Polymarket.Clob.ClobAuth (Polymarket v0.1.1)

Copy Markdown View Source

EIP-712 L1 authentication for the Polymarket CLOB.

Before a wallet can obtain API credentials it must prove control of its address by signing a fixed ClobAuth message. That signature — together with the address, nonce and timestamp — forms the L1 header set the CLOB requires on GET /auth/derive-api-key and POST /auth/api-key.

The signed typed data is:

ClobAuth(address address,string timestamp,uint256 nonce,string message)

where message is the constant "This message attests that I control the given wallet", signed under the ClobAuthDomain (version "1") domain, which — unlike the order domain — has no verifying contract.

Unlike the L2 (HMAC) headers, the L1 signature covers only (address, timestamp, nonce, chain_id); it does not depend on the request path or body.

Summary

Functions

Computes the EIP-712 hashStruct of the ClobAuth message for address, timestamp (Unix seconds) and nonce.

Builds the four L1 authentication headers (POLY_ADDRESS, POLY_NONCE, POLY_SIGNATURE, POLY_TIMESTAMP) for private_key on chain_id.

Signs the ClobAuth message with private_key, returning the 0x-prefixed 65-byte signature hex used in the POLY_SIGNATURE L1 header.

Computes the 32-byte EIP-712 signing digest for the ClobAuth message on chain_id.

Functions

eip712_hash_struct(address, timestamp, nonce)

@spec eip712_hash_struct(<<_::160>>, integer(), non_neg_integer()) :: <<_::256>>

Computes the EIP-712 hashStruct of the ClobAuth message for address, timestamp (Unix seconds) and nonce.

headers(private_key, timestamp, nonce, chain_id)

Builds the four L1 authentication headers (POLY_ADDRESS, POLY_NONCE, POLY_SIGNATURE, POLY_TIMESTAMP) for private_key on chain_id.

timestamp is Unix seconds and must match the value sent to the server; nonce selects the API-key slot (callers default it to 0). The address is rendered as lowercase 0x hex, as the CLOB expects for L1 (L2 instead uses the checksummed form).

sign(private_key, timestamp, nonce, chain_id)

Signs the ClobAuth message with private_key, returning the 0x-prefixed 65-byte signature hex used in the POLY_SIGNATURE L1 header.

signing_digest(address, timestamp, nonce, chain_id)

@spec signing_digest(<<_::160>>, integer(), non_neg_integer(), integer()) ::
  <<_::256>>

Computes the 32-byte EIP-712 signing digest for the ClobAuth message on chain_id.