@0xmonaco/types 0.8.5 → 0.8.7-develop.0e951a5

package/dist/api/index.d.ts

@@ -2,17 +2,18 @@
  * Base API Types
  *
  * Common interface that all API implementations should inherit from.
- * Provides standardized methods for token management and common functionality.
+ * Provides standardized methods for session-key management and common functionality.
  */
+import type { SessionCredentials } from "../auth/responses";
 /**
  * Base API interface that all API implementations should inherit from.
- * Provides common functionality for access token management.
+ * Provides common functionality for session-key management.
  */
 export interface BaseAPI {
     /**
-     * Set the access token for authenticated requests.
+     * Set (or clear) the session keypair used to sign authenticated requests.
      *
-     * @param token - JWT access token
+     * @param credentials - Hex-encoded session keypair, or `undefined` to clear.
      */
-    setAccessToken(token: string): void;
+    setSessionKeypair(credentials: SessionCredentials | undefined): void;
 }

package/dist/api/index.js

@@ -2,5 +2,5 @@
  * Base API Types
  *
  * Common interface that all API implementations should inherit from.
- * Provides standardized methods for token management and common functionality.
+ * Provides standardized methods for session-key management and common functionality.
  */

package/dist/auth/index.d.ts

@@ -5,7 +5,7 @@
  * signature verification, and backend authentication.
  */
 import type { BaseAPI } from "../api";
-import type { AuthState, BackendAuthResponse, ChallengeResponse, TokenRefreshResponse } from "./responses";
+import type { AuthState, BackendAuthResponse, ChallengeResponse, SessionCredentials, SessionRefreshResponse } from "./responses";
 /**
  * Auth API interface.
  * Provides methods for frontend and backend authentication.
@@ -16,12 +16,13 @@ export interface AuthAPI extends BaseAPI {
      * Complete authentication flow for frontend applications.
      *
      * This method handles the entire authentication process:
-     * 1. Creates a challenge
-     * 2. Signs the challenge message
-     * 3. Verifies the signature and returns JWT tokens
+     * 1. Generates a fresh ed25519 session keypair locally
+     * 2. Creates a challenge that commits to the session public key
+     * 3. Signs the challenge message with the wallet
+     * 4. Verifies the signature, registering the session public key
      *
      * @param clientId - Client ID of the application
-     * @returns Promise resolving to the authentication state with JWT tokens
+     * @returns Promise resolving to the authentication state (including the session keypair)
      */
     authenticate(clientId: string): Promise<AuthState>;
     /**
@@ -36,41 +37,44 @@ export interface AuthAPI extends BaseAPI {
     signChallenge(message: string): Promise<string>;
     /**
      * Creates a challenge for frontend authentication.
-     * Generates a unique nonce and message that the user must sign with their wallet.
+     * Generates a unique nonce and a message (embedding the session public key)
+     * that the user must sign with their wallet.
      * @param address - Wallet address of the user
      * @param clientId - Client ID of the application
+     * @param sessionPublicKey - Hex-encoded ed25519 session public key to bind
      * @returns Promise resolving to the challenge response
      */
-    createChallenge(address: string, clientId: string): Promise<ChallengeResponse>;
+    createChallenge(address: string, clientId: string, sessionPublicKey: string): Promise<ChallengeResponse>;
     /**
      * Verifies a signature for frontend authentication.
-     * Validates the signature against the challenge and returns JWT tokens.
+     * Validates the wallet signature against the challenge and registers the
+     * session public key, returning the new authentication state.
      * @param address - Wallet address of the user
-     * @param signature - Signature of the challenge message
+     * @param signature - Wallet signature of the challenge message
      * @param nonce - Nonce from the challenge response
      * @param clientId - Client ID of the application
-     * @returns Promise resolving to the authentication state with JWT tokens
+     * @param session - The locally-generated session keypair (hex-encoded)
+     * @returns Promise resolving to the authentication state
      */
-    verifySignature(address: string, signature: string, nonce: string, clientId: string): Promise<AuthState>;
+    verifySignature(address: string, signature: string, nonce: string, clientId: string, session: SessionCredentials): Promise<AuthState>;
     /**
      * Authenticates a backend service using a secret key.
-     * Returns JWT tokens for API access.
      * @param secretKey - Secret key of the application
-     * @returns Promise resolving to the backend auth response with JWT tokens
+     * @returns Promise resolving to the backend auth response
      */
     authenticateBackend(secretKey: string): Promise<BackendAuthResponse>;
     /**
-     * Refreshes an access token using a refresh token.
-     * @param refreshToken - The refresh token to use
-     * @returns Promise resolving to new access and refresh tokens
+     * Extends the current session's expiry. The request is signed with the
+     * active session key (set via {@link setSessionKeypair}).
+     * @returns Promise resolving to the new expiry
      */
-    refreshToken(refreshToken: string): Promise<TokenRefreshResponse>;
+    refreshSession(): Promise<SessionRefreshResponse>;
     /**
-     * Revokes the current session's refresh token.
-     * The server identifies the token to revoke from the access token in the Authorization header.
-     * @returns Promise resolving when the token is revoked
+     * Revokes the current session. The request is signed with the active session
+     * key, and the server deletes the matching session row.
+     * @returns Promise resolving when the session is revoked
      */
-    revokeToken(): Promise<void>;
+    revokeSession(): Promise<void>;
     /**
      * Sets the wallet client for signing operations.
      * Used when the wallet becomes available after SDK initialization.
@@ -78,4 +82,4 @@ export interface AuthAPI extends BaseAPI {
      */
     setWalletClient(walletClient: unknown): void;
 }
-export type { ApplicationInfo, AuthState, BackendAuthResponse, ChallengeResponse, TokenRefreshResponse, User, } from "./responses";
+export type { ApplicationInfo, AuthState, BackendAuthResponse, ChallengeResponse, SessionCredentials, SessionRefreshResponse, User, } from "./responses";

