Authentication

SIWS (Sign-In With Solana)

CogniFi utilizes a decentralized authentication mechanism known as Sign-In With Solana (SIWS). This standard allows users to authenticate using their non-custodial wallets (such as Phantom or Solflare) instead of a traditional username and password.

The Authentication Flow:

1. Request Challenge: The client requests a unique nonce (number used once) from the CogniFi backend.

2. Sign Message: The client wallet prompts the user to sign a standardized message containing the nonce, the domain, and the expiration time.

3. Verify Signature: The client sends the signed message to the backend. The backend validates the signature against the public key using the Ed25519 algorithm.

4. Session Token: Upon successful verification, the backend issues a JSON Web Token (JWT) valid for the session duration (typically 24 hours).

Header Requirement: All authenticated requests must include the JWT in the Authorization header.

Authorization: Bearer <your_session_token>

API Key Management

For high-frequency algorithmic traders and institutional partners, we offer API Keys to bypass the manual signing process.

• Rate Limits: Standard keys are limited to 10 requests per second (RPS). Enterprise keys offer up to 1000 RPS.

• Security: API Keys should never be exposed in client-side code (browsers). They are strictly for server-to-server communication.

• Rotation: Keys can be rotated instantly via the Developer Dashboard if a compromise is suspected.