How to Use Cardano on WordPress

A decision framework for building with Cardano on WordPress — figure out what you need, pick your tools, and start prompting.

What Are You Building?

These are open-source PHP frameworks you can build on top of — not locked apps you have to use one way. The right combination depends on what you’re trying to do and how you want users to interact with Cardano.

Three questions determine your stack:

  1. What does your project do? Payments, minting, marketplace, content signing, wallet connect?
  2. Who signs transactions? The user’s browser wallet, your server, or both?
  3. What Cardano features do you need? Native assets, metadata, CIP-30, IPFS?

The real product decision is custody and signing boundaries. Answer those and the architecture follows.

The Toolkit

Five plugins. Each handles a different layer of the stack. Use one or combine several.

php-cardano

Crypto Library

Pure PHP Ed25519 signing, BIP39 mnemonics, CIP-1852 HD wallet derivation, CBOR encoding. The cryptographic foundation everything else is built on.

You need this if: you’re doing any server-side signing, key generation, or address derivation.

GitHub →

weld-for-wp

Wallet Connect

CIP-30 browser wallet connectivity and transaction signing for WordPress. Shortcodes, REST endpoints, and a 14 KB frontend bundle.

You need this if: users connect their own browser wallet. Non-custodial or hybrid custody flows.

GitHub →

cardano-minting-and-payments

Minting Engine

No-code minting engine for WordPress. Create policy IDs, peg ADA to USD, and mint native assets with simple shortcodes. Built-in product manager with order tracking.

You need this if: you’re minting NFTs, accepting ADA payments, or need a shortcode-driven commerce flow with live USD-to-ADA conversion.

GitHub →

pbay-marketplace

Storefront

A Shopify replacement built on Cardano. Sell physical or digital goods for ADA — product catalog, CIP-30 checkout, NFT receipts, instant payouts, wallet-based order tracking. No payment processor, no middleman.

You need this if: you want a full ecommerce storefront powered by Cardano instead of Stripe or PayPal.

GitHub →

umbrella-blog

Content Signing

Blogging system with Cardano proof-of-authorship. Write posts, sign them on-chain, store the transaction hash. Readers can verify authorship independently.

You need this if: you’re proving authorship of WordPress posts on-chain.

GitHub →

Who Signs the Transactions?

This is the most important decision. It determines your security model, your UX, and which tools you need.

Non-Custodial

User’s browser wallet signs

CIP-30 wallet popup. User approves every transaction. You never touch their keys.

Good for: dApps where users control their own funds. Token-gated access. Voluntary participation.

Tools: weld-for-wp

Hybrid

Server + browser co-sign

Dual-signature flows. Policy wallet on the server, buyer wallet in the browser. Both must agree.

Good for: Controlled minting. Marketplace transactions. Anything requiring both parties to authorize.

Tools: weld-for-wp + php-cardano + cardano-minting-and-payments

Custodial

Server signs with PHP Ed25519

No wallet popup. Server manages encrypted keys. Seamless UX — but you hold the keys and the responsibility.

Good for: Automated operations. Content signing. Proof-of-authorship. Admin-initiated minting.

Tools: php-cardano (+ umbrella-blog for content signing)

Common Scenarios

Find what matches your project. Each scenario maps to a custody model and a set of tools.

Accept ADA payments for products

Hybrid

Customer pays from their wallet, you receive funds directly. NFT receipt minted automatically.

weld-for-wp + cardano-minting-and-payments + php-cardano

Mint NFTs from the WordPress admin

Custodial

Admin triggers mint from the dashboard. Server builds and signs the transaction. No wallet popup needed.

cardano-minting-and-payments + php-cardano

Token-gate content or membership

Non-Custodial

Check if a connected wallet holds a specific token. Gate pages, downloads, or features based on wallet contents.

weld-for-wp

Prove authorship of posts on-chain

Custodial

Sign blog posts on Cardano. Store the transaction hash. Readers verify authorship independently.

umbrella-blog + php-cardano

Add a wallet connect dashboard

Non-Custodial

Let visitors connect their Cardano wallet. Display balance, send ADA, show transaction history.

weld-for-wp

Build a physical goods marketplace

Hybrid

Sell physical or digital products for ADA. Product catalog, wallet checkout, NFT receipts, instant payouts. Like Shopify but on Cardano.

pbay-marketplace (+ php-cardano under the hood)

Custom commerce flow

Hybrid

Not a storefront — a custom payment flow. Subscriptions, donations, pay-per-access, tipping.

weld-for-wp + cardano-minting-and-payments + php-cardano

Prompt Recipes

Ready-to-copy prompts for your AI assistant. Each one includes the right repos, custody context, and safety rules. Paste into ChatGPT, Claude, or any LLM and start building.

Accept ADA Payments

Hybrid Custody — Payments 
I am building a WordPress plugin that accepts ADA payments for products.

