SignaturePreviewer
sec.signaturepreviewer
Security
planned
Spec started
frozen
Render a plain-English summary of every EIP-712 signature before the wallet shows the modal.
What it does
Render a plain-English summary of every EIP-712 signature before the wallet shows the modal.
Pipeline placement
runs after: Strategy OrderIntent and contract/permission checks
→
SignaturePreviewer
→
runs before: Wallet signing modal is shown to user
Applies to: Every EIP-712 signing request before user confirmation
Why it matters
| If this fails | Consequence |
|---|---|
| User signs a phishing or misrouted order without understanding it | Funds transferred to an unintended address or contract under user signature. |
| Domain separator not validated before display | A forged domain could cause a user to unknowingly sign for a different chain or contract. |
| Strategy deviates from declared envelope | User signs an order outside the parameters they approved at strategy setup. |
Inputs
Polymarket inputs
| Input | Source | Required | Use |
|---|---|---|---|
| EIP-712 typed data for pending order | clob_auth | required | Decode and display the full typed data in plain English. |
| Market metadata (name, outcomes, expiry) | gamma | required | Resolve token IDs to human-readable market names in the preview. |
Internal inputs
| Input | Source | Required | Use |
|---|---|---|---|
| Strategy declared envelope (side, size, price range) | StrategyConfig | required | Diff the pending order against the declared envelope; flag deviations. |
| KillSwitch active flag | KillSwitch | required | Block signing if kill switch is active. |
Authority
What this bot is permitted to do
Reject Pause
State
Readiness
Spec started
Status
planned
Class
Guardrail
Default mode
shadow_only
Developer owner
Polytraders core
Capital impact
Direct
Reason codes emitted
| Code | Severity | Meaning | Action |
|---|---|---|---|
| KILL_SWITCH_ACTIVE | HARD_REJECT | Global kill switch is active. | Immediately return DENY. |
| CONTRACT_GUARD_DOMAIN_MISMATCH | HARD_REJECT | EIP-712 domain version is not '2' or verifyingContract is not in V2 allow-list. | Return DENY; emit security alert. |
| SIGNATURE_ENVELOPE_BREACH | HARD_REJECT | Order parameters deviate more than 20% from strategy declared envelope. | Return DENY; display explanation to user. |
| SIGNATURE_ENVELOPE_WARN | WARN | Order deviates 10–20% from envelope. | Display warning in preview; allow user to proceed. |
| MARKET_UNRESOLVED | INFO | Gamma API unavailable; market name could not be resolved. | Show raw token ID with warning banner. |
Related bots in Security
Used by
Reverse index — strategies that currently reference sec.signaturepreviewer. If you change this bot's authority or reason codes, these strategies must re-pass shadow.
| Strategy | State | Activity |
|---|---|---|
| Fed Rates — surprise drift | frozen | last triggered 37m ago |
| AI Frontier — release-day taker | frozen | last triggered 44m ago |
Showing 2 of 2 · demo-wired ≠ production-live
Why this matters
Security bots does NOT propose or execute trades; only guards signing and wallet operations. Understanding the authority boundary prevents misuse and makes promotion-gate reviews faster and more reliable. View raw spec JSON →