SessionKeyManager
sec.sessionkeymanager
Security
planned
Spec started
frozen
flagship
Issue, scope, and expire short-lived session keys so strategies can sign without re-prompting on every order.
What it does
Issue, scope, and expire short-lived session keys so strategies can sign without re-prompting on every order.
Pipeline placement
runs after: User authorisation grant
→
SessionKeyManager
→
runs before: Any strategy signing action
Applies to: All active session keys per user and strategy
Why it matters
| If this fails | Consequence |
|---|---|
| Session key never expires | A compromised key allows unlimited signing indefinitely without re-authorisation. |
| Key scope not strategy-bound | A key issued for one strategy could sign orders for another, violating least-privilege. |
| No emergency revocation path | A stolen key cannot be neutralised quickly, extending the attack window. |
Inputs
Polymarket inputs
| Input | Source | Required | Use |
|---|---|---|---|
| ClobAuth session token for V2 API | clob_auth | required | Bind the session key to the V2 ClobAuth domain for order signing. |
Internal inputs
| Input | Source | Required | Use |
|---|---|---|---|
| User-granted session scope (strategy, methods, max size) | Admin UI | required | Define the scope of each issued session key. |
| KillSwitch active flag | KillSwitch | required | Revoke all session keys immediately if kill switch is active. |
Authority
What this bot is permitted to do
Reject Pause
State
Readiness
Spec started
Status
planned
Class
Guardrail
Default mode
shadow_only
Developer owner
Polytraders core
Capital impact
Direct
Reason codes emitted
| Code | Severity | Meaning | Action |
|---|---|---|---|
| KILL_SWITCH_ACTIVE | HARD_REJECT | Global kill switch is active; all sessions revoked. | Immediately return DENY and revoke all sessions. |
| SESSION_KEY_EXPIRED | HARD_REJECT | Session key has exceeded lifetime, call budget, or idle timeout. | Return DENY; prompt user to re-authorise. |
| SESSION_BUDGET_WARN | WARN | Session call count exceeds 80% of max_calls_per_session. | Emit warn; notify user to prepare re-authorisation. |
| SESSION_EXPIRY_WARN | WARN | Session age exceeds 75% of max_session_lifetime_h. | Emit warn; notify user. |
| SESSION_ISSUED | INFO | New session key issued successfully. | Log issuance event. |
Related bots in Security
Used by
Reverse index — strategies that currently reference sec.sessionkeymanager. If you change this bot's authority or reason codes, these strategies must re-pass shadow.
| Strategy | State | Activity |
|---|---|---|
| NBA H2H — moneyline market-make | demo-wired | last triggered 47m ago |
| US Elections — sentiment fade | demo-wired | last triggered 7m ago |
| BTC weekly — close-aware quotes | demo-wired | last triggered 14m ago |
Showing 3 of 3 · demo-wired ≠ production-live
Why this matters
Security bots does NOT propose or execute trades; only guards signing and wallet operations. Understanding the authority boundary prevents misuse and makes promotion-gate reviews faster and more reliable. View raw spec JSON →