Overview
Pumpologia uses wallet-based authentication. Users prove ownership of their wallet by signing a message, then receive a JWT for API access.
Authentication Flow
Step 1: Get Nonce
Request a unique nonce for the wallet address.
curl https://api.dmxt.xyz/auth/nonce?wallet=0x1234...abcd
Parameters
| Parameter | Type | Description |
|---|
| wallet | string | Wallet address (EVM or Solana) |
Step 2: Sign Message
Sign the nonce message with your wallet. The message format is:
Sign this message to authenticate: <nonce>
EVM Wallets
Use personal_sign or eth_sign:
const message = `Sign this message to authenticate: ${nonce}`;
const signature = await ethereum.request({
method: 'personal_sign',
params: [message, walletAddress],
});
Solana Wallets
Use the wallet adapter’s signMessage:
const message = new TextEncoder().encode(
`Sign this message to authenticate: ${nonce}`
);
const signature = await wallet.signMessage(message);
const signatureBase58 = bs58.encode(signature);
Step 3: Verify Signature
Submit the signature to receive a JWT.
curl -X POST https://api.dmxt.xyz/auth/verify \
-H "Content-Type: application/json" \
-d '{
"wallet": "0x1234...abcd",
"signature": "0xabcd...1234",
"nonce": "abc123def456"
}'
Request Body
| Field | Type | Description |
|---|
| wallet | string | Wallet address |
| signature | string | Signed message (hex for EVM, base58 for Solana) |
| nonce | string | The nonce from step 1 |
Using the Token
Include the JWT in all authenticated requests:
curl https://api.dmxt.xyz/me \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..."
Token Expiry
Tokens expire after 30 days. When expired, repeat the authentication flow.
Errors
| Error | Cause |
|---|
INVALID_NONCE | Nonce expired or already used |
INVALID_SIGNATURE | Signature doesn’t match wallet |
WALLET_NOT_FOUND | No user with this wallet (new user created) |
New wallets automatically create a user account on first authentication.
