation in place with the `/stytch/email/send-otp` and `/stytch/email/verify-otp` endpoints, but they are disabled by default. Simply run your auth service at the configured URL to enable Stytch Email OTP functionality.
 </Warning>
 
 <Note>
@@ -75,7 +75,7 @@ description: "Stytch Email OTP Authentication uses Stytch's Email OTP service to
   </Step>
 
     <Step title="Generate Auth Context">
-Use your newly minted PKP to create an AuthContext. This method will cache two things:
+Use your PKP's public key to create an AuthContext. This method will cache two things:
 1. session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
     - A public key - shared with the Lit nodes
     - A secret key (private key) - kept securely on the client
@@ -85,7 +85,7 @@ Use your newly minted PKP to create an AuthContext. This method will cache two t
 
 const authContext = await authManager.createPkpAuthContext({
   authData: authData, // <-- Retrieved earlier
-  pkpPublicKey: pkpInfo.pubkey, // <-- Minted earlier
+  pkpPublicKey: pkpInfo.pubkey,
   authConfig: {
     resources: [
       ["pkp-signing", "*"],

@@ -6,7 +6,7 @@ description: "Stytch SMS OTP Authentication uses Stytch's SMS OTP service to aut
 # Prerequisites
 
 <Warning>
-  ⚠️ Backend Required: This authentication method requires a backend service
+  Backend Required: This authentication method requires a backend service
   that handles Stytch Email OTP operations. The auth service already has the
   implementation in place with the `/stytch/email/send-otp` and
   `/stytch/email/verify-otp` endpoints, but they are disabled by default. Simply
@@ -82,7 +82,7 @@ const authData = await StytchSmsOtpAuthenticator.authenticate({
 
     <Step title="Generate Auth Context">
 
-Use your newly minted PKP to create an AuthContext. This method will cache two things:
+Use your PKP's public key to create an AuthContext. This method will cache two things:
 
 1. session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
    - A public key - shared with the Lit nodes
@@ -92,7 +92,7 @@ Use your newly minted PKP to create an AuthContext. This method will cache two t
 ```ts
 const authContext = await authManager.createPkpAuthContext({
   authData: authData, // <-- Retrieved earlier
-  pkpPublicKey: pkpInfo.pubkey, // <-- Minted earlier
+  pkpPublicKey: pkpInfo.pubkey,
   authConfig: {
     resources: [
       ["pkp-signing", "*"],

@@ -6,7 +6,7 @@ description: "Enter your phone number to receive a one-time password (OTP) via W
 # Prerequisites
 
 <Warning>
-  ⚠️ Backend Required: This authentication method requires a backend service
+  Backend Required: This authentication method requires a backend service
   that handles Stytch Email OTP operations. The auth service already has the
   implementation in place with the `/stytch/email/send-otp` and
   `/stytch/email/verify-otp` endpoints, but they are disabled by default. Simply
@@ -83,7 +83,7 @@ const authData = await StytchWhatsAppOtpAuthenticator.authenticate({
 
     <Step title="Generate Auth Context">
 
-Use your newly minted PKP to create an AuthContext. This method will cache two things:
+Use your PKP's public key to create an AuthContext. This method will cache two things:
 
 1. session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
    - A public key - shared with the Lit nodes
@@ -93,7 +93,7 @@ Use your newly minted PKP to create an AuthContext. This method will cache two t
 ```ts
 const authContext = await authManager.createPkpAuthContext({
   authData: authData, // <-- Retrieved earlier
-  pkpPublicKey: pkpInfo.pubkey, // <-- Minted earlier
+  pkpPublicKey: pkpInfo.pubkey,
   authConfig: {
     resources: [
       ["pkp-signing", "*"],

@@ -57,7 +57,7 @@ description: "WebAuthn Authentication uses your device's secure hardware (such a
   </Step>
 
     <Step title="Generate Auth Context">
-Use your newly minted PKP to create an AuthContext. This method will cache two things:
+Use your PKP's public key to create an AuthContext. This method will cache two things:
 1. session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
     - A public key - shared with the Lit nodes
     - A secret key (private key) - kept securely on the client
@@ -67,7 +67,7 @@ Use your newly minted PKP to create an AuthContext. This method will cache two t
 
 const authContext = await authManager.createPkpAuthContext({
   authData: authData, // <-- Retrieved earlier
-  pkpPublicKey: pkpInfo.pubkey, // <-- Minted earlier
+  pkpPublicKey: pkpInfo.pubkey,
   authConfig: {
     resources: [
       ["pkp-signing", "*"],

