Skip to main content
The Canvas agent server exposes a small HTTP surface: a health check, wallet-authenticated read endpoints that power the dashboards, and the deposit endpoints used by the Base Pay Mini App. There is no separate SDK today — the read endpoints are plain signed GETs. Base URL: the agent server origin (Railway in production).

Authentication

Read endpoints require a wallet signature proving you control the address you’re querying. Sign the exact message:
where <timestampMs> is the current Unix time in milliseconds. Then send: The server verifies the signature on-chain, so both EOAs and smart-contract wallets (ERC-1271/6492) work. Signatures more than 5 minutes from the server clock are rejected to limit replay.

Endpoints

GET /health

Liveness check. No auth. Bound before the database connects so platform health checks succeed during cold start.

GET /api/groups

Auth required. Registered-group listing for the advertiser “available groups” view (marketplace data — any valid signature may browse).

GET /api/advertiser?wallet=<address>

Auth required. Campaigns and totals for the authenticated advertiser wallet. Returns 404 if no advertiser account is linked to the wallet.

GET /api/group-owner?wallet=<address>

Auth required. Groups, earnings, and totals for the authenticated group-owner wallet. Returns 404 if no groups are registered to the wallet.

GET /api/deposit/config

No auth. Returns the escrow address and chain for the deposit Mini App.

POST /api/deposit/confirm

Confirms a Base Pay deposit against a campaign. Called by the deposit Mini App with a signed payload:
Returns { "ok": true, … } on success, or a 400/500 with an error on failure.

POST /telegram/webhook

Internal — Telegram delivers bot updates here, validated by the webhook secret header. Not for third-party use.

Errors