> ## Documentation Index
> Fetch the complete documentation index at: https://developers.circle.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create a challenge to sign message

> Generates a challenge for signing a message from a specified user-controlled wallet. This endpoint supports Ethereum-based blockchains (using EIP-191), Solana and Aptos (using Ed25519 signatures). Note that Smart Contract Accounts (SCA) are specific to Ethereum and EVM-compatible chains. The difference between Ethereum's EOA and SCA can be found in the [account types guide](https://developers.circle.com/wallets/account-types). You can also check the list of Ethereum Dapps that support SCA: https://eip1271.io/.

To identify the wallet, you must provide either `walletId`, or both `walletAddress` and `blockchain` in the request body.




## OpenAPI

````yaml openapi/user-controlled-wallets.yaml post /v1/w3s/user/sign/message
openapi: 3.0.3
info:
  version: '1.0'
  title: User-Controlled Wallets
  description: User-Controlled Wallets API documentation.
servers:
  - url: https://api.circle.com
security:
  - BearerAuth: []
tags:
  - name: Social/ Email Authentication
  - name: PIN Authentication
  - name: Users
  - name: Wallets
  - name: Transactions
  - name: Token Lookup
  - name: Signing
paths:
  /v1/w3s/user/sign/message:
    post:
      tags:
        - Signing
      summary: Create a challenge to sign message
      description: >
        Generates a challenge for signing a message from a specified
        user-controlled wallet. This endpoint supports Ethereum-based
        blockchains (using EIP-191), Solana and Aptos (using Ed25519
        signatures). Note that Smart Contract Accounts (SCA) are specific to
        Ethereum and EVM-compatible chains. The difference between Ethereum's
        EOA and SCA can be found in the [account types
        guide](https://developers.circle.com/wallets/account-types). You can
        also check the list of Ethereum Dapps that support SCA:
        https://eip1271.io/.


        To identify the wallet, you must provide either `walletId`, or both
        `walletAddress` and `blockchain` in the request body.
      operationId: signUserMessage
      parameters:
        - $ref: '#/components/parameters/XUserToken'
        - $ref: '#/components/parameters/XRequestId'
      requestBody:
        $ref: '#/components/requestBodies/SignMessage'
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Signature'
          description: Signature already exists
          headers:
            X-Request-Id:
              $ref: '#/components/headers/XRequestId'
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Signature'
          description: Signature created
          headers:
            X-Request-Id:
              $ref: '#/components/headers/XRequestId'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/NotAuthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      security:
        - BearerAuth: []
components:
  parameters:
    XUserToken:
      name: X-User-Token
      description: Unique system generated JWT session token for specific user.
      required: true
      in: header
      schema:
        type: string
    XRequestId:
      name: X-Request-Id
      in: header
      description: >
        Developer-provided identifier for this request, used for tracing
        requests in Wallets API logs and the Developer Console, and when
        communicating with Circle Support.

        **Must be a UUID to appear in logs.** Non-UUID values are accepted by
        the API but are ignored by logging and tracing systems.
      schema:
        $ref: '#/components/schemas/XRequestId'
  requestBodies:
    SignMessage:
      content:
        application/json:
          schema:
            title: SignMessageRequest
            type: object
            required:
              - message
            properties:
              walletId:
                $ref: '#/components/schemas/Id'
              blockchain:
                $ref: '#/components/schemas/Blockchain'
              walletAddress:
                $ref: '#/components/schemas/Address'
              encodedByHex:
                $ref: '#/components/schemas/EncodedByHex'
              message:
                $ref: '#/components/schemas/Message'
              memo:
                $ref: '#/components/schemas/Memo'
      required: true
      description: Sign message for end user request
  schemas:
    Signature:
      title: SignatureResponse
      type: object
      required:
        - data
      properties:
        data:
          type: object
          required:
            - challengeId
          properties:
            challengeId:
              $ref: '#/components/schemas/ChallengeId'
    XRequestId:
      type: string
      format: uuid
      description: >-
        A unique identifier, which can be helpful for identifying a request when
