Skip to main content
The SDK provides signing utilities for authenticating requests using EIP-712 signatures (L1 authentication) and HMAC signatures (L2 authentication with API keys).

EIP-712 Signing

buildClobEip712Signature

Builds the canonical Polymarket CLOB EIP-712 signature for wallet-based authentication. 
import { buildClobEip712Signature } from "@polymarket/clob-client";

const signature = await buildClobEip712Signature(
  signer,
  chainId,
  timestamp,
  nonce
);
signer
ClobSigner
required
The wallet signer (ethers Wallet/JsonRpcSigner or viem WalletClient)
chainId
Chain
required
The chain ID (e.g., Chain.POLYGON, Chain.AMOY)
timestamp
number
required
Unix timestamp in seconds
nonce
number
required
Nonce value for the signature (typically 0 for most requests)
signature
string
The EIP-712 signature as a hex string

EIP-712 Domain and Types

The EIP-712 signature uses the following domain and type structure: Domain: 
{
  name: "ClobAuthDomain",
  version: "1",
  chainId: chainId // e.g., 137 for Polygon
}
Types: 
{
  ClobAuth: [
    { name: "address", type: "address" },
    { name: "timestamp", type: "string" },
    { name: "nonce", type: "uint256" },
    { name: "message", type: "string" }
  ]
}
Message: 
{
  address: "0x...",
  timestamp: "1234567890",
  nonce: 0,
  message: "This message attests that I control the given wallet"
}

Example: Creating an EIP-712 Signature

import { buildClobEip712Signature, Chain } from "@polymarket/clob-client";
import { Wallet } from "ethers";

const wallet = new Wallet(privateKey);
const timestamp = Math.floor(Date.now() / 1000);
const nonce = 0;

const signature = await buildClobEip712Signature(
  wallet,
  Chain.POLYGON,
  timestamp,
  nonce
);

console.log(signature);
// Output: "0xf62319a987514da40e57e2f4d7529f7bac38f0355bd88bb5adbb3768d80de6c1..."

HMAC Signing

buildPolyHmacSignature

Builds the canonical Polymarket CLOB HMAC signature for API key-based authentication. 
import { buildPolyHmacSignature } from "@polymarket/clob-client";

const signature = await buildPolyHmacSignature(
  secret,
  timestamp,
  method,
  requestPath,
  body
);
secret
string
required
The base64-encoded API secret key
timestamp
number
required
Unix timestamp in seconds
method
string
required
HTTP method (e.g., “GET”, “POST”, “DELETE”)
requestPath
string
required
API endpoint path (e.g., “/orders”, “/trades”)
body
string
Optional stringified JSON request body
signature
string
The HMAC-SHA256 signature as a URL-safe base64 string

HMAC Signature Process

The HMAC signature is generated using the following process:
  1. Construct the message: 
    message = timestamp + method + requestPath + body
    Example: "1000000POST/orders{\"tokenID\":\"123\"}"
  2. Decode the secret: Convert the base64-encoded secret to binary
  3. Sign the message: Use HMAC-SHA256 with the decoded secret
  4. Encode the signature: Convert to URL-safe base64 (replace + with -, / with _)

Example: Creating an HMAC Signature

import { buildPolyHmacSignature } from "@polymarket/clob-client";

const secret = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
const timestamp = Math.floor(Date.now() / 1000);
const method = "POST";
const requestPath = "/orders";
const body = JSON.stringify({ hash: "0x123" });

const signature = await buildPolyHmacSignature(
  secret,
  timestamp,
  method,
  requestPath,
  body
);

console.log(signature);
// Output: "ZwAdJKvoYRlEKDkNMwd5BuwNNtg93kNaR_oU2HrfVvc="

Signer Utilities

The SDK provides utilities for working with different signer types.

getSignerAddress

Extracts the address from a signer, supporting both ethers and viem signers. 
import { getSignerAddress } from "@polymarket/clob-client";

const address = await getSignerAddress(signer);
signer
ClobSigner
required
The wallet signer (ethers or viem)
address
string
The wallet address

signTypedDataWithSigner

Signs EIP-712 typed data with any supported signer type. 
import { signTypedDataWithSigner } from "@polymarket/clob-client";

const signature = await signTypedDataWithSigner({
  signer,
  domain,
  types,
  value,
  primaryType
});
signer
ClobSigner
required
The wallet signer
domain
TypedDataDomain
required
EIP-712 domain separator
types
TypedDataTypes
required
EIP-712 type definitions
value
TypedDataValue
required
The data to sign
primaryType
string
Optional primary type name (required for viem signers)
signature
string
The signature as a hex string

Constants

The following constants are used in EIP-712 signing: 
export const CLOB_DOMAIN_NAME = "ClobAuthDomain";
export const CLOB_VERSION = "1";
export const MSG_TO_SIGN = "This message attests that I control the given wallet";

Supported Signer Types

The SDK supports the following signer types:
  • ethers.js: Wallet, JsonRpcSigner
  • viem: WalletClient
The signer utilities automatically detect the signer type and use the appropriate signing method.
HMAC signatures use URL-safe base64 encoding. The secret key can be provided in either standard base64 or URL-safe base64 format - the SDK handles both automatically.

Build docs developers (and LLMs) love

Get started for freeTalk to us