|
| 1 | +--- |
| 2 | +title: Nonce Management |
| 3 | +--- |
| 4 | + |
| 5 | +Normally, a wallet can call `eth_getTransactionCount` to get the next nonce to use for a transaction. |
| 6 | +However, since transactions sent to Flashbots Protect are potentially sensitive, even exposing the incremented nonce can leak information about the user's activity. |
| 7 | + |
| 8 | +As such, Flashbots Protect requires that all requests to `eth_getTransactionCount` be signed by the user when querying the `"pending"` nonce. |
| 9 | + |
| 10 | +To query the `"pending"` nonce, requests must be signed with the user's private key. This is done by sending a JSON-RPC request to the Flashbots Protect RPC endpoint with the following parameters: |
| 11 | + |
| 12 | +```json |
| 13 | +{ |
| 14 | + "jsonrpc": "2.0", |
| 15 | + "method": "eth_getTransactionCount", |
| 16 | + "params": [ |
| 17 | + "0xYOUR_ADDRESS", |
| 18 | + "pending" |
| 19 | + ], |
| 20 | + "id": 1 |
| 21 | +} |
| 22 | +``` |
| 23 | + |
| 24 | +The request is signed and the signature is included in the `X-Flashbots-Signature` header. |
| 25 | + |
| 26 | +### Authentication |
| 27 | + |
| 28 | +To authenticate your request, Flashbots endpoints require you to sign the payload and include the signed payload in the `X-Flashbots-Signature` header of your request. |
| 29 | + |
| 30 | +```curl |
| 31 | +curl -X POST -H "Content-Type: application/json" -H "X-Flashbots-Signature: <public key address>:<signature>" --data '{"jsonrpc":"2.0","method":"eth_getTransactionCount","params":["0xYOUR_ADDRESS","pending"],"id":1}' https://rpc.flashbots.net |
| 32 | +``` |
| 33 | + |
| 34 | +The private key of the address your want to query must be used to sign the payload. |
| 35 | + |
| 36 | +The signature is calculated by taking the [EIP-191](https://eips.ethereum.org/EIPS/eip-191) hash of the json body encoded as UTF-8 bytes. Here's an example using ethers.js: |
| 37 | + |
| 38 | +<Tabs |
| 39 | +defaultValue="ethers.js" |
| 40 | +values={[ |
| 41 | +{ label: 'ethers.js', value: 'ethers.js', }, |
| 42 | +{ label: 'web3.py', value: 'web3.py' }, |
| 43 | +{ label: 'go', value: 'go' }, |
| 44 | +]} |
| 45 | +> |
| 46 | +<TabItem value="ethers.js"> |
| 47 | + |
| 48 | +```ts |
| 49 | +import {Wallet, utils} from 'ethers'; |
| 50 | + |
| 51 | +const privateKey = '0x1234'; |
| 52 | +const wallet = new Wallet(privateKey); |
| 53 | +const body = |
| 54 | + '{"jsonrpc":"2.0","method":"eth_getTransactionCount","params":["0xYOUR_ADDRESS","pending"],"id":1}'; |
| 55 | +const signature = wallet.address + ':' + wallet.signMessage(utils.id(body)); |
| 56 | +``` |
| 57 | + |
| 58 | +</TabItem> |
| 59 | +<TabItem value="web3.py"> |
| 60 | + |
| 61 | +```py |
| 62 | +from web3 import Web3 |
| 63 | +from eth_account import Account, messages |
| 64 | + |
| 65 | +body = '{"jsonrpc":"2.0","method":"eth_getTransactionCount","params":["0xYOUR_ADDRESS","pending"],"id":1}' |
| 66 | +message = messages.encode_defunct(text=Web3.keccak(text=body).hex()) |
| 67 | +signature = Account.from_key(private_key).address + ':' + Account.sign_message(message, private_key).signature.hex() |
| 68 | +``` |
| 69 | + |
| 70 | +</TabItem> |
| 71 | +<TabItem value="go"> |
| 72 | + |
| 73 | +```go |
| 74 | +body := `{"jsonrpc":"2.0","method":"eth_getTransactionCount","params":["0xYOUR_ADDRESS","pending"],"id":1}` |
| 75 | +hashedBody := crypto.Keccak256Hash([]byte(body)).Hex() |
| 76 | +sig, err := crypto.Sign(accounts.TextHash([]byte(hashedBody)), privKey) |
| 77 | +signature := crypto.PubkeyToAddress(privKey.PublicKey).Hex() + ":" + hexutil.Encode(sig) |
| 78 | +``` |
| 79 | + |
| 80 | +</TabItem> |
| 81 | +</Tabs> |
| 82 | + |
0 commit comments