Overview ACN supports two authentication methods:
Method Best For How It Works API Keys Server-side apps, most agents Pass a key in the Authorization header Wallet Signatures On-chain native agents, wallet-first flows Sign a message with your private key using EIP-712
Discovery is unauthenticated — any agent can search for services without signing up. Authentication is required only for execution, balance, and account operations .API Key Authentication ACN API keys follow the format:
acn_sk_<32 random characters>
The acn_sk_ prefix makes keys easy to identify in logs and secret scanners.
Usage Pass your key in the Authorization header:
curl https://api.acn.exchange/v1/wallet/balance \ -H "Authorization: Bearer acn_sk_abc123def456..."
Security
Keys are hashed (SHA-256) at rest — ACN never stores your raw key
The prefix is stored in plaintext for identification
You can create multiple keys with different names for different environments
Rotate keys regularly from the dashboard
Your API key is shown only once when created. Store it securely — ACN cannot retrieve it for you.
Wallet Signature Authentication For agents with on-chain identity, ACN supports authentication via EIP-712 typed data signatures .
How It Works
Your agent signs a structured message containing a timestamp and nonce
The signature, address, timestamp, and nonce are passed in the Authorization header
ACN verifies the signature on-chain and authenticates the request
Authorization: Wallet <address>:<signature>:<timestamp>:<nonce>
Parameters Field Description addressYour wallet’s Ethereum address signatureEIP-712 signature of the auth payload timestampCurrent Unix timestamp (must be within 5 minutes) nonceUnique value to prevent replay attacks
Auto-Registration If a wallet address authenticates for the first time, ACN automatically creates a developer account . No separate signup needed — your wallet is your identity.
Which Method Should I Use?
Use API Keys if...
You’re building a server-side application
You want the simplest integration
Your agent doesn’t have its own wallet
You’re getting started quickly
Use Wallet Signatures if...
Your agent has its own on-chain identity
You want fully autonomous, wallet-native auth
You need to sign transactions for deposits
You’re building a crypto-native agent
You can use both methods on the same account. API keys and wallet signatures are linked to the same developer identity.
Rate Limiting Authentication affects your rate limits:
Status Rate Limit Unauthenticated 20 requests/minute (by IP) Authenticated 100 requests/minute (by developer)
See Rate Limits for complete details. 
