> ## Documentation Index
> Fetch the complete documentation index at: https://docs.byzantine.fi/llms.txt
> Use this file to discover all available pages before exploring further.

# Sign payload

> Sign a payload allowing Byzantine to make, execute and sponsor the transaction.



## OpenAPI

````yaml /api-reference/openapi-integrator.json post /v1/submit/sign-payload-passkey
openapi: 3.0.3
info:
  title: Byzantine Integrator API
  description: Byzantine REST API for integrators.
  license:
    name: ''
  version: 0.2.0
servers:
  - url: https://sandbox.api.byzantine.fi
    description: Sandbox
security: []
tags:
  - name: API health
    description: Check API status.
  - name: Customer management
    description: Endpoints to create, update, and retrieve customer information.
  - name: Account management
    description: Endpoints to manage accounts, bank accounts, invitations, and user roles.
  - name: Products
    description: Endpoints to get data about products and vaults.
  - name: Transactions
    description: Endpoints to create and manage transactions.
  - name: OTP authentication
    description: Endpoints to initialize and manage user authentication with OTP.
  - name: Webhooks
    description: Integrator-managed outbound webhook subscriptions and delivery history.
paths:
  /v1/submit/sign-payload-passkey:
    post:
      tags:
        - Transactions
      summary: Sign payload
      description: >-
        Sign a payload allowing Byzantine to make, execute and sponsor the
        transaction.
      operationId: sign_payload_passkey
      parameters:
        - name: X-Pubkey
          in: header
          description: >-
            Integrator's ECDSA public key (P-256 curve, compressed SEC1 format).
            Example:
            0x038fedef7c12f93bbf342ad8943b7a825a3b41f61c9dc118b2c718efebabbf62fd
          required: true
          schema:
            type: string
        - name: X-Timestamp
          in: header
          description: >-
            Unix timestamp in seconds (UTC). Must be within tolerance window (1
            minute) to prevent replay attacks. Example: 1760375826
          required: true
          schema:
            type: string
        - name: X-Signature
          in: header
          description: >-
            ECDSA signature (DER-encoded, hex with 0x prefix). Signs the
            message: {timestamp}{METHOD}{path_and_query}{json_body}. Example:
            0x3045022100...
          required: true
          schema:
            type: string
        - name: chain_id
          in: query
          description: Chain ID (1 for Ethereum, 8453 for Base)
          required: true
          schema:
            type: integer
            format: int32
            minimum: 0
      requestBody:
        description: The payload body details signed by the user - passkey auth
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SignPayloadRequestBodyPasskey'
        required: true
      responses:
        '200':
          description: Transaction sent successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SendTransactionResponseBody'
        '400':
          description: Invalid chain ID
      security:
        - integrator_auth: []
components:
  schemas:
    SignPayloadRequestBodyPasskey:
      type: object
      required:
        - signedBody
        - transactionId
        - webAuthnStamp
      properties:
        signedBody:
          $ref: '#/components/schemas/SignedBody'
        transactionId:
          $ref: '#/components/schemas/Uuid'
        webAuthnStamp:
          type: string
          description: >-
            Cryptographically passkey signed (stamped). For more info, see
            [authentication
            methods](https://docs.byzantine.fi/api-reference/authentication-methods).
    SendTransactionResponseBody:
      type: object
      required:
        - transactionId
        - status
      properties:
        transactionId:
          $ref: '#/components/schemas/Uuid'
        status:
          $ref: '#/components/schemas/TransactionStatus'
        broadcastedAt:
          type: string
          format: date-time
          description: Exact timestamp when the transaction was broadcasted on-chain.
          example: '2025-11-19T21:16:02.894Z'
          nullable: true
        transactionHash:
          type: string
          description: >-
            The on-chain transaction hash. Available immediately after broadcast
            - poll

            RPC's `eth_getTransactionReceipt` to get the full receipt.
          nullable: true
        fiatDepositInstructions:
          allOf:
            - $ref: '#/components/schemas/SourceDepositInstructions'
          nullable: true
        destinationBankAccount:
          allOf:
            - $ref: '#/components/schemas/BankAccount'
          nullable: true
    SignedBody:
      oneOf:
        - $ref: '#/components/schemas/SignRawPayloadRequest'
        - $ref: '#/components/schemas/SignRawPayloadsRequest'
      description: >-
        Accepts either a single-payload or a multi-payload request Turnkey
        request
    Uuid:
      type: string
      format: uuid
      description: A UUID string
      example: 550e8400-e29b-41d4-a716-446655440000
    TransactionStatus:
      type: string
      description: The current status of the transaction.
      enum:
        - created
        - waiting_for_funds
        - funds_in_transfer
        - funds_received
        - processing
        - completed
        - simulation_failed
        - reverted
      example: completed
    SourceDepositInstructions:
      type: object
      required:
        - currency
        - bankName
        - bankAddress
        - paymentRails
        - bankBeneficiaryName
      properties:
        currency:
          $ref: '#/components/schemas/Currency'
        expectedDepositAmount:
          allOf:
            - $ref: '#/components/schemas/Decimal'
          nullable: true
        bankName:
          type: string
          description: The name of the beneficiary bank.
          example: Lead Bank
        bankAddress:
          type: string
          description: The address of the beneficiary bank.
          example: 1801 Main St., Kansas City, MO 64108
        paymentRails:
          type: array
          items:
            $ref: '#/components/schemas/PaymentRailVirtualAccount'
        bankBeneficiaryName:
          type: string
          description: >-
            The name of the beneficiary. Either first and last name, or a
            business name.
          example: John Smith
        bankBeneficiaryAddress:
          type: string
          description: The address of the beneficiary.
