// hostcoin
API Reference
Single HTTP endpoint. Dispatch by action field. All requests are POST with Content-Type: application/json.
paste into ChatGPT, Claude, etc.
ENDPOINT
Support via Telegramhttps://api.hostcoin.funโ quick start
Sandbox โ Test Without Paying
Use the reserved signature below to deploy a full demo page instantly โ no SOL, no real wallet needed. Always writes to the fixed slug host-coin-test and can be called repeatedly.
tx_signature (magic value โ skip payment)
HOSTCOIN_DEVNET_TESTcurl -X POST https://api.hostcoin.fun \
-H "Content-Type: application/json" \
-d '{
"action": "deploy",
"tx_signature": "HOSTCOIN_DEVNET_TEST",
"token_name": "Host Coin",
"ticker": "HOST",
"wallet_address": "11111111111111111111111111111112",
"twitter_link": "https://x.com/hostcoin_app",
"tg_link": "https://t.me/hostcoinfun",
"theme": "cosmic"
}'
# Response: { "url": "https://hostcoin.fun/host-coin-test", "slug": "host-coin-test" }โResult URL: hostcoin.fun/host-coin-test
// field reference โ all actions
| field | description |
|---|---|
| action | Operation to run โ deploy ยท update_mint ยท list_sites ยท delete_site |
| tx_signature | Confirmed on-chain payment tx. Use HOSTCOIN_DEVNET_TEST to skip payment in sandbox. |
| token_name | Full display name โ shown in the page title and OpenGraph preview. |
| ticker | 1โ12 alphanumeric symbol. Combined with tx hash to form the unique URL slug. |
| wallet_address | Your Solana base58 address โ recorded as the site owner in S3 metadata. |
| contract_address | Solana mint address (CA). Leave blank for Stealth Launch โ inject later via update_mint. |
| twitter_link | Your X / Twitter profile or announcement post URL. |
| tg_link | Your Telegram channel or group URL. |
| logo_url | HTTPS image URL โ used as the logo and OG:image. Pinata / IPFS URLs work. |
| theme | Visual theme: cosmic (default) ยท matrix ยท flame ยท pepe ยท retro |
| description | Short tagline, max 160 chars โ shown on page and in OpenGraph link previews. |
Each sandbox call overwrites the same slug โ safe to test repeatedly with any theme.
security
Authentication
Hostcoin uses zero-database ownership. Wallet address is stored as S3 object metadata at deploy time. Most mutating operations require an Ed25519 wallet signature โ proving key ownership without any backend session or cookie.
| action | how ownership is proven |
|---|---|
| deploy | On-chain tx payer must match wallet_address; payload hash verified via Memo program |
| update_mint | S3 metadata owner check + Ed25519 sig of "Authorize Hostcoin: update_mint for {slug} to {ca} at {ts}" |
| list_sites | Ed25519 sig of "Authorize Hostcoin: list_sites at {ts}" โ prevents enumeration |
| delete_site | S3 metadata owner check + Ed25519 sig of "Authorize Hostcoin: delete_site for {slug} at {ts}" |
!All signatures: Ed25519, base64-encoded, over a UTF-8 message including a Unix ms timestamp. Replay window: ยฑ60s for mutations, ยฑ60 min for list_sites. Full code examples are in each action's section below.
endpoint
deploy
Deploy a new memecoin site. Requires a confirmed 0.005 SOL on-chain payment to the treasury wallet. Returns a public URL and slug. Leave contract_address blank to enter Stealth Launch Mode โ inject the CA later via update_mint.
