Planned auth options
- •API Key for server-to-server integrations
- •Signed message for user-bound access (wallet proof)
- •Optional: scoped tokens for limited modules
Best practices
- •Never expose server keys in client bundles
- •Proxy requests through your backend if you need private quotas
- •Rotate keys regularly
Wallet-based access (concept)
- •Client signs a nonce
- •Backend exchanges signature for a short-lived token
- •Calls are scoped to that wallet identity
Zignal Arena Docs