        communicating with Circle support.
      example: 2adba88e-9d63-44bc-b975-9b6ae3440dde
    Id:
      type: string
      format: uuid
      description: System-generated unique identifier of the resource.
      example: c4d1da72-111e-4d52-bdbf-2e74a2d803d5
    Blockchain:
      type: string
      description: >-
        The blockchain network that the resource is to be created on or is
        currently on.
      enum:
        - ETH
        - ETH-SEPOLIA
        - AVAX
        - AVAX-FUJI
        - MATIC
        - MATIC-AMOY
        - SOL
        - SOL-DEVNET
        - ARB
        - ARB-SEPOLIA
        - NEAR
        - NEAR-TESTNET
        - EVM
        - EVM-TESTNET
        - UNI
        - UNI-SEPOLIA
        - BASE
        - BASE-SEPOLIA
        - OP
        - OP-SEPOLIA
        - APTOS
        - APTOS-TESTNET
        - ARC-TESTNET
        - MONAD
        - MONAD-TESTNET
      example: MATIC-AMOY
    Address:
      title: Address
      description: >
        Blockchain generated unique identifier, associated with wallet
        (account), smart contract or other blockchain objects.
      type: string
      example: '0xca9142d0b9804ef5e239d3bc1c7aa0d1c74e7350'
    EncodedByHex:
      type: boolean
      description: >-
        Indicator of whether the input message is encoded by hex. If TRUE, then
        the message should be a hex string. By default, it is False.
      example: false
    Message:
      type: string
      description: >-
        The user friendly message that needs to be signed. If it is a hex
        string, encodedByHex needs to be TRUE. The hex string should start with
        “0x” and have even length.
      example: I agree with this transfer
    Memo:
      type: string
      description: >-
        The human readable explanation for this sign action. Useful for
        presenting with extra information.
      example: Transfer USDC to Sam
    ChallengeId:
      type: string
      format: uuid
      description: >-
        Unique system generated identifier used to initiate a user challenge
        flow.
      example: c4d1da72-111e-4d52-bdbf-2e74a2d803d5
  headers:
    XRequestId:
      description: >
        Developer-provided header parameter or Circle-generated universally
        unique identifier (UUID v4). Useful for identifying a specific request
        when communicating with Circle Support.
      schema:
        $ref: '#/components/schemas/XRequestId'
  responses:
    BadRequest:
      content:
        application/json:
          schema:
            type: object
            title: BadRequestResponse
            required:
              - code
              - message
            properties:
              code:
                type: integer
                description: Code that corresponds to the error.
              message:
                type: string
                description: Message that describes the error.
            example:
              code: 400
              message: Bad request.
      description: Request cannot be processed due to a client error.
      headers:
        X-Request-Id:
          $ref: '#/components/headers/XRequestId'
    NotAuthorized:
      content:
        application/json:
          schema:
            type: object
            title: NotAuthorizedResponse
            required:
              - code
              - message
            properties:
              code:
                type: integer
                description: Code that corresponds to the error.
              message:
                type: string
                description: Message that describes the error.
            example:
              code: 401
              message: Malformed authorization.
      description: >-
        Request has not been applied because it lacks valid authentication
        credentials.
      headers:
        X-Request-Id:
          $ref: '#/components/headers/XRequestId'
    NotFound:
      content:
        application/json:
          schema:
            type: object
            title: NotFoundResponse
            required:
              - code
              - message
            properties:
              code:
                type: integer
                description: Code that corresponds to the error.
              message:
                type: string
                description: Message that describes the error.
            example:
              code: 404
              message: Not found.
      description: Specified resource was not found.
      headers:
        X-Request-Id:
          $ref: '#/components/headers/XRequestId'
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: PREFIX:ID:SECRET
      description: >-
        Circle's API Keys are formatted in the following structure
        "PREFIX:ID:SECRET". All three parts are required to make a successful
        request.

````