RISE Logo-Light
RISE ChainRISExBuildersRISE WalletCookbook

Important Notes

Security best practices and important information

Important Notes

Signer Registration

  • One-time setup: Register signer once per account
  • Store securely: Keep the signingKey private and secure - it authorizes all transactions
  • Expiration: Signers expire after the expiration time (typically 7 days)
  • Re-registration: You may need to re-register if the signer expires

Permit Params

  • Required for all authenticated calls: Every API call that modifies state needs permit params
  • Bitmap-based nonces: Uses nonceAnchor (uint48 epoch) and nonceBitmap (uint8 bit index) for replay protection, allowing up to 256 concurrent valid nonces per epoch
  • Deadline: Typically set to 7 days from now
  • Signature: Must sign the VerifyWitness EIP-712 typed data with the signer's private key
  • Permissions: Signers can have granular permissions (All, Perps, Spot, MoveFund)

General

  • All amounts should be in wei format (18 decimals) for blockchain transactions
  • Timestamps should be Unix timestamps (seconds)
  • Signature generation follows EIP-712 standard
  • Deadline should be set appropriately (typically 7 days from now)

Security Best Practices

  • Never expose your signingKey in client-side code or public repositories
  • Store signing keys securely (use environment variables or secure storage)
  • Rotate signing keys periodically
  • Monitor for unauthorized transactions

Order Rate Limits

How per-address transaction quotas govern order placement on RISEx.

Deployments

RISEx contract deployment addresses

On this page

Important NotesSigner RegistrationPermit ParamsGeneralSecurity Best Practices