@@ -4,23 +4,23 @@ description: "Configure the authentication manager with storage options and auth
 ---
 
 <Tip>
-See SDK Reference for more details on the Auth Manager. [Auth Manager Reference](/sdk/sdk-reference/auth/functions/createAuthManager)
+See the [Auth Manager Reference API](/sdk/sdk-reference/auth/functions/createAuthManager) for more details on how to create an Auth Manager.
 </Tip>
 
 ## Overview & Key Concepts
 
-The Auth Manager handles authentication flows and session persistence.
+The Auth Manager is responsible for managing authentication state and session persistence in your Lit Protocol application. It handles the storage and retrieval of authentication credentials, enabling users to maintain active sessions across page refreshes and application restarts without re-authenticating.
 
-### AuthContext Creation
+### What the Auth Manager Stores
 
-This method caches two components:
+When you authenticate with Lit Protocol, the Auth Manager caches critical authentication data locally:
 
-**Session Key Pair**: A temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
+**Session Key Pair**: A temporary cryptographic key pair that represents your current session with Lit Protocol:
 
-- **Public key** - shared with the Lit nodes
-- **Secret key (private key)** - kept securely on the client
+- **Public key** - Shared with Lit nodes to identify your session
+- **Secret key (private key)** - Kept securely in local storage, never transmitted
 
-**Delegation AuthSig (Inner Auth Sig)**: A cryptographic attestation from the Lit Protocol nodes that authorises your session key to act on behalf of your PKP
+**Delegation AuthSig (Inner Auth Sig)**: A cryptographic attestation from the Lit Protocol nodes that authorizes your session key to perform operations on behalf of your PKP
 
 <Steps>
   <Step title="Install the SDK">
@@ -48,15 +48,15 @@ bun add @lit-protocol/auth viem
 </CodeGroup>
 
 <Note>
-  <code>viem</code> must be installed in your application because the SDK no longer bundles it.
+  <code>viem</code> must be installed as a dependency because the Lit JS SDK does not bundle it.
 </Note>
   </Step>
   <Step title="Choose Storage Plugin">
-    Choose the appropriate network based on your development stage and requirements, then create your Lit Client instance.
+    Choose the appropriate storage plugin based on your environment and requirements, then create your Auth Manager instance.
 
     <CodeGroup>
 
-```typescript browser
+```typescript Browser Local Storage
 import { createAuthManager, storagePlugins } from "@lit-protocol/auth";
 
 const authManager = createAuthManager({
@@ -67,7 +67,7 @@ const authManager = createAuthManager({
 });
 ```
 
-```typescript node.js
+```typescript Node.js Local Storage
 import { createAuthManager, storagePlugins } from "@lit-protocol/auth";
 
 const authManager = createAuthManager({
@@ -79,7 +79,7 @@ const authManager = createAuthManager({
 });
 ```
 
-```typescript custom
+```typescript Custom Storage Plugin
 import { createAuthManager } from "@lit-protocol/auth";
 
 // Custom storage plugin example
@@ -116,10 +116,10 @@ const authManager = createAuthManager({
 
 ## Storage Options Comparison
 
-Select the appropriate network environment based on your development stage and requirements. Each network offers different characteristics for testing and production use cases.
+Choose your storage plugin based on where your application runs and how you want to manage session data.
 
 | Storage Type         | Persistence                             | Use Case                                           | Environment  |
 | -------------------- | --------------------------------------- | -------------------------------------------------- | ------------ |
-| **localStorage**     | Survives page refresh & browser restart | Web applications, client-side storage              | Browser      |
-| **localStorageNode** | File-based persistent storage           | Node.js applications, server-side scripts          | Node.js only |
-| **custom**           | Depends on implementation               | Database storage, encrypted storage, cloud storage | Custom       |
+| **localStorage**     | Survives page refresh & browser restart | Best for most web apps - sessions persist across browser restarts without additional setup | Browser      |
+| **localStorageNode** | File-based persistent storage           | Ideal for CLI tools, backend services, or automated scripts that need to maintain sessions | Node.js only |
+| **custom**           | Depends on implementation               | Use when you need centralized session management, enhanced security, multi-device sync, or database storage | Custom       |