Revoke API key
Revoke (remove) an existing API key.
personal_sign signature over the canonical revoke message, produced with the wallet that owns address (the same wallet that originally signed the matching createApiKey). The gateway recovers the signer with ecrecover and rejects mismatches with HTTP 401. This endpoint does not require an X-API-Key header so the owner can still revoke a key that has been lost or compromised.
Signing the request
Identical tocreateApiKey — use the wallet’s standard personal_sign API; the wallet handles the EIP-191 prefix automatically, you do not need to construct it yourself. The only difference is the canonical message does not include validUntil (revoke applies regardless of the key’s remaining lifetime):
{r, s, v} for the request body:
Canonical message format
address. Revokes signed by any wallet other than the original creator are rejected.Body
Ethereum address that owns the API key to revoke.
^(0x|0X)?[0-9a-fA-F]{40}$"0x742d35cc6634c0532925a3b844bc9e7595f2bd18"
Hex-encoded Ed25519 public key that identifies the API key to revoke.
64^[0-9a-fA-F]{64}$"a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2"
Name of the API wallet (included in the signing message, must match createAPIKey).
1 - 64"Arcus"
EIP-191 personal_sign signature (r, s, v) produced by the wallet that owns address — must be the same wallet that originally signed the matching createApiKey. See the POST /v1/revokeApiKey endpoint description for the full client-side signing recipe (canonical message, wallet API examples). Requests where the recovered signer does not equal address are rejected with HTTP 401.
Response
API key revocation accepted and dispatched to the matching engine.
API key (hex string) that was revoked.
20-byte EVM address as hex: optional 0x or 0X prefix and exactly 40 hexadecimal digits. API responses normalize to lowercase a–f after 0x.
^(0x|0X)?[0-9a-fA-F]{40}$Revocation timestamp (epoch microseconds).
Account index for this API key.
0 <= x <= 9