Skip to main content

Current model

Joyride identifies trading accounts by wallet address.

HTTP

Wallet identity is taken from:
  1. x-wallet header,
  2. x-device-id header (mobile compatibility), or
  3. wallet query parameter
Headers take precedence over the query parameter. 
curl -H 'x-wallet: GmQozSzrtMjXt5F1Bed8Vrt55zCbiga8vDZr47RX9wC8' \
  https://joyride.exchange/api/v1/account

WebSocket

The gateway requires a SIWS-style challenge/response before any private/* method:
  1. Request a nonce:
{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "public/get_nonce",
  "params": {
    "wallet": "GmQozSzrtMjXt5F1Bed8Vrt55zCbiga8vDZr47RX9wC8"
  }
}
  1. Sign the message Sign in to Joyride\n\nWallet: {wallet}\nNonce: {nonce} with the wallet’s ed25519 key.
  2. Submit the signed payload:
{
  "jsonrpc": "2.0",
  "id": 2,
  "method": "public/auth",
  "params": {
    "wallet": "GmQozSzrtMjXt5F1Bed8Vrt55zCbiga8vDZr47RX9wC8",
    "signature": "<base58-signature>",
    "message": "Sign in to Joyride\n\nWallet: GmQozSzrtMjXt5F1Bed8Vrt55zCbiga8vDZr47RX9wC8\nNonce: <nonce>"
  }
}
Successful auth returns the wallet address and creates the account and profile if they do not exist yet.

Admin endpoints

Admin routes require: 
Authorization: Bearer <ADMIN_TOKEN>
ADMIN_TOKEN is read from the server environment. For hosted environments, use an issued admin token and send it as a bearer token on each admin request.