秋田预测市场 · Discord 审计

API签名类型3验证逻辑错误未修复

2026-06-17 · Polymarket · 3 条相关讨论

Dr.abyss 2026-06-16 20:54:41

<@707597210845446214> POLY_1271 order rejected with balance: 6171 despite correct maker and sufficient balance SDK: <@1507887323474432153>/clob-client-v2 v1.0.6 Deposit wallet: 0xFf3a6bD3D9213Aba69E839CD84705757e5077744 EOA: 0xEF55f1b767515918e54ed2E7179aD458BDeD7464 signatureType: 3 (POLY_1271) Results: getBalanceAllowance() → $98.34 ✅ order.maker = 0xFf3a... (deposit wallet) ✅ order.signer = 0xFf3a... (deposit wallet) ✅ postOrder() → balance: 6171 ($0.006) ❌ Error: not enough balance / allowance: the balance is not enough -> balance: 6171, order amount: 9830000 balance: 6171 does not match deposit wallet ($98.34) or EOA (~$1.00). Can you check what balance scope is being used for order validation? Related: https://github.com/Polymarket/clob-client-v2/issues/65

<@707597210845446214> POLY_1271 order rejected with balance: 6171 despite correct maker and sufficient balance SDK: <@1507887323474432153>/clob-client-v2 v1.0.6 Deposit wallet: 0xFf3a6bD3D9213Aba69E839CD84705757e5077744 EOA: 0xEF55f1b767515918e54ed2E7179aD458BDeD7464 signatureType: 3 (POLY_1271) Results: getBalanceAllowance() → $98.34 ✅ order.maker = 0xFf3a... (deposit wallet) ✅ order.signer = 0xFf3a... (deposit wallet) ✅ postOrder() → balance: 6171 ($0.006) ❌ Error: not enough balance / allowance: the balance is not enough -> balance: 6171, order amount: 9830000 balance: 6171 does not match deposit wallet ($98.34) or EOA (~$1.00). Can you check what balance scope is being used for order validation? Related: https://github.com/Polymarket/clob-client-v2/issues/65

Anon 2026-06-16 23:56:43

Is there a server-side fix planned so signature_type=3 validates the API key against the EOA that controls the deposit wallet? GitHub issues #64, #70, #71, #344

Is there a server-side fix planned so signature_type=3 validates the API key against the EOA that controls the deposit wallet? GitHub issues #64, #70, #71, #344

Anon 2026-06-16 23:56:58

Is there a server-side fix planned so signature_type=3 validates the API key against the EOA that controls the deposit wallet?

Is there a server-side fix planned so signature_type=3 validates the API key against the EOA that controls the deposit wallet?