Connect
✅ Validado on-chain (Sepolia, ERC-4337)
Suites token/adv — contas ERC-4337 (Kernel v3): deploy/relay/sign-and-relay + nonce multi-op validados on-chain. Rotas avançadas (recovery/sessions/passkeys/oauth/validators) são síncronas (DB/calldata), validadas.
Gerada automaticamente do spec OpenAPI da API (fonte de verdade). 43 endpoint(s).
List connect accounts
GET /v1/connect/accounts
List all connect smart accounts for this tenant.
Auth: api-key
Respostas: 200
Create or get connect account
POST /v1/connect/accounts
Register a self-custody smart account. Returns the existing account if one already exists for the given signer and chain. The actual on-chain deployment happens on the first UserOperation.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 201
Get connect account
GET /v1/connect/accounts/{address}
Get connect account details by address.
Auth: api-key
Path params: address
Respostas: 200, 404
Check if a module is installed
GET /v1/connect/accounts/{address}/modules/installed
Queries Kernel.isModuleInstalled() on-chain. Returns whether the specified module is currently installed on the smart account.
Auth: api-key
Path params: address
Respostas: 200
List OAuth providers linked to account
GET /v1/connect/accounts/{address}/oauth
Returns all OAuth providers (Google, Apple) linked to this account.
Auth: api-key
Path params: address
Query params:
| Param | Tipo | Obrigatório |
|---|---|---|
chain_id | string | sim |
Respostas: 200
Unlink OAuth provider
DELETE /v1/connect/accounts/{address}/oauth/{provider}
Remove an OAuth provider link from an account.
Auth: api-key
Path params: address, provider
Query params:
| Param | Tipo | Obrigatório |
|---|---|---|
chain_id | string | sim |
Respostas: 200
List passkeys for account
GET /v1/connect/accounts/{address}/passkeys
Auth: api-key
Path params: address
Respostas: 200
Delete passkey for account
DELETE /v1/connect/accounts/{address}/passkeys/{credentialId}
Auth: api-key
Path params: address, credentialId
Respostas: 200
Get recovery configuration
GET /v1/connect/accounts/{address}/recovery
Get recovery guardians, threshold, and active requests for a connect account.
Auth: api-key
Path params: address
Query params:
| Param | Tipo | Obrigatório |
|---|---|---|
chain_id | string | sim |
Respostas: 200, 404
List relay operations for account
GET /v1/connect/accounts/{address}/relay
Auth: api-key
Path params: address
Respostas: 200
Check account safety net status
GET /v1/connect/accounts/{address}/safety-net
Check if the account has a safety net (2+ passkeys or recovery configured). Use this to gate value operations in the frontend.
Auth: api-key
Path params: address
Query params:
| Param | Tipo | Obrigatório |
|---|---|---|
chain_id | string | sim |
Respostas: 200
List session keys for account
GET /v1/connect/accounts/{address}/sessions
Auth: api-key
Path params: address
Respostas: 200
Revoke session key for account
DELETE /v1/connect/accounts/{address}/sessions/{sessionKeyId}
Auth: api-key
Path params: address, sessionKeyId
Respostas: 200
Connect analytics overview
GET /v1/connect/analytics/overview
Aggregated metrics for connect smart accounts: accounts, relay ops, session keys, recovery, passkeys.
Auth: api-key
Respostas: 200
Connect analytics timeseries
GET /v1/connect/analytics/timeseries
Daily account creation and relay ops for the selected period.
Auth: api-key
Respostas: 200
Encode installModule callData
POST /v1/connect/modules/install
Returns ABI-encoded callData for Kernel.installModule(). Wrap in a UserOp, sign, and relay via POST /relay.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201
Encode uninstallModule callData
POST /v1/connect/modules/uninstall
Returns ABI-encoded callData for Kernel.uninstallModule(). Wrap in a UserOp, sign, and relay via POST /relay.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201
Get network config for connect
GET /v1/connect/networks/{chainId}
Get the factory address, RPC URL, and bundler URL for a specific chain.
Auth: api-key
Path params: chainId
Respostas: 200, 404
Link OAuth to account
POST /v1/connect/oauth/link
Link an OAuth provider identity to an existing connect account. Requires a valid oauth_token from POST /oauth/verify.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201, 400, 409
Verify OAuth id_token
POST /v1/connect/oauth/verify
Validate a Google or Apple id_token. For returning users, returns account + session. For new users, returns an oauth_token to link after passkey + account creation.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201, 400
Cancel pending operation
POST /v1/connect/ops/{userOpHash}/cancel
Cancel a pending operation that hasn't been signed yet.
Auth: api-key
Path params: userOpHash
Respostas: 200, 201, 404
Submit signed UserOp
POST /v1/connect/ops/{userOpHash}/sign
Submit a client-signed UserOp for a pending operation. The relay op transitions from awaiting_sign → pending (submitted to bundler).
