Skip to main content
Every state-changing action on Intention — order placement, modification, cancellation, deposit, withdrawal — is authenticated by a cryptographic signature over a canonical serialization of the action. This page will document the signing scheme: signature algorithm, canonicalization rules, session credentials, and the verification path.
Status: not yet published. The signing specification will be finalized before the first signed-action endpoints go live on the public testnet. Until then, treat the descriptions below as planning documentation.

What this page will contain

  • Algorithm. The signature scheme used by account keys, the curve and hash function, and the planned post-quantum migration path.
  • Canonical serialization. How action payloads are serialized prior to signing so that clients on different platforms produce byte-identical input.
  • Session credentials. How a long-lived account key authorizes a short-lived, scope-limited session credential, and how the session credential signs subsequent actions without exposing the account key.
  • Domain separation. The domain tags used to prevent signatures from being reused across action types or networks.
  • Replay protection. How nonces and chain identifiers combine to prevent replay across blocks and networks.
  • Verification. What a validator checks before admitting a signed action to the matching engine.
For early integration questions, email contact@intention.xyz.