| field | type | notes |
|---|---|---|
| token_name | string | required โ full token name |
| ticker | string | required โ 1โ12 alphanumeric |
| wallet_address | string | required โ base58 Solana address |
| tx_signature | string | required โ confirmed tx paying 0.005 SOL. Valid for 15 min after block confirmation. |
| description | string? | optional โ short tagline (max 160 chars) |
| contract_address | string? | optional โ leave blank for Stealth Launch |
| twitter_link | string | required โ https://x.com/... |
| tg_link | string | required โ https://t.me/... |
| logo_url | string? | optional โ HTTPS image URL for og:image |
| theme | string? | optional โ cosmic ยท matrix ยท flame ยท pepe ยท retro |
import requests
API = 'https://api.hostcoin.fun'
# tx_signature must be a confirmed on-chain SOL transfer to treasury
res = requests.post(API, json={
'action': 'deploy',
'token_name': 'Moon Shot',
'ticker': 'MOON',
'wallet_address': 'YOUR_WALLET_ADDRESS',
'tx_signature': 'CONFIRMED_TX_SIG', # 0.005 SOL to treasury
'contract_address': '', # blank โ Stealth Launch
'twitter_link': 'https://x.com/moonshot',
'tg_link': 'https://t.me/moonshot',
})
data = res.json()
print(data['url']) # https://hostcoin.fun/moon-a3f9c1
print(data['slug']) # moon-a3f9c1// response
json
{ "url": "https://hostcoin.fun/moon-a3f9c1", "slug": "moon-a3f9c1" }endpoint
update_mint
Inject a contract address into an existing Stealth Launch site. Ownership is verified via S3 metadata and an Ed25519 wallet signature. The hosted HTML page is patched and served at the edge instantly.
| field | type | notes |
|---|---|---|
| slug | string | required โ returned by deploy |
| new_ca | string | required โ base58 Solana mint address |
| wallet_address | string | required โ must match the wallet used to deploy this slug |
| signature | string | required โ base64 Ed25519 sig of update message |
| timestamp | number | required โ Unix ms timestamp (ยฑ60s) |
// signature message โ UTF-8, signed with Ed25519, base64-encoded
"Authorize Hostcoin: update_mint for {slug} to {new_ca} at {timestamp_ms}"import time, base64, requests
from solders.keypair import Keypair
keypair = Keypair.from_base58_string('YOUR_PRIVATE_KEY')
slug = 'moon-a3f9c1'
new_ca = 'MoonMintAddressBase58...'
ts = int(time.time() * 1000)
msg = f'Authorize Hostcoin: update_mint for {slug} to {new_ca} at {ts}'.encode()
sig_b64 = base64.b64encode(bytes(keypair.sign_message(msg))).decode()
res = requests.post('https://api.hostcoin.fun', json={
'action': 'update_mint',
'slug': slug,
'new_ca': new_ca,
'wallet_address': str(keypair.pubkey()),
'signature': sig_b64,
'timestamp': ts,
})
print(res.json()) # {'success': True}// response
json
{ "success": true }endpoint
list_sites
Retrieve all sites deployed by a wallet address. Returns an array sorted by creation time. Requires a fresh wallet signature to prevent enumeration and protect Stealth Launch anonymity.
| field | type | notes |
|---|---|---|
| public_key | string | required โ base58 Solana wallet address |
| signature | string | required โ base64 Ed25519 sig of list_sites message |
| timestamp | number | required โ Unix ms timestamp (ยฑ60 min) |
// signature message โ UTF-8, signed with Ed25519, base64-encoded
"Authorize Hostcoin: list_sites at {timestamp_ms}"import time, base64, requests
from solders.keypair import Keypair
keypair = Keypair.from_base58_string('YOUR_PRIVATE_KEY')
ts = int(time.time() * 1000)
msg = f'Authorize Hostcoin: list_sites at {ts}'.encode()
sig_b64 = base64.b64encode(bytes(keypair.sign_message(msg))).decode()
res = requests.post('https://api.hostcoin.fun', json={
'action': 'list_sites',
'public_key': str(keypair.pubkey()),
'signature': sig_b64,
'timestamp': ts,
})
for site in res.json()['sites']:
print(site['slug'], 'โ', site['url'])// response
json
{
"sites": [
{
"slug": "moon-a3f9c1",
"ticker": "MOON",
"token_name": "Moon Shot",
"ca": "MoonMintAddressBase58...",
"url": "https://hostcoin.fun/moon-a3f9c1",
"timestamp": 1713600000000
}
]
}endpoint
delete_site
Permanently delete a site you own. Requires an Ed25519 wallet signature with a fresh timestamp (ยฑ60s) to prevent replay attacks. Removes both the S3 object and the entry from your site list.
