API reference
Base URL https://api-wallet.iamgame.com/v1. Auth is a bearer token: a publishable key (pk_) for public flows, a secret key (sk_) for server-to-server, or a player’s session token (user) for wallet actions. All bodies are JSON; errors use a shared envelope (see Errors).
Auth
POST
/auth/siws/challenge
Start a Sign-In-With-Solana challenge · pk_
POST
/auth/siws/verify
Verify a signed challenge → session · pk_
POST
/auth/telegram/verify
Verify Telegram Mini App init data → session · pk_
POST
/auth/email/initiate
Email a one-time code to the address · pk_
POST
/auth/email/verify
Verify email + code → session · pk_
POST
/auth/refresh
Exchange a refresh token for a new session · —
POST
/auth/logout
Revoke a refresh token · —
GET
/me
The signed-in user + their wallets · user
Sessions (relying-party verification)
POST
/sessions/verify
Verify a player's session token → canonical identity · sk_
Wallets
GET
/wallets/:id/balance
SOL + SPL token balances · user
POST
/wallets/:id/withdraw
Withdraw SOL/SPL to an address (if allowed) · user
GET
/wallets/:id/export/preflight
Whether export is permitted · user
POST
/wallets/:id/export
Self-custody export (if allowed) · user
Ledger (server-to-server)
All ledger routes require an sk_. Amounts are integer base-unit strings.
POST
/ledger/sessions
Open a session with a lock · sk_
POST
/ledger/bet
Place a bet (idempotent on transactionUuid) · sk_
POST
/ledger/win
Credit a win (references its bet) · sk_
POST
/ledger/rollback
Reverse a bet (remembered if unseen) · sk_
POST
/ledger/balance
Current session balance · sk_
POST
/ledger/settle
Settle the session, net payout · sk_
GET
/ledger/reconcile
Off-chain integrity report (200 ok / 409 discrepancies) · sk_
Example
bash
curl -X POST https://api-wallet.iamgame.com/v1/sessions/verify \
-H "authorization: Bearer $SK" \
-H "content-type: application/json" \
-d '{ "sessionToken": "lsess_…" }'