SIMA

Example

Wallet Authentication Example

Authenticate a wallet for a human user, AI agent, trading bot, or autonomous wallet without SIMA handling private keys.

Example Scenario

When this pattern applies.

A Solana wallet wants to access SIMA APIs. The client requests a nonce, signs it outside SIMA, and verifies the signature to receive wallet-scoped API access.

Request

Example request shape.

POST /agent/wallet/nonce
Content-Type: application/json

{
  "chain": "SOLANA",
  "walletAddress": "YOUR_WALLET_ADDRESS"
}

Response

Example response shape.

{
  "nonce": "SIMA_NONCE_EXAMPLE",
  "message": "Sign this SIMA wallet authentication challenge.",
  "expiresAt": "2026-06-21T12:10:00.000Z"
}

TypeScript

Copy-paste friendly example.

type WalletNonceResponse = {
  nonce: string;
  message: string;
  expiresAt: string;
};

async function requestWalletNonce(walletAddress: string) {
  const response = await fetch("https://api.sima-prime.com/agent/wallet/nonce", {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({ chain: "SOLANA", walletAddress }),
  });

  if (!response.ok) throw new Error("Unable to request SIMA wallet nonce");
  return (await response.json()) as WalletNonceResponse;
}

async function verifyWallet(walletAddress: string, signature: string) {
  const response = await fetch("https://api.sima-prime.com/agent/wallet/verify", {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({ chain: "SOLANA", walletAddress, signature }),
  });

  if (!response.ok) throw new Error("Wallet verification failed");
  return response.json();
}

Architecture Flow

  • Client identifies wallet address.
  • Client requests SIMA wallet nonce.
  • Wallet signs challenge outside SIMA.
  • Client verifies signature with SIMA.
  • SIMA returns normal access token model for authenticated APIs.

Safety Boundary

  • No private keys or seed phrases are sent to SIMA.
  • Examples do not execute payments or blockchain transfers.
  • Quotes do not issue certificates.
  • Evidence does not approve claims or authorize payout.
  • FULL_PAYMENT still requires treasury review before execution.