GETs.
Base URL: the agent server origin (Railway in production).
Authentication
Read endpoints require a wallet signature proving you control the address you’re querying. Sign the exact message:<timestampMs> is the current Unix time in milliseconds. Then send:
The server verifies the signature on-chain, so both EOAs and smart-contract wallets (ERC-1271/6492) work. Signatures more than 5 minutes from the server clock are rejected to limit replay.
Endpoints
GET /health
Liveness check. No auth. Bound before the database connects so platform health checks succeed during cold start.
GET /api/groups
Auth required. Registered-group listing for the advertiser “available groups” view (marketplace data — any valid signature may browse).
GET /api/advertiser?wallet=<address>
Auth required. Campaigns and totals for the authenticated advertiser wallet. Returns 404 if no advertiser account is linked to the wallet.
GET /api/group-owner?wallet=<address>
Auth required. Groups, earnings, and totals for the authenticated group-owner wallet. Returns 404 if no groups are registered to the wallet.
GET /api/deposit/config
No auth. Returns the escrow address and chain for the deposit Mini App.
POST /api/deposit/confirm
Confirms a Base Pay deposit against a campaign. Called by the deposit Mini App with a signed payload:
{ "ok": true, … } on success, or a 400/500 with an error on failure.