Skip to main content

Overview

OrdsBot uses a two-layer wallet architecture:
  1. Sign-in wallet — Xverse, Unisat, or Leather — used to authenticate via BIP-322 message signing
  2. Bidding keys — derived in-memory from your seed phrase, used by the bot to sign bid messages
These are typically from the same seed phrase but can be different addresses.

Authentication (BIP-322)

When you connect your wallet, OrdsBot follows a challenge-response flow: 
1. Your browser requests a challenge for your Bitcoin address
2. OrdsBot returns a unique challenge string (expires in 5 minutes)
3. You sign the challenge with your wallet
4. OrdsBot verifies the signature and creates a session
Your session is tied to your Bitcoin address — no username or password required.

Key Derivation

The bidding bot requires keys in server memory to sign Satflow bid messages. These are derived from your seed phrase using standard Bitcoin derivation paths:
KeyPathPurpose
Payment keyBIP84 (m/84’/0’/0’/0/0)Signs bid messages, receives payments
Ordinals keyBIP86 (m/86’/0’/0’/0/0)Taproot key for inscriptions
All key derivation happens locally in your browser — your seed phrase never leaves your device. Only the private signing keys are sent to the bot’s server memory so the worker can sign bids automatically. Keys are never written to disk or the database. If the server restarts, you need to re-derive — you will see a “Waiting for wallet keys” warning on your tasks.

What the bot uses your keys for

  • Signing the Satflow bid message string: 
    <payment_addr>:<payment_pubkey>:<token_receive_addr>:<price>:<quantity>:<expiry>:<slug>:<timestamp>
  • Signing PSBTs for auto-listing inscriptions (Taproot Schnorr signatures)

Bidding Wallet (Multi-sig)

Satflow uses a bidding wallet model where your bid collateral is held in a 2-of-2 or 2-of-3 multi-sig address. This is displayed in Settings after you derive your wallet. Fund this address to activate bidding.

Security Notes

  • The bot only needs your seed phrase once per server session
  • Sessions use secure, signed tokens stored in server memory
  • There is no password recovery — if you lose your seed phrase, you lose your wallet