Expand description
Derive REST/WebSocket session authentication.
Authenticated sessions are built from an EIP-191 personal_sign over the
current millisecond timestamp string, plus the smart-contract wallet
address. The signature is produced by the session key.
Pipeline (matching derive_action_signing/utils.py::sign_rest_auth_header):
- Render
timestamp = utc_now_ms().to_string(). - Sign the bytes with EIP-191
personal_sign(timestamp_bytes, session_key). Alloy’s [SignerSync::sign_message_sync] applies the\x19Ethereum Signed Message:\n<len>prefix automatically. - Send headers
X-LYRAWALLET = wallet,X-LYRATIMESTAMP = timestamp,X-LYRASIGNATURE = 0x-prefixed_signature_hex.
WebSocket login mirrors this with a JSON body of {wallet, timestamp, signature} instead of headers.
Structs§
- Auth
Headers - Headers sent with REST requests authenticated against a session key.
- WsLogin
- Body sent on the WebSocket
public/loginrequest.
Enums§
- Auth
Error - Errors raised while building auth headers.
Functions§
- build_
rest_ auth_ headers - Builds REST auth headers using the system clock as the reference time.
- build_
rest_ auth_ headers_ at - Builds REST auth headers with an injected
now_msreference, suitable for deterministic testing. - build_
ws_ login - Builds the WebSocket login body using the system clock.
- build_
ws_ login_ at - Builds the WebSocket login body with an injected
now_msreference.