Menu
How It Works For Businesses For Token & NFT Holders Developers For Foundations FAQ Blog Pricing GitHub
Get Started

Developers > Wallet Auth API Quickstart

Wallet Auth API Quickstart

Wallet Auth reads what a wallet holds across 33 blockchains and returns a signed credential. Boolean result, ECDSA-signed, no balance exposed.

Read on-chain conditions without running blockchain infrastructure or exposing wallet balances.

Source
Blockchain
Engine
InsumerAPI
Output
ECDSA-signed attestation
Consumer
Your app

Supports 30 EVM chains, Solana, and XRPL through a unified condition format.

1

Get your API key

Free tier: 100 daily reads, 10 verification credits. One key per email, no credit card. Agents: buy a key with USDC via POST /v1/keys/buy — no email needed.

Or via curl:

curl
curl -X POST https://api.insumermodel.com/v1/keys/create \
  -H "Content-Type: application/json" \
  -d '{
    "email": "you@example.com",
    "appName": "My App",
    "tier": "free"
  }'
Response
{
  "success": true,
  "key": "insr_live_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2",
  "name": "My App",
  "tier": "free",
  "dailyLimit": 100,
  "apiKeyCredits": 10
}

Save the key value. It is shown once and cannot be retrieved later.

2

Your first attestation

Check if a wallet holds at least 1 USDC on Base. POST /v1/attest

Costs 1 credit ($0.04).

curl
curl -X POST https://api.insumermodel.com/v1/attest \
  -H "Content-Type: application/json" \
  -H "X-API-Key: YOUR_API_KEY" \
  -d '{
    "wallet": "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045",
    "conditions": [{
      "type": "token_balance",
      "contractAddress": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
      "chainId": 8453,
      "threshold": 1,
      "decimals": 6,
      "label": "USDC >= 1"
    }]
  }'

# wallet: vitalik.eth
# contractAddress: USDC on Base (chainId 8453, 6 decimals)
3

The response

200 OK
{
  "ok": true,
  "data": {
    "attestation": {
      "id": "ATST-E365DB7F2A9C0481",
      "pass": true,
      "results": [
        {
          "condition": 0,
          "label": "USDC >= 1",
          "type": "token_balance",
          "chainId": 8453,
          "met": true,
          "evaluatedCondition": {
            "type": "token_balance",
            "chainId": 8453,
            "contractAddress": "0x8335...2913",
            "operator": "gte",
            "threshold": 1,
            "decimals": 6
          },
          "conditionHash": "0x448ddd3e...",
          "blockNumber": "0x1772dde",
          "blockTimestamp": "2026-03-06T12:00:00.000Z"
        }
      ],
      "passCount": 1,
      "failCount": 0,
      "attestedAt": "2026-03-06T12:00:01.000Z",
      "expiresAt": "2026-03-06T12:30:01.000Z"
    },
    "sig": "rHObYHqV...",
    "kid": "insumer-attest-v1"
  },
  "meta": {
    "creditsRemaining": 9,
    "creditsCharged": 1,
    "version": "1.0",
    "timestamp": "2026-03-06T12:00:01.000Z"
  }
}

pass: true — wallet meets all conditions

pass: false — one or more conditions failed

sig — ECDSA P-256 signature over the canonical JSON representation of data.attestation, verify offline with insumer-verify

kid — identifies the signing key, fetch the public key from /.well-known/jwks.json

Attestations expire after 30 minutes (expiresAt) to prevent replay. The JWKS endpoint is cacheable (24h max-age) — keys rotate rarely.

4

Run it end-to-end

Copy-paste this into a file, set your API key, and run it. Makes the attestation request and verifies the signature in one script.

Node.js
// npm install insumer-verify axios
import axios from "axios";
import { verifyAttestation } from "insumer-verify";

const res = await axios.post(
  "https://api.insumermodel.com/v1/attest",
  {
    wallet: "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045",
    conditions: [{
      type: "token_balance",
      contractAddress: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
      chainId: 8453,
      threshold: 1,
      decimals: 6
    }]
  },
  { headers: { "X-API-Key": process.env.INSUMER_API_KEY } }
);

const verified = await verifyAttestation(res.data, {
  jwksUrl: "https://insumermodel.com/.well-known/jwks.json"
});

console.log("Valid:", verified.valid); // true

Minimal example for your README:

Node.js
const res = await axios.post(
  "https://api.insumermodel.com/v1/attest",
  {
    wallet: "0x...",
    conditions: [{
      type: "token_balance",
      contractAddress: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
      chainId: 8453,
      threshold: 1,
      decimals: 6
    }]
  },
  { headers: { "X-API-Key": process.env.INSUMER_API_KEY } }
);

console.log(res.data.data.attestation.pass);
5

Verify the signature offline

The insumer-verify npm package checks the ECDSA signature, condition hashes, expiry, and pass/fail consistency in one call.

Node.js
// npm install insumer-verify
import { verifyAttestation } from "insumer-verify";

// Pass the full API response envelope, not response.data
const response = await res.json();
const result = await verifyAttestation(response, {
  jwksUrl: "https://insumermodel.com/.well-known/jwks.json"
});

console.log(result.valid); // true
6

Next steps

Verification

All condition types, Merkle proofs, Wallet Auth JWTs, and the full POST /v1/attest reference.

Trust Profiles

Multi-dimensional wallet scoring across stablecoins, governance, NFTs, DeFi, and compliance.

Compliance

EAS attestation templates for Coinbase Verified Account, Gitcoin Passport, and custom schemas.

Commerce

Token-gated discounts with ACP and UCP endpoints for merchant and consumer flows.

API Reference

All 26 endpoints, authentication, error codes, rate limits, and credit pricing.
← Back to Developers Hub Next: Verification →