package/dist/auth/responses.d.ts

@@ -23,16 +23,22 @@ export interface User {
     username?: string;
 }
 /**
- * Authentication state containing all tokens and metadata
+ * Authentication state for the noncustodial session-key scheme.
  *
- * Returned by authentication methods and contains the tokens needed for API access.
+ * On login the SDK generates an ed25519 keypair locally and registers the
+ * public key with the server. Subsequent requests are signed with the private
+ * key — the server never holds a credential that can impersonate the user.
+ *
+ * The private key is the long-lived credential: persist it (e.g. localStorage,
+ * same risk profile as a JWT) to survive page reloads without re-prompting the
+ * wallet. When the session expires, call `refreshAuth()` or re-`login()`.
  */
 export interface AuthState {
-    /** JWT access token for authenticated requests */
-    accessToken: string;
-    /** JWT refresh token for token renewal and revocation */
-    refreshToken: string;
-    /** Unix timestamp (in seconds) when the access token expires */
+    /** Hex-encoded (64 chars) ed25519 session public key registered with the server */
+    sessionPublicKey: string;
+    /** Hex-encoded (64 chars) ed25519 session private key used to sign requests */
+    sessionPrivateKey: string;
+    /** Unix timestamp (in seconds) when the session expires */
     expiresAt: number;
     /** Information about the authenticated user */
     user: User;
@@ -57,11 +63,19 @@ export interface BackendAuthResponse {
     application: ApplicationInfo;
 }
 /**
- * Response to a token refresh request.
+ * A session keypair, hex-encoded. The private key is used to sign requests;
+ * the public key identifies the session server-side.
  */
-export interface TokenRefreshResponse {
-    /** New JWT access token */
-    accessToken: string;
-    /** Unix timestamp when the access token expires */
+export interface SessionCredentials {
+    /** Hex-encoded (64 chars) ed25519 public key */
+    publicKey: string;
+    /** Hex-encoded (64 chars) ed25519 private key */
+    privateKey: string;
+}
+/**
+ * Response to a session refresh request — extends the session's expiry.
+ */
+export interface SessionRefreshResponse {
+    /** Unix timestamp when the session expires after refresh */
     expiresAt: number;
 }

package/dist/market/index.d.ts

@@ -259,6 +259,7 @@ export interface ListFundingHistoryResponse {
 }
 export interface OpenInterest {
     trading_pair_id: string;
+    open_interest?: string;
     open_interest_base: string;
     open_interest_notional: string;
     updated_at: string;