## Environment
- WordPress running on Local (localwp.com)
- PHP 8.x, vanilla JS, no React/jQuery
- All code lives in wp-content/plugins/

## Architecture
- WordPress is the orchestration layer (roles, endpoints, admin UI)
- Cardano is the settlement layer
- Custody model: Hybrid — server holds an encrypted policy wallet for minting NFT receipts, buyer signs payment from their CIP-30 browser wallet
- Server-authoritative: API keys, signing, and sensitive logic stay in PHP

## Repositories (clone and study these as your foundation)
- php-cardano — Pure PHP Ed25519 signing, BIP39, CIP-1852 HD wallets, CBOR
  https://github.com/invalidcredentials/PHP-Cardano
- weld-for-wp — CIP-30 wallet connectivity + transaction signing for WordPress
  https://github.com/invalidcredentials/weld-for-wp
- cardano-minting-and-payments — No-code minting engine: policy IDs, shortcode-driven minting, USD-to-ADA pegging, product management
  https://github.com/invalidcredentials/cardano-minting-and-payments-easy-wordpress

## APIs
- Anvil API (ada-anvil.io) — transaction building and submission
- Blockfrost (blockfrost.io) — blockchain data queries

## Security Rules (follow in ALL generated code)
1. API keys stay server-side — PHP calls only, never in JS.
2. Capability checks (current_user_can) + nonce verification (check_ajax_referer) on every WP REST/AJAX endpoint. No anonymous writes.
3. Sanitize input (sanitize_text_field), escape output (esc_html / esc_url / wp_kses_post). Never trust input.
4. Transaction signing defaults to server-side PHP (Ed25519). CIP-30 wallet signing is opt-in only.
5. Private keys encrypted at rest (AES-256-CBC + WP salts). Plaintext keys never touch the database.
6. Downloads served via controlled endpoint; compute and display SHA-256.
7. Minimal frontend — server-rendered HTML, small vanilla scripts. No React or large JS bundles.
8. Database access through WordPress APIs only — $wpdb->prepare(), wp_insert_post(), update_post_meta(). No raw SQL string interpolation.

Help me outline the architecture, then provide implementation steps using the repositories above as my foundation.

Build a Physical Goods Marketplace

Hybrid Custody — Storefront 
I am building a physical goods marketplace on WordPress using Cardano for payments — like Shopify but without a payment processor.

## Environment
- WordPress running on Local (localwp.com)
- PHP 8.x, vanilla JS, no React/jQuery
- All code lives in wp-content/plugins/

## Architecture
- WordPress is the orchestration layer (roles, endpoints, admin UI)
- Cardano is the settlement layer
- Custody model: Hybrid — server holds an encrypted policy wallet for minting NFT receipts, buyers pay from their CIP-30 browser wallet. Funds go directly to the merchant address.
- Server-authoritative: API keys, signing, and sensitive logic stay in PHP

## Repository (clone and study this as your foundation)
- pbay-marketplace — Shopify replacement on Cardano: product catalog, CIP-30 checkout, NFT receipts, instant ADA payouts, wallet-based order tracking, no middleman
  https://github.com/invalidcredentials/pbay-marketplace-cardano
- php-cardano — Pure PHP Ed25519 signing, BIP39, CBOR (used under the hood)
  https://github.com/invalidcredentials/PHP-Cardano

## APIs
- Anvil API (ada-anvil.io) — transaction building and submission
- Blockfrost (blockfrost.io) — blockchain data queries, UTxO lookups
- Pinata (pinata.cloud) — IPFS pinning for NFT images and metadata

## Security Rules (follow in ALL generated code)
1. API keys stay server-side — PHP calls only, never in JS.
2. Capability checks (current_user_can) + nonce verification (check_ajax_referer) on every WP REST/AJAX endpoint. No anonymous writes.
3. Sanitize input (sanitize_text_field), escape output (esc_html / esc_url / wp_kses_post). Never trust input.
4. Transaction signing defaults to server-side PHP (Ed25519). CIP-30 wallet signing is opt-in only.
5. Private keys encrypted at rest (AES-256-CBC + WP salts). Plaintext keys never touch the database.
6. Downloads served via controlled endpoint; compute and display SHA-256.
7. Minimal frontend — server-rendered HTML, small vanilla scripts. No React or large JS bundles.
8. Database access through WordPress APIs only — $wpdb->prepare(), wp_insert_post(), update_post_meta(). No raw SQL string interpolation.

Help me build a storefront for physical goods using pbay-marketplace as my foundation. Outline the architecture, then provide implementation steps.

Mint NFTs from the Admin Dashboard

Custodial — Minting 
I am building a WordPress plugin that mints NFTs from the admin dashboard — no browser wallet needed.

