Skip to main content
GET
/
wallet
/
link
/
challenge
Wallet Link Challenge
curl --request GET \
  --url https://pm-t1.bxingupdate.com/bvapi/wallet/link/challenge \
  --header 'Authorization: Bearer <token>'
{
  "nonce": "<string>",
  "message": "<string>",
  "expires_at": "<string>",
  "address": "<string>"
}
Request a challenge nonce for wallet linking.

Overview

The user must sign this challenge message to prove ownership of the wallet. Challenge expires in 5 minutes and can only be used once.

Flow

  1. Call this endpoint with the wallet address you want to link
  2. Receive a nonce and message to sign
  3. Sign the message with the wallet’s supported signing flow
  4. Submit the signature to POST /wallet/link
For signature_type=0 and 1, this is typically an EIP-191 personal_sign signature. For signature_type=2 and 3, the backend verifies a contract-wallet-compatible signature path instead of assuming a raw EOA private key.

Rate Limiting

  • 5 challenges per hour per API key

Challenge Message Format

Sign this message to link your wallet to Aion.

Wallet: 0x5668...9839
Nonce: a1b2c3d4e5f6...
Timestamp: 2026-04-25T12:00:00.000Z
The challenge is an off-chain plain-text message — no transaction is involved.

Authorizations

Authorization
string
header
default:YOUR_API_KEY
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

address
string
required

Wallet address to link (0x-prefixed, 40 hex chars)

Pattern: ^0x[a-fA-F0-9]{40}$

Response

Successful Response

nonce
string
required

Random challenge nonce

message
string
required

Full message to sign

expires_at
string
required

Challenge expiration time (ISO 8601)

address
string
required

Wallet address