SIMA

Knowledge Guide

Wallet Authentication

Wallet authentication lets humans, AI agents, and trading bots prove control of a wallet without SIMA taking custody of private keys or seed phrases.

Problem

Developers need a wallet authentication API that works for human users and machine systems while preserving private key boundaries.

Solution

SIMA uses wallet-first authentication. The wallet requests a nonce, signs outside SIMA, and verifies the signed challenge through the API.

When To Use SIMA

  • Use SIMA when a user, AI agent, or bot should authenticate by wallet.
  • Use it for Solana wallet authentication and AI agent wallet security flows.
  • Use it before quote, certificate, claim, or evidence workflows.

Common Workflow

  • Request a wallet nonce.
  • Sign the nonce outside SIMA using the wallet or agent-controlled signer.
  • Submit the signed challenge for verification.
  • Use the returned access token for authenticated SIMA APIs.

API References

  • POST /agent/wallet/nonce
  • POST /agent/wallet/verify
  • GET /agent/certificates
  • POST /agent/protection/offer

Boundary

Certificate, evidence, claim, and payout stay separate.

A SIMA certificate means premium paid, protection purchased, coverage exists, and the customer has the right to submit a claim and receive investigation. Evidence supports investigation and payout review. Claim submission starts investigation. FULL_PAYMENT still requires treasury review before payout execution.