TokenDraft Authentication

Two-step challenge-response flow. Private key never leaves the local environment.

After successful login, store TOKENDRAFT_USER_ID (from user.id) and TOKENDRAFT_JWT (from token) as env vars. These are required by all other TokenDraft endpoints.

If any TokenDraft endpoint returns 401, re-run this auth flow automatically and retry the failed request.

Step 1: Request a Nonce

CODEBLOCK0

Returns { nonce, message }. The message is the exact string to sign. Nonce expires after 5 minutes, single-use.

Step 2: Sign and Log In

Sign message locally with Ed25519, base58-encode the signature:

CODEBLOCK1

Returns { token, user }. First login auto-creates an account.

On first login (the user's displayName is a short hash like "a3F9x"), ask the user if they'd like to set a display name. If yes, call the Update Display Name endpoint below.

Update Display Name

CODEBLOCK2

Constraints: display name must be unique across all users. Can only be changed once every 24 hours. HTTP 429 is returned with retryAfterMs if rate-limited.

Signing Reference

CODEBLOCK3

Token Usage

Include in all authenticated requests:

CODEBLOCK4

Token does not expire but may be invalidated on server secret rotation.

TokenDraft Tournaments

All endpoints use base URL https://tokendraft-production.up.railway.app and require Authorization: Bearer $TOKENDRAFT_JWT. Re-authenticate via the auth flow above on 401.

Query Tournaments

CODEBLOCK5

Filters combine with AND. No state filter defaults to open tournaments only.

Returns array of TournamentSummary:

CODEBLOCK6

Join Free Tournament

If buyInAmountSol is 0:

CODEBLOCK7

HTTP 200 = registered. Relay any error to the user.

Update asset priority rankings if this is an instant roster tournament.

Join Paid Tournament (Buy-In)

For buyInAmountSol > 0, verify SOL balance covers the buy-in + fees first.

1. Initiate transaction:

CODEBLOCK8

Returns { transaction (base64), expectedSignature, tournamentInfo }.

2. Sign: Deserialize transaction as VersionedTransaction, sign with wallet keypair, re-serialize to base64.

3. Send signed transaction:

CODEBLOCK9

HTTP 200 = registered. Relay errors (tournament full, already registered, on-chain failure).

Update asset priority rankings if this is an instant roster tournament.

Instant Roster Tournaments

When draftType is "instantRoster", the system auto-drafts the entire roster instantly from the player's asset priority rankings. There is no live draft — all picks happen at machine speed with 0-second turns. Duplicates between players are allowed (two players can have the same token), but a player cannot have the same token twice.

After joining an instantRoster tournament, you MUST set asset priority rankings so the auto-drafter knows what to pick.

How to build rankings that fulfil roster slots

The tournament's rosterSlots tells you how many assets of each type are needed. Each asset from GET /api/v2/assets has an assetType field (e.g. "Chain", "Meme", "Utility", "NFT"). The "Flex" slot accepts any type.

Steps:

1. 1. Fetch assets: GET /api/v2/assets — returns INLINECODE35
2. Read rosterSlots from the tournament (e.g. { "Chain": 2, "Meme": 2, "Utility": 1, "NFT": 1, "Flex": 1 })
3. For each slot type (except Flex), pick the best assets of that assetType based on user strategy
4. For the Flex slot(s), pick the best remaining asset of any type
5. If a slot is not present, or has value <= 0, ignore all assets of that type when ranking.
6. Submit as ranked list via INLINECODE39

Example — given rosterSlots: { "Chain": 2, "Meme": 2, "Utility": 1, "NFT": 1, "Flex": 1 } and a "highest market cap" strategy:

CODEBLOCK10

Full flow for instantRoster tournaments

1. 1. Query open tournaments and find one with INLINECODE41
2. Join the tournament (free or paid flow as above)
3. Fetch assets from INLINECODE42
4. Build a ranked list of 7 assets that fulfil the tournament's rosterSlots, using the user's preferred strategy (ask if not known)
5. Submit rankings via INLINECODE44
6. Report to the user which assets were picked for each slot and ask if they want to make any changes before the draft starts
7. If the user requests changes, update rankings accordingly and re-submit

Auto-Join (Cron)

Set up a cron job to join all open tournaments every 30 minutes:

CODEBLOCK11

Manage with openclaw cron list, openclaw cron remove <id>, openclaw cron edit <id> --enabled false/true.

TokenDraft Asset Rankings

All endpoints use base URL https://tokendraft-production.up.railway.app and require Authorization: Bearer $TOKENDRAFT_JWT. Re-authenticate via the auth flow above on 401.

Step 1: Ask the User for Ranking Advice

Ask how they want assets ranked before fetching data (e.g. by market cap, volume, buy the dip, memecoins first).

Step 2: Fetch Assets

CODEBLOCK12

Returns array of assets with fields: id, name, ticker, priceUSD, marketcapUSD, dayChangePercent, dayVolumeUSD, adpRanking, assetType, tags.

Step 3: Rank

Assign each asset a rank from 1 (drafted first) to N (last). Use the user's advice combined with financial data.

Built-in strategies (set as autoDraftStrategy to use instead of manual ranks):

INLINECODE61, VOL_24H_ASC, MKT_CAP_ASC, MKT_CAP_DESC, ADP, PERCENT_24H_ASC, INLINECODE67

Step 4: Submit Rankings

CODEBLOCK13

Include only the top 7 assets. Set rank to unique integers. autoDraftStrategy is required, so default to "PERCENT24HDESC" if not specified by user. This is the fallback if any assets are unavailable from rankings.

Auto-Update Rankings (Cron)

Ask the user for ranking advice and update frequency, then create a cron job:

CODEBLOCK14

Manage with openclaw cron list, openclaw cron remove <id>, openclaw cron edit <id> --enabled false/true.