| field | type | notes |
|---|---|---|
| slug | string | required โ slug of the site to delete |
| wallet_address | string | required โ must match the provisioning wallet |
| signature | string | required โ base64 Ed25519 sig of delete message |
| timestamp | number | required โ Unix ms timestamp (ยฑ60s) |
// signature message โ UTF-8, signed with Ed25519, base64-encoded
"Authorize Hostcoin: delete_site for {slug} at {timestamp_ms}"# pip install solders
import time, base64
from solders.keypair import Keypair
keypair = Keypair.from_base58_string("YOUR_PRIVATE_KEY")
slug = "moon-a3f9c1"
# delete_site โ timestamp must be within ยฑ60s
ts = int(time.time() * 1000)
message = f"Authorize Hostcoin: delete_site for {slug} at {ts}".encode()
sig_b64 = base64.b64encode(bytes(keypair.sign_message(message))).decode()
# Pass sig_b64 and ts in the delete_site request body.// response
json
{ "success": true }example
Full flow โ Pump.fun + Deploy in one script
Complete Python script: generate the mint keypair first (CA is known before minting), deploy the Hostcoin site with CA already set, upload metadata to Pump.fun with the real site URL, then create the token on-chain. No update_mint needed.
$pip install requests solders solana-py
hostcoin_pumpfun_flow.py
# pip install requests solders solana-py
import hashlib, requests
from solders.keypair import Keypair
from solders.pubkey import Pubkey
from solders.instruction import Instruction, AccountMeta
from solders.system_program import transfer, TransferParams
from solders.message import MessageV0
from solders.transaction import VersionedTransaction
from solana.rpc.api import Client as SolanaClient
from solana.rpc.types import TxOpts
HOSTCOIN_API = 'https://api.hostcoin.fun'
PUMPPORTAL_API = 'https://pumpportal.fun/api'
RPC = 'https://api.mainnet-beta.solana.com'
TREASURY = Pubkey.from_string('AUEuoaUejiZAzXBByJP6JqnAixaJUmtiuBDJwdpj8BfR')
MEMO_PROGRAM = Pubkey.from_string('MemoSq4gqABAXKb96qnH8TysNcWxMyWCqXgDLGmfcHr')
PRICE_LAMPORTS = 5_000_000 # 0.005 SOL
keypair = Keypair.from_base58_string('YOUR_PRIVATE_KEY')
wallet = str(keypair.pubkey())
TICKER = 'MOON'
TOKEN_NAME = 'Moon Shot'
DESCRIPTION = 'The next moonshot on Solana.'
TWITTER = 'https://x.com/moonshot'
TG = 'https://t.me/moonshot'
LOGO_URL = 'https://your-cdn.com/logo.png'
THEME = 'cosmic'
IMAGE_PATH = 'logo.png'
def compute_payload_hash(token_name, description='', logo_url='', twitter_link='', tg_link='', theme=''):
"""Must match server-side hash โ same field order and separator."""
