Skip to main content

Module auth

Module auth 

Source
Expand description

Derive REST/WebSocket session authentication.

Authenticated sessions are built from an EIP-191 personal_sign over the current millisecond timestamp string, plus the smart-contract wallet address. The signature is produced by the session key.

Pipeline (matching derive_action_signing/utils.py::sign_rest_auth_header):

  1. Render timestamp = utc_now_ms().to_string().
  2. Sign the bytes with EIP-191 personal_sign(timestamp_bytes, session_key). Alloy’s [SignerSync::sign_message_sync] applies the \x19Ethereum Signed Message:\n<len> prefix automatically.
  3. Send headers X-LYRAWALLET = wallet, X-LYRATIMESTAMP = timestamp, X-LYRASIGNATURE = 0x-prefixed_signature_hex.

WebSocket login mirrors this with a JSON body of {wallet, timestamp, signature} instead of headers.

Structs§

AuthHeaders
Headers sent with REST requests authenticated against a session key.
WsLogin
Body sent on the WebSocket public/login request.

Enums§

AuthError
Errors raised while building auth headers.

Functions§

build_rest_auth_headers
Builds REST auth headers using the system clock as the reference time.
build_rest_auth_headers_at
Builds REST auth headers with an injected now_ms reference, suitable for deterministic testing.
build_ws_login
Builds the WebSocket login body using the system clock.
build_ws_login_at
Builds the WebSocket login body with an injected now_ms reference.