Skip to main content

Module auth_token

Module auth_token 

Source
Expand description

Lighter REST/WebSocket auth-token builder.

The Lighter venue authenticates long-running clients against a Schnorr signature over an ASCII message describing (deadline, account_index, api_key_index). The signed string is sent verbatim in the Authorization header and on the WebSocket subscribe handshake.

Pipeline (matching the Go reference ConstructAuthToken):

  1. Render message = "{deadline}:{account_index}:{api_key_index}".
  2. Split the ASCII bytes into 8-byte little-endian chunks, zero-padding the final chunk if needed, and decode each chunk as a canonical Goldilocks Fp element.
  3. Run hash_to_quintic_extension over the resulting [Fp] to derive a single Fp5 digest.
  4. Sign with the supplied (sk, k) using the standard Schnorr binding.
  5. Concatenate "{message}:{hex(sig)}" where sig is the canonical 80-byte s_le || e_le Schnorr layout encoded as lowercase hex.

The hash path here is not the body-element pipeline tx::compute_tx_hash uses; the auth token treats the message as opaque ASCII and packs it into limbs by raw little-endian bytes, while transactions encode each field as an Fp-domain integer.

Enums§

AuthTokenError
Errors raised by build_auth_token.

Constants§

DEFAULT_AUTH_TOKEN_TTL_SECS
Default deadline applied by build_auth_token_for when the caller does not supply one: 7 hours from the current wall clock. Sits inside the venue’s LIGHTER_AUTH_TOKEN_MAX_TTL (8 hours) with an hour of head room so a long-running session can pre-fetch and rotate before expiry.

Functions§

auth_token_message
ASCII auth-token message: "{deadline}:{account}:{api_key}".
build_auth_token
Build a Lighter auth token using the system clock as the now reference.
build_auth_token_at
Variant of build_auth_token accepting an explicit now_unix_secs.
build_auth_token_for
Mint an auth token from a crate::common::credential::Credential using the default 7-hour TTL and a fresh CSPRNG nonce.
build_auth_token_unchecked
Sign the auth-token message without TTL validation.
fresh_k
Draws a fresh canonical Scalar from the thread-local CSPRNG suitable for the per-signature k nonce.
hash_auth_message
Hash the auth-token ASCII message to its 40-byte Fp5 digest.