Queue operations

Use these methods to list, inspect, and manage queue operations for a deployment, including multisig configuration changes, rejects, and signatures.

No content

No content

Sign a queue operation with a private key (EIP-712)

Queue operations are signed using EIP‑712 typed data. The signature is created off‑chain with a raw private key, without a wallet UI, and authorizes execution of a multisig operation on‑chain.

What is signed

Only the following data is signed:

No other fields from the queue operation are included in the signature.

Input data sources

From queue operation (API)

To build the signed payload, load the queue operation from the API:

• GET /api/v1/deployments/{deploymentId}/operations

• GET /api/v1/deployments/{deploymentId}/operations/{operationId}

From the queue operation object, use only:

When building the typed data:

• Treat nonce as uint256.

• Treat value as uint256.

• Treat data as a hex‑encoded bytes value (the literal "0x" is valid for empty data).

From deployment and network

The EIP‑712 domain uses deployment and network data:

• name — always MultiSigWallet.

• version — current smart contract version.

• chainId — blockchain chain ID of the deployment.

• verifyingContract — address of the multisig contract.

You can obtain verifyingContract from the account:

• GET /api/v1/accounts

• GET /api/v1/accounts/{accountId}

Use the value from the account.contract field for the multisig contract address.

EIP-712 typed data structure

The exact typed data that is signed has the following structure:

Use this structure as a template. Do not change field names, types, or their order when building the typed data object.

Signing algorithm

Step 1. Build EIP-712 typed data

• Use the structure shown above with domain, types, primaryType, and message.

• Encode all numeric values (chainId, nonce, value) as uint256.

Step 2. Compute the EIP-712 digest

The digest is computed as:

Standard EIP‑712 libraries perform this step automatically when you sign typed data.

Step 3. Sign the digest with a private key

Sign the digest using ECDSA over secp256k1:

The resulting signature has the format:

Where:

• r — 32 bytes.

• s — 32 bytes.

• v — 1 byte.

Example signature

Example of a valid signature value:

Submit the signature to the API

After computing the signature, submit it using the Sign operation endpoint:

On success, the API returns the updated signature status for the operation. If the same signer submits another signature for the same operation, the API returns a conflict error.

Common errors when signing

Common issues when building or submitting signatures include:

• Invalid signature — incorrect domain (chainId or verifyingContract do not match the deployment).

• Invalid signature — wrong data types in the message (for example, nonce passed as a string instead of uint256 in the typed data).

• Invalid signature — calls array order does not match the operation in the queue.

• You have already signed this operation — the same address already submitted a signature.

• canSign = false in the operation — the signer address is not an approver or is not allowed to sign.

Summary

• Extract calls[] and nonce from the queue operation.

• Build the EIP‑712 Execute typed data (domain, types, message).

• Sign the EIP‑712 digest with a private key.

• Submit the resulting signature to the B2BINPAY DeFi API.

Execute a READY queue operation with a private key

When a queue operation reaches the READY status and canExecute = true, you execute it by sending a regular Ethereum transaction to the deployed MultiSigWallet contract and calling:

Preconditions

The queue operation must satisfy all of the following:

• status = "READY".

• canExecute = true.

• signaturesCollected >= signaturesRequired.

• The signatures array in the API response contains at least the threshold number of signatures.

Required inputs

From API (queue operation)

• executeOperationId — used as Operation.id.

• calls[] — used as Operation.calls.

• signatures[] — used to build packed bytes for Operation.signatures.

From deployment and network

• verifyingContract — multisig contract address for the deployment:

  • GET /api/v1/accounts

  • GET /api/v1/accounts/{accountId}

  • use account.contract.

• chainId — chain ID of the network where the multisig is deployed.

• rpcUrl — RPC endpoint for sending the transaction.

• executorPrivateKey — private key of the externally owned account (EOA) that sends the transaction.

Build Operation.calls

Convert each API call object into the Solidity Call struct:

• to → Call.to.

• value (decimal string) → Call.value (uint256).

• data (hex string) → Call.data (bytes).

Keep the order of calls exactly the same as in the queue operation and in the EIP‑712 signing step.

Build Operation.signatures (packed bytes)

In the API response, signatures are returned as separate entries:

The contract expects a single bytes value:

Signature format

Each signature is a standard 65‑byte ECDSA signature:

For example:

Packing rule

Build Operation.signatures as:

Sort signatures by signer address in ascending alphabetical order before concatenation.

Build the operations array

Even if you execute a single queue operation, you must pass an array with one element:

ABI-encode execute(operations)

Encode the function call data for:

This produces the transaction data field that you send to the multisig contract.

Build, sign, and broadcast the Ethereum transaction

Transaction fields

Set the transaction fields as follows:

• to — multisig contract address (verifyingContract).

• data — ABI‑encoded execute(operations) call.

• value — 0.

• chainId — correct chain ID (for example, Sepolia 11155111).

• Gas parameters — EIP‑1559 fields (maxFeePerGas, maxPriorityFeePerGas) appropriate for the network.

• nonce — EOA nonce of the executor account (this is not the multisig queue nonce).

Sign

Sign the transaction with executorPrivateKey using ECDSA (secp256k1).

Broadcast

Send the raw signed transaction through the RPC endpoint, for example using eth_sendRawTransaction. The result is a txHash.

Expected on-chain result

If the transaction succeeds:

• The contract verifies the packed signatures internally (for example, via checkSignatures(hash, signatures)).

• All calls are executed in order.

• An ExecuteSuccess(nonce, digest, id) event is emitted.

• The function returns operation and call‑level results as bytes[][] results.

The backend then updates the queue operation:

• status changes to EXECUTED.

• txHash is populated with the resulting on‑chain transaction hash.

Common reverts and errors

Common revert classes when executing operations include:

• InsufficientSignatures(signatures, threshold) — packed signatures contain fewer signatures than the required threshold.

• InvalidSignature(owner) — signature bytes, signed digest, or ordering are incorrect for at least one signer.

• DuplicateSignature(owner) — the same signer appears more than once in the packed signatures.

• FailedCall — one of the internal calls reverted.

• InsufficientBalance(balance, needed) — the multisig contract lacks enough ETH for the value transfers.

• ReentrancyGuardReentrantCall — a reentrancy attempt was detected during execution.