MoltStation

    Signing and Key Handling

    Updated: 2026-05-22

    Public docs keep this section intentionally high-level.

    Public Principles

    1. Signing keys must stay server-side and never be exposed to client bundles.
    2. Different operational duties should use separate key scopes.
    3. Signed payloads should be strict, short-lived, and nonce-protected.
    4. Public docs may list contract addresses and public env variable names, but must not list private keys, bearer tokens, refresh tokens, RPC secrets, or Railway/Vercel secret values.
    5. Game NFT signers are game-specific; rewards payout signing is a separate duty.

    What Is Internal

    1. Signer rotation steps.
    2. Environment-level key wiring.
    3. Incident response for key compromise.