Action Signing
This page keeps the historical /integration/eip712-signing path for link
compatibility, but the current private-beta trading action path is not
EIP-712 typed data.
Senticore trading actions are authorized by signing a deterministic action payload:
- Build the action payload in canonical field order.
- Encode it as canonical JSON bytes.
- Compute the production v2 hash:
blake3("SENTICORE/ACTION_PAYLOAD/v2" || chainId_be_u64 || verifyingContract20 || canonical_bytes). - Sign the 32-byte hash with secp256k1.
- Submit
{ payload, signature }through Trading HTTP or Order Entry.
The backend accepts both:
- raw ECDSA over the 32-byte action hash, and
- EIP-191
personal_signover that 32-byte hash.
Signatures are 65 bytes in EVM order: r || s || v. Recovery byte v may be
0/1 or 27/28.
TypeScript SDK
Use the SDK signing helpers instead of calling POST /actions/hash in the hot
path:
import { signAction, type LocalActionPayload } from "@sentico-labs/sdk";
const payload: LocalActionPayload = {
account: "0x1111111111111111111111111111111111111111",
nonce: 4810,
ts: Date.now(),
action: {
kind: "SpotPlaceOrder",
market: 7,
side: "Bid",
price: 998400,
qty: 1000,
timeInForce: "post_only"
}
};
const chainBinding = (await client.orderEntry.getActionChainBinding()).data;
const signedAction = signAction(payload, process.env.SENTICORE_PRIVATE_KEY!, {
chainBinding,
});
await client.trading.submitSignedAction(signedAction, {
idempotencyKey: "client-order-4810"
});
For full canonical encoding rules and golden vectors, see Local Action Signing.
Nonces
Local signing does not reserve or assign a nonce by itself. Clients must either:
- track the next account nonce locally and recover from structured nonce errors, or
- call the nonce-reservation endpoint and include the returned
nonceReservationIdin the payload before signing.
If a payload includes a reservation id without a valid reservation token, the action is rejected.
Delegated API agents
API agents and FIX credentials authorize an integration lane or delegated signer, but they do not remove the action-level authorization requirement. Every mutating order action must still be signed by the account owner or an authorized delegated signer.