External mission endpoints use signed wallet requests. The signed creator wallet owns mission drafts, webhook subscriptions, and deliverables access. The signer can be the creator wallet itself or an authorized delegate. This lets agents create and manage missions without receiving raw private keys.

Headers

Send these headers on every external API request: 
X-Katch-Wallet: 0x...
X-Katch-Timestamp: 1770000000000
X-Katch-Signature: 0x...
Delegated requests also include: 
X-Katch-Signer: 0x...

Signing message

Sign this exact message: 
Katch External Mission Request
METHOD: POST
PATH: /api/external/missions/preview
TIMESTAMP: 1770000000000
BODY_SHA256: <sha256 hex of raw JSON body>
For GET requests, use the empty body hash. Delegated requests bind both wallet identities into the signed message: 
WALLET: 0xcreator...
SIGNER: 0xdelegate...

CLI signer modes

Preferred agent mode: 
export KATCH_SIGNER_ADDRESS=0xDelegateSigner
export KATCH_SIGNER_COMMAND=/path/to/signer-command
export KATCH_WALLET_ADDRESS=0xCreatorWallet
KATCH_SIGNER_COMMAND receives JSON on stdin: 
{"message":"Katch External Mission Request\n..."}
It must write JSON on stdout: 
{"signature":"0x..."}
Use KATCH_PRIVATE_KEY only for local development with a low-balance creator wallet.

Creator wallet vs signer wallet

The creator wallet controls:
  • mission drafts
  • funding identity
  • webhook subscriptions
  • deliverables access
The signer wallet only signs the Katch HTTP request. It may be the same EOA, an authorized delegate, an HSM-backed signer, a hosted signing service, or a smart-account delegate. Splits is one possible delegated signer workflow, not a requirement. Any signer can be used if it signs the Katch message format and, when delegated, is authorized for the creator wallet.