Wallet Auth reads what a wallet holds across 37 blockchains and returns a signed attestation. Boolean result, ECDSA-signed, no balance exposed.
Read on-chain conditions without running blockchain infrastructure or exposing wallet balances.
Supports 31 EVM chains, Solana, and XRPL through a unified condition format.
Free tier: 100 daily reads, 10 verification credits. One key per email, no credit card. Agents on EVM: pay with USDC and skip the email — see the wallet-paid path below.
Or via curl:
curl -X POST https://api.insumermodel.com/v1/keys/create \ -H "Content-Type: application/json" \ -d '{ "email": "you@example.com", "appName": "My App", "tier": "free" }'
{
"success": true,
"key": "insr_live_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2",
"name": "My App",
"tier": "free",
"dailyLimit": 100,
"apiKeyCredits": 10
}
Save the key value. It is shown once and cannot be retrieved later.
Send 5+ USDC on Base to 0xAd982CB19aCCa2923Df8F687C0614a7700255a23, then POST the transaction hash. No email. The sender wallet becomes the key's identity, and an Insumer Access pass is minted to the same wallet so it can authenticate via wallet signature (see Wallet Auth below).
curl -X POST https://api.insumermodel.com/v1/keys/buy \ -H "Content-Type: application/json" \ -d '{ "txHash": "0x...", "chainId": 8453, "amount": 5, "appName": "my-agent" }'
Volume rates: $5–$99 = 25 credits/$1, $100–$499 = 33 credits/$1, $500+ = 50 credits/$1. USDC/USDT on EVM and Solana, BTC on Bitcoin (auto-detected from the transaction). Non-EVM senders use X-API-Key auth; the Insumer Access pass mint happens on EVM purchases only.
Check if a wallet holds at least 1 USDC on Base. POST /v1/attest
Costs 1 credit ($0.04).
curl -X POST https://api.insumermodel.com/v1/attest \ -H "Content-Type: application/json" \ -H "X-API-Key: YOUR_API_KEY" \ -d '{ "wallet": "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045", "conditions": [{ "type": "token_balance", "contractAddress": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", "chainId": 8453, "threshold": 1, "decimals": 6, "label": "USDC >= 1" }] }' # wallet: vitalik.eth # contractAddress: USDC on Base (chainId 8453, 6 decimals)
Agents on EVM who bought their key via /v1/keys/buy can replace X-API-Key with Authorization: Wallet <envelope> instead. The envelope is base64 JSON containing a SIWE message scoped to api.insumermodel.com plus an EIP-191 signature. Drop-in middleware that handles the construction: @skyemeta/access on npm.
{
"ok": true,
"data": {
"attestation": {
"id": "ATST-E365DB7F2A9C0481",
"pass": true,
"results": [
{
"condition": 0,
"label": "USDC >= 1",
"type": "token_balance",
"chainId": 8453,
"met": true,
"evaluatedCondition": {
"type": "token_balance",
"chainId": 8453,
"contractAddress": "0x8335...2913",
"operator": "gte",
"threshold": 1,
"decimals": 6
},
"conditionHash": "0x448ddd3e...",
"blockNumber": "0x1772dde",
"blockTimestamp": "2026-03-06T12:00:00.000Z"
}
],
"passCount": 1,
"failCount": 0,
"attestedAt": "2026-03-06T12:00:01.000Z",
"expiresAt": "2026-03-06T12:30:01.000Z"
},
"sig": "rHObYHqV...",
"kid": "insumer-attest-v1"
},
"meta": {
"creditsRemaining": 9,
"creditsCharged": 1,
"version": "1.0",
"timestamp": "2026-03-06T12:00:01.000Z"
}
}
pass: true — wallet meets all conditions
pass: false — one or more conditions failed
sig — ECDSA P-256 signature over the canonical JSON representation of data.attestation, verify offline with insumer-verify
kid — identifies the signing key, fetch the public key from /.well-known/jwks.json
Attestations expire after 30 minutes (expiresAt) to prevent replay. The JWKS endpoint is cacheable (24h max-age) — keys rotate rarely.
Copy-paste this into a file, set your API key, and run it. Makes the attestation request and verifies the signature in one script.
// npm install insumer-verify axios import axios from "axios"; import { verifyAttestation } from "insumer-verify"; const res = await axios.post( "https://api.insumermodel.com/v1/attest", { wallet: "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045", conditions: [{ type: "token_balance", contractAddress: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", chainId: 8453, threshold: 1, decimals: 6 }] }, { headers: { "X-API-Key": process.env.INSUMER_API_KEY } } ); const verified = await verifyAttestation(res.data, { jwksUrl: "https://insumermodel.com/.well-known/jwks.json" }); console.log("Valid:", verified.valid); // true
Minimal example for your README:
const res = await axios.post( "https://api.insumermodel.com/v1/attest", { wallet: "0x...", conditions: [{ type: "token_balance", contractAddress: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", chainId: 8453, threshold: 1, decimals: 6 }] }, { headers: { "X-API-Key": process.env.INSUMER_API_KEY } } ); console.log(res.data.data.attestation.pass);
The insumer-verify npm package checks the ECDSA signature, condition hashes, expiry, and pass/fail consistency in one call.
// npm install insumer-verify import { verifyAttestation } from "insumer-verify"; // Pass the full API response envelope, not response.data const response = await res.json(); const result = await verifyAttestation(response, { jwksUrl: "https://insumermodel.com/.well-known/jwks.json" }); console.log(result.valid); // true