fix(sdk): auto-refresh chain hash and retry on 401 invalid signature#60
Open
kalyan02 wants to merge 1 commit into
Open
fix(sdk): auto-refresh chain hash and retry on 401 invalid signature#60kalyan02 wants to merge 1 commit into
kalyan02 wants to merge 1 commit into
Conversation
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
if the rollup is redeployed (new chain hash), clients signed against the old hash get 401s until they restart. add send_call_message which retries once after a schema refresh so the caller never has to handle this case. the retry path bypasses submit_tx_api_error so a second 401 returns ApiError rather than TransactionOutdated, preventing caller retry loops. all trading convenience methods (place/cancel/amend orders) now go through send_call_message. wasm sendCallMessage delegates to the same path.
kalyan02
force-pushed
the
kn/auto-refresh-chain-hash-on-401
branch
from
5470665 to
da176cf
Compare
0xtristan
approved these changes
May 13, 2026
Contributor
0xtristan
left a comment
0xtristan
left a comment
There was a problem hiding this comment.
Good idea - JS SDK has the same pattern
| // chain hash was refreshed; re-sign with the new hash and retry once. | ||
| // submit directly so a second 401 comes back as ApiError, not TransactionOutdated | ||
| let signed = | ||
| Transaction::builder().call_message(call_message).client(self).build()?; |
Contributor
There was a problem hiding this comment.
Does this automaticaly fetch the new schema/hash?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
When the rollup is redeployed with a new genesis state, the chain hash changes. Clients that started before the redeploy are signing transactions with the old hash — every tx fails with 401 until they restart.
Happened on mainnet today: rollup redeployed ~11:51 UTC, chain hash changed from
3718f342...→a14f50e6..., causing ~90 invalid_signature failures/s sustained for hours.What
Add
send_call_messageonClient: builds, signs, submits, and if the server returns 401 invalid-signature (schema already refreshed by existingsubmit_tx_api_errorlogic), re-signs with the new hash and retries once.The retry path submits directly (bypassing
submit_tx_api_error) so a second 401 returnsApiError, notTransactionOutdated— callers can't get stuck in a retry loop.All five trading convenience methods now go through
send_call_message. WASMsendCallMessagedelegates to the same path.Note
Medium Risk
Touches transaction signing/submission flow and changes the error behavior on 401 invalid signatures, which could impact all order-placement paths if the retry logic is wrong.
Overview
Adds
Client::send_call_messageto build+sign+submit aCallMessage, and on401 Invalid signatureautomatically refreshes the schema/chain hash, re-signs, and retries once (then surfaces a realApiErrorto avoid retry loops).Updates Rust trading convenience methods (
place_orders,cancel_*,amend_orders) and the WASMsendCallMessagewrapper to use this new resilient path instead of manually building aTransactionand callingsend_transaction.Reviewed by Cursor Bugbot for commit da176cf. Bugbot is set up for automated code reviews on this repo. Configure here.
Summary by cubic
Auto-refreshes the chain hash and retries once on 401 Invalid signature so clients keep working after a rollup redeploy without a restart. All trading calls now re-sign with the new hash via a safe path.
Client::send_call_messageto build, sign, submit, and on 401 refresh schema, re-sign, and retry once.submit_tx_api_errorso a second 401 returnsApiError(prevents retry loops).place_orders,cancel_*,amend_orders) and WASMsendCallMessageto use this path.Some(symbol)intoquery_open_orders.Written for commit da176cf. Summary will update on new commits.