| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| README.md | < 22 hours ago | 1.6 kB | |
| v2.54.0 source code.tar.gz | < 22 hours ago | 2.3 MB | |
| v2.54.0 source code.zip | < 22 hours ago | 2.7 MB | |
| Totals: 3 Items | 5.0 MB | 0 | |
Added
feat(probable): unified Web3 authentication lifecycle (#1614). AddsgetAuthNonce,loginWithSignature,logout,isSessionActive, andverifyL1/verifyL2to the Probable exchange, with in-memory session storage on the base class, exposed through both SDKs.
Security
- Session credentials are never exposed over the network. [#1614] as submitted exposed
getSessionas an HTTP/RPC endpoint that returned the full session credential set (apiKey/apiSecret/passphrase) keyed by a public wallet address — on a shared/hosted deployment any caller could retrieve another user's trading secrets. Before landing,getSessionwas added toEXCLUDED_METHODSingenerate-openapi.js, so it is omitted frommethod-verbs.json, the OpenAPI spec, and the generated SDK clients; it remains an in-process helper only. The signature-gatedloginWithSignature(which returns the caller's own freshly minted credentials, only after they prove wallet ownership) and the booleanisSessionActiveremain available.
Installation
npm:
:::bash
npm install pmxtjs@2.54.0
npm install -g @pmxt/cli@2.54.0
PyPI:
:::bash
pip install pmxt==2.54.0
Links
Full Changelog: https://github.com/pmxt-dev/pmxt/compare/v2.53.1f...v2.54.0f