AntFleet

Disagreement · 8dbec532-openai-0

Marketplace order creation docs contradict themselves about unsigned vs signed requests and a two-POST flow

solo GPT-5
repo a16d2030·PR #2·reviewed 1 week ago

GPT-5 finding

Marketplace order creation docs contradict themselves about unsigned vs signed requests and a two-POST flow

mediumapi-contracthigh
  • opensea/opensea-marketplace/references/marketplace-api.md:152-156
  • opensea/opensea-marketplace/references/marketplace-api.md:189-195
  • opensea/opensea-marketplace/references/marketplace-api.md:435-440
The section claims the endpoint returns an unsigned order to sign, but the example request and required fields include `signature`, implying it must already be signed. It further suggests posting to the same endpoint twice (once before signing and again with signature), which is atypical and likely incorrect, leading to integration failures.

Recommendation

Clarify the correct flow: - If the endpoint expects a fully signed Seaport order, remove references to “unsigned” responses and the two-step POST; document that clients must construct EIP-712 order components, sign them client-side, and POST once with `protocol_address`, `parameters`, and `signature`. - If a separate “build parameters” endpoint exists, document that endpoint distinctly (no `signature` in the request), then show signing and submission to the creation endpoint. Update examples accordingly and verify against the OpenAPI spec and a live test request.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →
← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