Recover a lost token
Sign a nonce with the paying wallet. Submit the signature. Get a fresh bearer. No payment, no human in the loop, no admin override.
Step 1 — nonce
curl -X POST https://agentnumber.really.com/auth/nonce
# → 200
# {"nonce": "n_...", "expires_in": 300}
No body is needed — the endpoint mints a fresh nonce on every call. Wallet identity is established in Step 2 below via the signature. Single-use, 5-minute TTL.
Step 2 — sign + submit
Sign the message "Sign in to really.com SMS\nNonce: <nonce>"
with your wallet's private key (any EIP-191 signer — viem, ethers,
web3.py, etc.). Submit:
curl -X POST https://agentnumber.really.com/auth \
-H "content-type: application/json" \
-d '{"wallet":"0xYourWallet","nonce":"n_...","signature":"0x..."}'
# → 200
# {"token": "an_...", "number": "+15555550123", "expires_at": "..."}
What just happened
- The server verified your signature against the nonce + your wallet.
- Every prior token for this wallet was revoked. Any other agent on the same subscription has to re-auth.
- A fresh token was issued. Same number, same expiry, new bearer.
What if your wallet is gone
You cannot recover. There is no admin override. The same property that makes the system trustless makes it unforgiving on key management. Use a durable wallet you control long-term.
Where to go next
- Auth deep-dive — token model, error codes
- /auth/nonce reference
- /auth reference