Direct HMAC Expiry auth pattern — bybit, bitmex, and htx/huobi families.
Signs "GET/realtime{expires}" with HMAC-SHA256, encodes the signature
as hex (default) or base64, and wraps in an op: "auth" frame.
Example Frame (bybit)
%{
"op" => "auth",
"args" => ["apiKey123", 1699999999999, "signature_hex"]
}Config
| Key | Default | Purpose |
|---|---|---|
:expires_offset_ms | 10_000 | Window added to current timestamp_ms |
:encoding | :hex | :hex or :base64 signature encoding |
:op_field | "op" | Top-level field name (some variants use "type") |
:op_value | "auth" | Top-level field value |
:timestamp_ms_override | (unset) | Test-only — freezes the clock |