> ## Documentation Index
> Fetch the complete documentation index at: https://docs.hubra.app/llms.txt
> Use this file to discover all available pages before exploring further.
# Developer overview
> The Hubra Agent API: an HTTP surface that mirrors the human staking app, designed to be callable by AI agents.
The Hubra Agent API is an HTTP surface that does what the Hubra app does, by JSON.
**Partners** — building an integration that brings liquidity to Hubra? Get a partner API key at [partner.hubra.app](https://partner.hubra.app) and pass it on your stake calls to attribute the liquidity you bring in and track it on your dashboard. See [Partner attribution](/developer/endpoints/stake#partner-attribution).
Reads are public. Writes return **unsigned Solana transactions** that the caller signs locally with their own keypair, then submits via `/broadcast`. Hubra never holds a key.
No API key. No sign-up. No database. The on-chain signature on the actual transaction is what authorizes the user's intent.
***
## What it is
A thin REST layer over the same server actions that power the human Hubra app. There is no second source of truth: when an agent stakes 1 SOL via `POST /api/v1/stake`, the underlying mechanism is identical to a human clicking "Stake" in the UI.
```
┌──────────────── HUMAN SURFACE ────────────────┐
│ hubra.app/s — wallet connect, click to stake │
└───────────────────────────────────────────────┘
│
│ shared server actions
▼
┌──────────────── AGENT SURFACE ────────────────┐
│ api/v1/strategies list strategies │
│ api/v1/quote preview unstake │
│ api/v1/stake build unsigned tx │
│ api/v1/unstake build unsigned tx │
│ api/v1/withdraw close native stake │
│ api/v1/broadcast submit signed tx │
└───────────────────────────────────────────────┘
```
***
## Auth model
There is no API key. There is no sign-up.
Every endpoint accepts requests from any caller. Authorization comes from the on-chain signature on the actual stake transaction. If the wallet that signed the transaction does not own the assets being staked, the chain rejects the transaction. The HTTP layer adds nothing beyond that.
If you want to attribute requests to a wallet for future loyalty/points, send `X-Hubra-Wallet: ` as a header. It is optional and currently informational only.
***
## Base URL and versioning
```
https://hubra.app/api/v1
```
All endpoints under `/api/v1`. Breaking changes ship as `/api/v2`.
Every response includes the header:
```
X-Hubra-Api-Version: v1
```
***
## Conventions
| | |
| ------------ | ------------------------------------------------------------------------------- |
| Content type | `application/json` on requests and successful responses |
| Error type | `application/problem+json` ([RFC 9457](https://www.rfc-editor.org/rfc/rfc9457)) |
| Amounts | Decimal strings (`"1.5"`), never floats |
| CORS | Permissive `Access-Control-Allow-Origin: *` on read endpoints |
For the full conventions reference, see [Conventions](/developer/conventions).
***
## Strategy keys
The four canonical paths:
| Key | Status | Asset | Description |
| --------------------- | ------ | ----- | ---------------------------------------- |
| `sol-native-stake` | live | SOL | Direct delegation to Hubra's validator |
| `sol-liquid-stake` | live | SOL | Mint raSOL via Sanctum |
| `sol-leveraged-stake` | live | SOL | Auto-managed leveraged raSOL (raSOL Max) |
| `usdc-earn` | live | USDC | Voltr-routed USDC vault |
For the full strategy reference (intros, steps, on-chain handles), see [Strategies](/developer/strategies) or call [`GET /api/v1/strategies`](/developer/endpoints/list-strategies).
***
## Postman collection
Import the full Agent API into Postman to try every endpoint without writing code.
`hubra-agent-api.postman_collection.json` — all read and write endpoints, pre-configured.
***
## End-to-end flow
```bash theme={null}
# 1. Discover
curl https://hubra.app/api/v1/strategies
# 2. (Optional) Preview an unstake
curl -X POST https://hubra.app/api/v1/quote \
-H 'Content-Type: application/json' \
-d '{"strategy":"sol-liquid-stake","wallet":"","amount":"1.5"}'
# 3. Build an unsigned stake tx
curl -X POST https://hubra.app/api/v1/stake \
-H 'Content-Type: application/json' \
-d '{"strategy":"sol-liquid-stake","wallet":"","amount":"1.5"}'
# → { "transaction": "", "hubra_token": "...", ... }
# 4. Sign the tx locally with your Solana keypair
# 5. Broadcast
curl -X POST https://hubra.app/api/v1/broadcast \
-H 'Content-Type: application/json' \
-d '{"signed_tx":"","hubra_token":""}'
# → { "signature": "5z…", "explorer": "https://solscan.io/tx/5z…" }
```
***
## The `hubra_token` gate
`/stake` and `/unstake` responses include a `hubra_token` (an HMAC over the unsigned transaction's message bytes). `/broadcast` requires this token; without a matching token, it rejects the request.
This prevents `/broadcast` from being used as a free Solana RPC for arbitrary transactions. Tokens are valid for \~2 minutes (matching Solana's blockhash window). Rebuild via `/stake` or `/unstake` if expired.
For Sanctum-routed flows, you also need to forward `sanctumKind` and `sanctum_order` from the build response to `/broadcast`. See [Hubra token](/developer/hubra-token) for the full mechanics.
***
## What's next
First request to first stake transaction.
JSON, errors, decimals, CORS.
The strategy registry.
`POST /api/v1/stake` reference.