Setup
Prerequisites
Section titled “Prerequisites”Before setting up the signing server, ensure you have:
- Bun runtime >= 1.3.x
- Polymarket API credentials (key, secret, passphrase)
- Builder Program access (optional, but required for rebates)
Installing Bun
Section titled “Installing Bun”If you don’t have Bun installed, please follow the instructions here
# Check installationbun --versionInstallation
Section titled “Installation”Clone the Repository
Section titled “Clone the Repository”git clone https://github.com/roushou/polys.gitcd polys/apps/serverInstall Dependencies
Section titled “Install Dependencies”bun installConfiguration
Section titled “Configuration”Environment Variables
Section titled “Environment Variables”The signing server uses environment variables for configuration. Create a .env file:
cp .env.example .envEdit the .env file with your credentials:
# Required - Polymarket API CredentialsPOLYS_POLYMARKET_API_KEY=your_api_keyPOLYS_POLYMARKET_SECRET=your_base64_secretPOLYS_POLYMARKET_PASSPHRASE=your_passphrase
# Required - Server Authentication (comma-separated list)POLYS_API_TOKENS=token1,token2,token3
# Optional - Server ConfigurationPOLYS_SERVER_HOSTNAME=127.0.0.1POLYS_SERVER_PORT=8080Configuration Details
Section titled “Configuration Details”Required Variables
Section titled “Required Variables”POLYS_POLYMARKET_API_KEY
- Your Polymarket API key
- Obtained from the Polymarket builder dashboard
- Used for signing order requests
POLYS_POLYMARKET_SECRET
- Your Polymarket API secret (Base64 encoded)
- Keep this extremely secure
- Used for HMAC-SHA256 signature generation
POLYS_POLYMARKET_PASSPHRASE
- Your Polymarket API passphrase
- Set when creating your API credentials
POLYS_API_TOKENS
- Comma-separated list of bearer tokens for authenticating requests to the signing server
- Clients must include one of these tokens in the
Authorizationheader - Supports multiple tokens for token rotation or multiple clients
Optional Variables
Section titled “Optional Variables”POLYS_SERVER_HOSTNAME
- Server hostname or IP address
- Default:
127.0.0.1(localhost) - Use
0.0.0.0to listen on all interfaces
POLYS_SERVER_PORT
- Server port number
- Default:
8080 - Choose an available port on your system
Generating Secure API Tokens
Section titled “Generating Secure API Tokens”Generate cryptographically secure API tokens:
# Using OpenSSL (recommended)openssl rand -base64 32
# Using Bunbun -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
# Using Node.jsnode -e "console.log(require('crypto').randomBytes(32).toString('base64'))"You can generate multiple tokens and add them to POLYS_API_TOKENS as a comma-separated list:
POLYS_API_TOKENS=token1_here,token2_here,token3_hereThis allows you to:
- Rotate tokens without downtime (add new token, update clients, remove old token)
- Issue different tokens for different clients or environments
- Revoke individual tokens without affecting others
Verification
Section titled “Verification”Test the Configuration
Section titled “Test the Configuration”Start the server in development mode:
bun run devYou should see output indicating the server is running:
Server running at http://127.0.0.1:8080Test the Health Endpoint
Section titled “Test the Health Endpoint”Check if the server is responding:
curl http://127.0.0.1:8080/healthExpected response:
{"status":"ok"}Next Steps
Section titled “Next Steps”Now that your signing server is configured:
- Deploy to Production - Choose a deployment method
- Configure Your Client - Integrate with your application
- Troubleshooting - Solve common issues
Common Issues
Section titled “Common Issues”Port Already in Use
Section titled “Port Already in Use”If port 8080 is already in use:
# Change the port in .envPOLYS_SERVER_PORT=5000See Also
Section titled “See Also”- Overview - Learn about order attribution
- Deployment - Deploy to production
- Getting Started Guide - Polys basics