Skip to main content

Set Up an Endorsement Server

This guide walks through how to set up your endorsement server. By issuing endorsements to your users, your endorsement server authorizes your users to fetch prices and swap tokens via your DFlow auctions. An endorsement is a cryptographically-signed message that gives the bearer permission to request quotes and swap tokens via your DFlow auctions.

It is recommended you complete this process before creating your first auction.

Step 1: Generate Endorsement Key

Endorsement servers use Ed25519 keys called endorsement keys to authorize quote requests and orders. You can use any valid Ed25519 key as your endorsement key. Generate one on your own, or use the DFlow Dashboard to generate one when you create your first auction.

Remember, you will need to input your endorsement key's public key when you create your first auction, and your endorsement server will use your endorsement key to authorize your users' quote requests and orders.

Step 2: Write and Deploy Your Endorsement Server

To authorize a quote request, your endorsement server must provide a valid endorsement to the requestor. An endorsement consists of an Ed25519 signature from the endorsement key, a unique identifier, an expiration time, and the endorsement key's public key.

The signature covers the UTF-8 encoded message "{id},{expirationTime}" or "{id},{expirationTime},{retailTrader}", where retailTrader is the public key of the retail trader that is authorized to make requests using the endorsement. The encoding used for retailTrader depends on the target chain that the endorsement is being issued for. See the examples below.


If an endorsement's signature covers the message "{id},{expirationTime}", then it only grants the bearer permission to request indicative quotes.

// Base58-encoded endorsement key public key used to sign the endorsement message
"endorser": string,
// Base64-encoded Ed25519 signature of "{id},{expirationTime}" or "{id},{expirationTime},{retailTrader}"
"signature": string,
// Unique identifier for the endorsement
"id": string,
// Expiration time as UTC. Number of seconds since Jan 1, 1970 00:00:00 UTC.
"expirationTimeUTC": integer,