GET /v1/attestation/pubkey
Returns the Ed25519 public key Venum uses to sign /v1/swap/build responses. See Response attestation for how to verify.
Pin this key in your integration. Do not fetch it at request time and trust the result — an attacker who can MITM the swap response can MITM this endpoint too, so runtime fetch-and-trust gives no protection. Treat this endpoint as a provisioning-time convenience: read it once, hardcode the key, rotate deliberately.
Request
http
GET /v1/attestation/pubkeyNo authentication required.
Response
200 OK
json
{
"version": "v1",
"domain": "venum-swap-attestation",
"algorithm": "ed25519",
"publicKey": "Atte5t1ng1111111111111111111111111111111111"
}| Field | Type | Description |
|---|---|---|
version | string | Attestation format version (matches attestation.version) |
domain | string | Domain-separation tag prefixed to every signed message |
algorithm | string | Always ed25519 |
publicKey | string | Base58 Ed25519 public key — pin this |
The public key is a stable published constant, so this endpoint always returns it. Whether a given /v1/swap/build response is actually signed is indicated by its attestation field — null when the responding node isn't signing.