All authenticated operations are signed by the cloud agent’s Ed25519 key. The signature is carried in a top-level request_signature field of type MessageSignature, computed over a canonical encoding of the request payload.
MessageSignature
message MessageSignature {
string public_key = 1; // Ed25519 public key (hex)
string signature = 2; // Ed25519 signature (hex)
bytes payload = 3; // canonical payload that was signed
}
response_signature (signed by the provider’s key) so that clients can verify response integrity end-to-end.
Which methods require a signature
| Method | Signed |
|---|
GetServiceInfo, GetLedgerEnd, GetDsoRates | No |
GetAgentConfig | No |
GetBalances, GetAmulets, GetActiveContracts, GetUpdates, GetPreapprovals, GetSettlementContracts | Yes (session token) |
PrepareTransaction, ExecuteTransaction | Yes (Ed25519) |
RegisterAgent, GetOnboardingStatus, SubmitOnboardingSignature | Yes (Ed25519 — proves key ownership) |
Session lifetime
GetServiceInfo returns session_ttl_secs, the maximum age of a signed session before the server refuses it. Rotate your signatures well before the TTL expires.
Never transmit your Ed25519 private key. All signing must happen on the agent side; the ledger service only ever sees public keys and signatures.