package/dist/profile/index.d.ts

@@ -116,7 +116,7 @@ export interface GetUserBalancesParams {
  */
 export interface GetPaginatedUserMovementsResponse {
     /**
-     * Latest movements from Redis cache (real-time, instant updates).
+     * Latest movements from the live engine cache (real-time, instant updates).
      * These are the most recent movements that may not yet be in PostgreSQL.
      * Only populated on page 1; empty for subsequent pages.
      */
@@ -190,12 +190,16 @@ export interface AccountBalance {
     available_balance: string;
     /** Locked balance (in orders or pending operations, normalized) */
     locked_balance: string;
-    /** Total balance (available + locked + margin collateral, normalized) */
+    /** Collateral posted into margin (perps) accounts (normalized) */
+    margin_locked: string;
+    /** Total balance (available + locked + margin_locked, normalized) */
     total_balance: string;
     /** Available balance in raw format (wei) */
     available_balance_raw: string;
     /** Locked balance in raw format (wei) */
     locked_balance_raw: string;
+    /** Margin-locked balance in raw format (wei) */
+    margin_locked_raw: string;
 }
 /**
  * A single user trade execution.

package/dist/sdk/index.d.ts

@@ -1,6 +1,6 @@
 import type { PublicClient, TransactionReceipt, WalletClient } from "viem";
 import type { ApplicationsAPI } from "../applications";
-import type { AuthAPI, AuthState } from "../auth/index";
+import type { AuthAPI, AuthState, SessionCredentials } from "../auth/index";
 import type { DelegatedAgentsAPI } from "../delegated-agents";
 import type { FeesAPI } from "../fees";
 import type { MarginAccountsAPI } from "../margin-accounts";
@@ -29,10 +29,27 @@ export interface SDKConfig {
      * - "mainnet": https://api.monaco.xyz
      *
      * Only "mainnet" uses the Sei mainnet chain. All other networks use Sei testnet.
+     * `network` always selects the chain; supply {@link apiUrl} / {@link wsUrl}
+     * to point the SDK at a gateway that the preset URL doesn't cover.
      */
     network: Network;
     /** RPC URL for Sei blockchain interactions */
     seiRpcUrl: string;
+    /**
+     * Override the API gateway base URL. When set, the SDK sends all HTTP
+     * requests here instead of the {@link network} preset's default URL. Use for
+     * self-hosted gateways or e2e/dev stacks reachable only by a custom host
+     * (e.g. Docker DNS `http://api-gateway:8080`). `network` still selects the
+     * chain. Must be a valid absolute URL.
+     */
+    apiUrl?: string;
+    /**
+     * Override the WebSocket base URL. When set, the SDK connects here instead of
+     * the {@link network} preset's default WS URL. Pair with {@link apiUrl} when
+     * the WS service is reachable at a different host than the API gateway
+     * (e.g. Docker DNS `ws://ws-api:8080/ws`). Must be a valid absolute URL.
+     */
+    wsUrl?: string;
 }
 /**
  * Core SDK interface providing access to all Monaco functionality.
@@ -86,7 +103,7 @@ export interface MonacoSDK {
         disconnect: () => void;
         isConnected: () => boolean;
         getStatus: () => "connected" | "connecting" | "disconnected" | "reconnecting";
-        setToken: (token: string) => void;
+        setSessionKeypair: (credentials: SessionCredentials | undefined) => void;
         orders: (tradingPairId: string, tradingMode: TradingMode, handler: (event: OrderEvent) => void) => () => void;
         orderbook: (tradingPairId: string, tradingMode: TradingMode, magnitude: number, quotationMode: OrderbookQuotationMode, handler: (event: OrderbookEvent) => void) => () => void;
         ohlcv: (tradingPairId: string, tradingMode: TradingMode, interval: Interval, handler: (event: OHLCVEvent) => void) => () => void;

package/dist/trading/responses.d.ts

@@ -141,7 +141,7 @@ export interface GetPaginatedOrdersParams {
  * Response from getting paginated orders
  */
 export interface GetPaginatedOrdersResponse {
-    /** Latest orders from Redis cache (real-time, instant updates).
+    /** Latest orders from the live engine cache (real-time, instant updates).
      * These are the most recently created/updated orders that may not yet be in PostgreSQL.
      * Only populated on page 1.
      */

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@0xmonaco/types",
-	"version": "0.8.5",
+	"version": "0.8.7-develop.0e951a5",
 	"type": "module",
 	"repository": {
 		"type": "git",
@@ -20,7 +20,7 @@
 		"lint": "biome lint ."
 	},
 	"dependencies": {
-		"@0xmonaco/contracts": "0.8.5",
+		"@0xmonaco/contracts": "0.8.7-develop.0e951a5",
 		"zod": "^4.1.12"
 	},
 	"peerDependencies": {