Auth: api-key
Path params: userOpHash
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201, 404
Sign + relay UserOp in one call (no SDK needed)
POST /v1/connect/ops/{userOpHash}/sign-and-relay
Accepts only the signature; backend builds the full PackedUserOperation v0.7 (sender/nonce/initCode/gas/fees), forwards to bundler, and persists state transitions. Equivalent to /sign + client-side UserOp build, but without requiring the dev to learn ERC-4337 v0.7 ABI / Kernel v3.1 init-code encoding / bundler RPC semantics.
Auth: api-key
Path params: userOpHash
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201, 400, 404, 502
List pending operations
GET /v1/connect/ops/pending
List all operations awaiting client-side signature for connect-mode tenants. Each pending op includes the encoded callData needed to build and sign the UserOp.
Auth: api-key
Respostas: 200
Register passkey metadata
POST /v1/connect/passkeys
Store passkey (WebAuthn credential) metadata for a connect account. Used for recovery and device enumeration.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 201
List paymasters
GET /v1/connect/paymasters
List all paymasters registered by this tenant.
Auth: api-key
Respostas: 200
Register a paymaster
POST /v1/connect/paymasters
Register a deployed UrblockPaymaster contract so the relay auto-signs paymasterAndData for sponsored ops. Accepts either a raw signer_private_key (DEPRECATED — will be removed 2026-09-01) or keystore_json + keystore_password.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 201, 409
Get paymaster
GET /v1/connect/paymasters/{id}
Get a specific paymaster by ID.
Auth: api-key
Path params: id
Respostas: 200, 404
Deactivate paymaster
DELETE /v1/connect/paymasters/{id}
Deactivate a paymaster (does not affect on-chain deposit).
Auth: api-key
Path params: id
Respostas: 200, 404
Register a paymaster from an Ethereum keystore (preferred)
POST /v1/connect/paymasters/import-keystore
Register a UrblockPaymaster signer from an Ethereum keystore V3 JSON + password. The plaintext key is never persisted; the keystore is decrypted in memory, the resulting key is immediately re-sealed with CONNECT_PAYMASTER_ENCRYPTION_KEY + per-row AAD, and the plaintext is discarded.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 201, 400, 409
Cancel recovery
POST /v1/connect/recovery/{requestId}/cancel
Owner cancels a pending recovery. Off-chain operation — no on-chain callData needed.
Auth: api-key
Path params: requestId
Respostas: 200, 201
Confirm recovery
POST /v1/connect/recovery/{requestId}/confirm
Additional guardian confirms a recovery request. Off-chain operation.
Auth: api-key
Path params: requestId
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201
Execute recovery
POST /v1/connect/recovery/{requestId}/execute
Execute recovery after timelock expires. Returns doRecovery callData to submit as UserOp. Pass executed_tx_hash once the doRecovery UserOp is confirmed on-chain to finalize the request to terminal 'executed'.
Auth: api-key
Path params: requestId
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201
Configure recovery guardians
POST /v1/connect/recovery/configure
Set up social recovery guardians for a connect account. Off-chain guardian registry.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201
Initiate recovery
POST /v1/connect/recovery/initiate
A guardian initiates recovery by proposing new validator key data. Off-chain operation.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201
Relay UserOperation
POST /v1/connect/relay
Submit a signed ERC-4337 UserOperation for relay through the urblock bundler.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 201, 202
Get relay status
GET /v1/connect/relay/{userOpHash}
Check the status of a relayed UserOperation.
Auth: api-key
Path params: userOpHash
Respostas: 200, 404
Get UserOperation receipt
GET /v1/connect/relay/{userOpHash}/receipt
Fetch the on-chain receipt of a UserOperation from the bundler. Returns null if the operation is still pending (not yet mined).
Auth: api-key
Path params: userOpHash
Query params:
| Param | Tipo | Obrigatório |
|---|---|---|
chain_id | string | sim |
Respostas: 200
Estimate UserOperation gas
POST /v1/connect/relay/estimate-gas
Estimate gas limits for a UserOperation via the bundler's eth_estimateUserOperationGas. Returns preVerificationGas, verificationGasLimit, and callGasLimit.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201, 400
Create session key
POST /v1/connect/sessions
Register a session key for a connect account. Session keys allow time-limited, scoped transaction signing without the primary key.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 201
Encode changeRootValidator callData
POST /v1/connect/validators/change-root
Returns ABI-encoded callData for Kernel.changeRootValidator(). Changes the default validation plugin. Wrap in a UserOp, sign, and relay via POST /relay.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201
Encode uninstallValidation callData
POST /v1/connect/validators/uninstall
Returns ABI-encoded callData for Kernel.uninstallValidation(). Wrap in a UserOp, sign, and relay via POST /relay.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201
Verify SIWE signature
POST /v1/connect/verify
Verify a Sign In With Ethereum (EIP-4361) message and signature. Returns a session token on success.
Auth: api-key
Request body:
| Campo | Tipo | Obrigatório | Descrição |
|---|
Respostas: 200, 201, 400