## Environment
- WordPress running on Local (localwp.com)
- PHP 8.x, vanilla JS, no React/jQuery
- All code lives in wp-content/plugins/

## Architecture
- WordPress is the orchestration layer (roles, endpoints, admin UI)
- Cardano is the settlement layer
- Custody model: Custodial — server manages an encrypted signing key (Ed25519). Admin triggers mints from the WordPress dashboard. No CIP-30 wallet popup.
- Server-authoritative: API keys, signing, and sensitive logic stay in PHP

## Repositories (clone and study these as your foundation)
- php-cardano — Pure PHP Ed25519 signing, BIP39, CIP-1852 HD wallets, CBOR
  https://github.com/invalidcredentials/PHP-Cardano
- cardano-minting-and-payments — No-code minting engine: policy ID creation, shortcode-driven minting, USD-to-ADA pegging, CIP-25 metadata, Pinata IPFS
  https://github.com/invalidcredentials/cardano-minting-and-payments-easy-wordpress

## APIs
- Anvil API (ada-anvil.io) — transaction building, policy generation, submission
- Blockfrost (blockfrost.io) — blockchain data queries
- Pinata (pinata.cloud) — IPFS pinning for NFT images and metadata

## Security Rules (follow in ALL generated code)
1. API keys stay server-side — PHP calls only, never in JS.
2. Capability checks (current_user_can) + nonce verification (check_ajax_referer) on every WP REST/AJAX endpoint. No anonymous writes.
3. Sanitize input (sanitize_text_field), escape output (esc_html / esc_url / wp_kses_post). Never trust input.
4. Transaction signing defaults to server-side PHP (Ed25519). CIP-30 wallet signing is opt-in only.
5. Private keys encrypted at rest (AES-256-CBC + WP salts). Plaintext keys never touch the database.
6. Downloads served via controlled endpoint; compute and display SHA-256.
7. Minimal frontend — server-rendered HTML, small vanilla scripts. No React or large JS bundles.
8. Database access through WordPress APIs only — $wpdb->prepare(), wp_insert_post(), update_post_meta(). No raw SQL string interpolation.

Help me outline the architecture, then provide implementation steps using the repositories above as my foundation.

Connect Wallets and Gate Content

Non-Custodial — Wallet Connect 
I am building a WordPress plugin that connects Cardano wallets and gates content based on token ownership.

## Environment
- WordPress running on Local (localwp.com)
- PHP 8.x, vanilla JS, no React/jQuery
- All code lives in wp-content/plugins/

## Architecture
- WordPress is the orchestration layer (roles, endpoints, admin UI)
- Cardano is the settlement layer
- Custody model: Non-custodial — user connects their CIP-30 browser wallet (Lace, Eternl, Typhon). Server never has access to private keys. Token checks are read-only.
- Server-authoritative: API keys and blockchain queries stay in PHP

## Repository (clone and study this as your foundation)
- weld-for-wp — CIP-30 wallet connectivity, transaction signing, shortcodes, REST endpoints
  https://github.com/invalidcredentials/weld-for-wp

## APIs
- Blockfrost (blockfrost.io) — wallet balance queries, token lookups, asset verification

## Security Rules (follow in ALL generated code)
1. API keys stay server-side — PHP calls only, never in JS.
2. Capability checks (current_user_can) + nonce verification (check_ajax_referer) on every WP REST/AJAX endpoint. No anonymous writes.
3. Sanitize input (sanitize_text_field), escape output (esc_html / esc_url / wp_kses_post). Never trust input.
4. Transaction signing defaults to server-side PHP (Ed25519). CIP-30 wallet signing is opt-in only.
5. Private keys encrypted at rest (AES-256-CBC + WP salts). Plaintext keys never touch the database.
6. Downloads served via controlled endpoint; compute and display SHA-256.
7. Minimal frontend — server-rendered HTML, small vanilla scripts. No React or large JS bundles.
8. Database access through WordPress APIs only — $wpdb->prepare(), wp_insert_post(), update_post_meta(). No raw SQL string interpolation.

Help me outline the architecture, then provide implementation steps using weld-for-wp as my foundation.

Not Sure Where to Start?

The Cardano Builder Bot is a custom ChatGPT assistant pre-loaded with full context on all five plugins, their APIs, custody models, and security rules. Describe what you want to build and it will walk you through the architecture.

Open Cardano Builder Bot →

The 8 Safety Rules

Every plugin follows these rules. Every LLM session should too. They’re already included in the prompt recipes above.

API keys stay server-side

PHP calls only. JavaScript never sees credentials.

Capability checks + nonces

current_user_can() and check_ajax_referer() on every endpoint. No anonymous writes.

Sanitize in, escape out

sanitize_text_field() on receipt, esc_html() / esc_url() on render.

Server-side signing by default

PHP Ed25519 via CardanoTransactionSignerPHP. CIP-30 is opt-in.

Private keys encrypted at rest

AES-256-CBC using WordPress salts. Plaintext keys never touch the database.

Controlled download endpoints

ZIPs served through handlers. SHA-256 checksums computed automatically.

Minimal frontend surface

Server-rendered HTML, small vanilla scripts. No React or large JS bundles.

Database via WordPress APIs

$wpdb->prepare(), wp_insert_post(), update_post_meta(). No raw SQL.

Full details on the Security & Disclosure page.

Start Building

You have the framework. Pick your tools and start shipping.

Browse Projects Getting Started Guide Cardano Builder Bot