parts = [token_name or '', (description or '').strip(),
(logo_url or '').strip(), twitter_link or '', tg_link or '', theme or '']
return hashlib.sha256('|'.join(parts).encode()).hexdigest()[:16]
# โโ 1. Generate fresh mint keypair โ CA is known before minting โโ
mint_keypair = Keypair()
mint_addr = str(mint_keypair.pubkey())
# โโ 2. Pay Hostcoin (0.005 SOL) and deploy site โโ
conn = SolanaClient(RPC)
payload_hash = compute_payload_hash(TOKEN_NAME, DESCRIPTION, LOGO_URL, TWITTER, TG, THEME)
memo_text = f'Hostcoin Deploy: {TICKER.upper()}:{payload_hash}'
bh = conn.get_latest_blockhash().value.blockhash
transfer_ix = transfer(TransferParams(from_pubkey=keypair.pubkey(), to_pubkey=TREASURY, lamports=PRICE_LAMPORTS))
memo_ix = Instruction(
program_id=MEMO_PROGRAM,
accounts=[AccountMeta(pubkey=keypair.pubkey(), is_signer=True, is_writable=False)],
data=memo_text.encode('utf-8'),
)
msg = MessageV0.try_compile(keypair.pubkey(), [transfer_ix, memo_ix], [], bh)
pay_tx = VersionedTransaction(msg, [keypair])
pay_result = conn.send_raw_transaction(bytes(pay_tx), opts=TxOpts(preflight_commitment='confirmed'))
conn.confirm_transaction(pay_result.value, commitment='confirmed')
r = requests.post(HOSTCOIN_API, json={
'action': 'deploy',
'tx_signature': str(pay_result.value),
'token_name': TOKEN_NAME,
'ticker': TICKER,
'wallet_address': wallet,
'contract_address': mint_addr, # CA known upfront โ no update_mint needed
'description': DESCRIPTION,
'twitter_link': TWITTER,
'tg_link': TG,
'logo_url': LOGO_URL,
'theme': THEME,
}, timeout=30)
r.raise_for_status()
site_url = r.json()['url'] # https://hostcoin.fun/moon-a3f9c1
slug = r.json()['slug']
print(f'Site live: {site_url}')
# โโ 3. Upload token metadata to Pump.fun IPFS โโ
# site_url is now known โ embed it as the token website
with open(IMAGE_PATH, 'rb') as img:
ipfs = requests.post('https://pump.fun/api/ipfs', files={
'file': ('logo.png', img, 'image/png'),
'name': (None, TOKEN_NAME),
'symbol': (None, TICKER),
'description': (None, DESCRIPTION),
'twitter': (None, TWITTER),
'telegram': (None, TG),
'website': (None, site_url), # your new Hostcoin site
'showName': (None, 'true'),
})
ipfs.raise_for_status()
metadata_uri = ipfs.json()['metadataUri']
# โโ 4. Create token on Pump.fun via PumpPortal โโ
create = requests.post(f'{PUMPPORTAL_API}/trade-local', json={
'publicKey': wallet,
'action': 'create',
'tokenMetadata': {'name': TOKEN_NAME, 'symbol': TICKER, 'uri': metadata_uri},
'mint': mint_addr,
'denominatedInSol': 'true',
'amount': 0.1, # initial dev buy in SOL
'slippage': 10,
'priorityFee': 0.0005,
'pool': 'pump',
}, timeout=30)
create.raise_for_status()
tx = VersionedTransaction.from_bytes(create.content)
signed = VersionedTransaction(tx.message, [keypair, mint_keypair])
send_r = conn.send_raw_transaction(bytes(signed))
conn.confirm_transaction(send_r.value, commitment='confirmed')
print(f'\n Site: {site_url}')
print(f' DexScreener: https://dexscreener.com/solana/{mint_addr}')reference
Error Codes
All errors return JSON with a human-readable error message and a machine-readable code field.
json
{
"error": "Signature invalid",
"code": "INVALID_SIGNATURE"
}| http | code | meaning |
|---|---|---|
| 400 | MISSING_FIELDS | One or more required fields absent |
| 400 | INVALID_INPUT | Ticker or field format invalid |
| 400 | INVALID_ADDRESS | Malformed base58 Solana address |
| 400 | UNKNOWN_ACTION | Unrecognised action value |
| 402 | PAYMENT_FAILED | Treasury payment not found or insufficient |
| 403 | REPLAY_ATTEMPT | tx_signature was already consumed |
| 403 | UNAUTHORIZED | wallet_address does not own this slug |
| 403 | INVALID_SIGNATURE | Ed25519 signature verification failed |
| 500 | INTERNAL_ERROR | Unexpected server-side error |