Feature overview

This section explains Signature V2, Onramper's request signing system for Widget and API integrations. Signatures ensure that sensitive data — like wallet addresses and amounts — cannot be altered or tampered with in transit.

Why we do this

When your application passes a wallet address to Onramper, an attacker who can modify the request could redirect funds to their own wallet. A signature acts as a tamper-proof seal: Onramper verifies it on every request, and any modified request is rejected.

What's new in V2

Signature V2 replaces the V1 shared-secret (HMAC-SHA256) approach with Ed25519 asymmetric signatures:

FeatureV1 (HMAC-SHA256)V2 (Ed25519)
Key typeShared secretAsymmetric key pair
Replay protectionNone built-inNonce + timestamp
Key rotationRequires coordinationGrace period support
Secret exposure riskBoth parties hold the secretOnly you hold the private key

How it works

  1. You generate an Ed25519 key pair. The private key never leaves your servers.
  2. You send the public key to Onramper during onboarding.
  3. You sign Widget URLs and API requests with your private key.
  4. Onramper verifies each signature against your registered public key.

Every signed request includes a timestamp and a nonce (a random UUID), making each request single-use and valid for a maximum of 15 minutes — so intercepted requests can't be replayed.

⚠️

V1 will be deprecated. All new integrations must use V2. Existing partners should migrate — see Migrating from V1 to V2.