EIP-712 L1 authentication for the Polymarket CLOB.
Before a wallet can obtain API credentials it must prove control of its address
by signing a fixed ClobAuth message. That signature — together with the
address, nonce and timestamp — forms the L1 header set the CLOB requires on
GET /auth/derive-api-key and POST /auth/api-key.
The signed typed data is:
ClobAuth(address address,string timestamp,uint256 nonce,string message)where message is the constant
"This message attests that I control the given wallet", signed under the
ClobAuthDomain (version "1") domain, which — unlike the order domain — has
no verifying contract.
Unlike the L2 (HMAC) headers, the L1 signature covers only (address, timestamp, nonce, chain_id); it does not depend on the request path or body.
Summary
Functions
Computes the EIP-712 hashStruct of the ClobAuth message for address,
timestamp (Unix seconds) and nonce.
Builds the four L1 authentication headers (POLY_ADDRESS, POLY_NONCE,
POLY_SIGNATURE, POLY_TIMESTAMP) for private_key on chain_id.
Signs the ClobAuth message with private_key, returning the 0x-prefixed
65-byte signature hex used in the POLY_SIGNATURE L1 header.
Computes the 32-byte EIP-712 signing digest for the ClobAuth message on
chain_id.
Functions
@spec eip712_hash_struct(<<_::160>>, integer(), non_neg_integer()) :: <<_::256>>
Computes the EIP-712 hashStruct of the ClobAuth message for address,
timestamp (Unix seconds) and nonce.
@spec headers( Polymarket.Crypto.private_key(), integer(), non_neg_integer(), integer() ) :: [ {String.t(), String.t()} ]
Builds the four L1 authentication headers (POLY_ADDRESS, POLY_NONCE,
POLY_SIGNATURE, POLY_TIMESTAMP) for private_key on chain_id.
timestamp is Unix seconds and must match the value sent to the server; nonce
selects the API-key slot (callers default it to 0). The address is rendered as
lowercase 0x hex, as the CLOB expects for L1 (L2 instead uses the checksummed
form).
@spec sign(Polymarket.Crypto.private_key(), integer(), non_neg_integer(), integer()) :: String.t()
Signs the ClobAuth message with private_key, returning the 0x-prefixed
65-byte signature hex used in the POLY_SIGNATURE L1 header.
@spec signing_digest(<<_::160>>, integer(), non_neg_integer(), integer()) :: <<_::256>>
Computes the 32-byte EIP-712 signing digest for the ClobAuth message on
chain_id.