          example: 1234 Main St., Kansas City, MO 64108
        bankAccountNumber:
          type: string
          description: In case of a USD deposit, the bank account number to deposit to.
          example: '1234567890'
          nullable: true
        bankRoutingNumber:
          type: string
          description: In case of a USD deposit, the ban routing number to deposit to.
          example: '87654321'
          nullable: true
        iban:
          type: string
          description: In case of a EUR deposit, the IBAN to deposit to.
          example: FR12345678901234567890
          nullable: true
        bic:
          type: string
          description: In case of a EUR deposit, the BIC to deposit to.
          example: BICFR12345
          nullable: true
    BankAccount:
      oneOf:
        - $ref: '#/components/schemas/BridgeGetIbanAccountDetails'
        - $ref: '#/components/schemas/BridgeGetAchAccountDetails'
      description: >-
        Bank account details where the funds will be transferred to (withdrawals
        only).
    SignRawPayloadRequest:
      type: object
      description: >-
        The object that needs to be signed by the end user to make a
        transaction.
      required:
        - type
        - timestampMs
        - organizationId
        - parameters
      properties:
        type:
          type: string
          description: Defaults to `ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2`
          example: ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2
        timestampMs:
          type: string
          description: UNIX timestamp of the creation of the transaction.
        organizationId:
          type: string
          description: The account ID making the transaction.
        parameters:
          $ref: '#/components/schemas/SignRawPayloadParams'
    SignRawPayloadsRequest:
      type: object
      description: >-
        The object that needs to be signed by the end user to make a batch of
        transactions.
      required:
        - type
        - timestampMs
        - organizationId
        - parameters
      properties:
        type:
          type: string
          description: Defaults to `ACTIVITY_TYPE_SIGN_RAW_PAYLOADS`.
          example: ACTIVITY_TYPE_SIGN_RAW_PAYLOADS
        timestampMs:
          type: string
          description: UNIX timestamp of the creation of the transaction.
        organizationId:
          type: string
          description: The account ID making the transaction.
        parameters:
          $ref: '#/components/schemas/SignRawPayloadsParams'
    Currency:
      type: string
      enum:
        - usd
        - eur
        - usdc
        - eurc
    Decimal:
      type: string
      description: A high-precision decimal number represented as a string
      example: '123.456789'
    PaymentRailVirtualAccount:
      type: string
      enum:
        - achPush
        - pix
        - sepa
        - spei
        - wire
    BridgeGetIbanAccountDetails:
      type: object
      description: IBAN bank account informations
      required:
        - country
        - last4
      properties:
        country:
          type: string
          description: >-
            The ISO 3166-1 (three-character) country code of the relevant
            country. See the full list of
            [countries](https://docs.byzantine.fi/api-reference/lists/countries).
          example: FRA
        last4:
          type: string
          description: Last 4 digits of the bank account number
          example: '0804'
        bic:
          type: string
          description: The Bank Identifier Code (BIC) that will be used to send the funds
          example: BICFR12345
          nullable: true
    BridgeGetAchAccountDetails:
      type: object
      description: ACH bank account informations
      required:
        - routingNumber
        - last4
      properties:
        routingNumber:
          type: string
          description: The bank routing number.
          example: '121000248'
        last4:
          type: string
          description: Last 4 digits of the bank account number.
          example: '1111'
        checkingOrSavings:
          allOf:
            - $ref: '#/components/schemas/CheckingOrSavings'
          nullable: true
    SignRawPayloadParams:
      type: object
      description: >-
        The parameters object containing the specific intent data for this
        transaction.
      required:
        - signWith
        - payload
        - encoding
        - hashFunction
      properties:
        signWith:
          type: string
          description: >-
            A Wallet account address, Private Key address, or Private Key
            identifier.
        payload:
          type: string
          description: Raw unsigned payload to be signed.
        encoding:
          type: string
          description: >-
            How the payload is encoded: `PAYLOAD_ENCODING_HEXADECIMAL` or
            `PAYLOAD_ENCODING_EIP7702_AUTHORIZATION`
          example: PAYLOAD_ENCODING_HEXADECIMAL
        hashFunction:
          type: string
          description: >-
            Rather Turnkey should hash the message or not: `HASH_FUNCTION_NO_OP`
            or `HASH_FUNCTION_KECCAK256`
          example: HASH_FUNCTION_NO_OP
    SignRawPayloadsParams:
      type: object
      description: >-
        The parameters object containing the specific intent data for this batch
        of transactions.
      required:
        - signWith
        - payloads
        - encoding
        - hashFunction
      properties:
        signWith:
          type: string
          description: >-
            A Wallet account address, Private Key address, or Private Key
            identifier.
        payloads:
          type: array
          items:
            type: string
          description: An array of raw unsigned payloads to be signed.
        encoding:
          type: string
          description: >-
            How the payload is encoded: `PAYLOAD_ENCODING_HEXADECIMAL` or
            `PAYLOAD_ENCODING_EIP7702_AUTHORIZATION`
          example: PAYLOAD_ENCODING_HEXADECIMAL
        hashFunction:
          type: string
          description: >-
            Rather Turnkey should hash the message or not: `HASH_FUNCTION_NO_OP`
            or `HASH_FUNCTION_KECCAK256`
          example: HASH_FUNCTION_NO_OP
    CheckingOrSavings:
      type: string
      enum:
        - checking
        - savings
        - unknown
  securitySchemes:
    integrator_auth:
      type: apiKey
      in: header
      name: X-Pubkey, X-Timestamp, X-Signature

````