Polymarket V2 · Deposit-wallet era
Production-safe Polymarket infrastructure.
A single Go binary and SDK for Polymarket V2 trading. Built specifically for Polymarket's current production deposit-wallet model. No external SDKs. No Python runtime. No opaque signing wrappers.
Validated against live Polygon mainnet flows — not mocks, not paper environments.
Live, no credentials
$ polygolem health
{"clob":"ok","gamma":"ok"}
$ polygolem orderbook price --token-id 1391568931...637394586
{"price":"0.012","token_id":"1391568931...637394586"}
$ polygolem orderbook spread --token-id 1391568931...637394586
{"spread":"0.002","token_id":"1391568931...637394586"}
That's polygolem talking to live Polymarket. No key, no sign-up. Read-only is
the default for everything until you set POLYMARKET_PRIVATE_KEY.
Why polygolem exists
In April 2026 Polymarket migrated to V2: a new exchange, a new stablecoin (pUSD), and a new requirement that orders be placed by deposit wallets — ERC-1967 proxies that validate signatures via ERC-1271 — instead of EOAs.
Most existing Polymarket bots, wrappers, and unofficial SDKs still assume EOA signing. Many of them silently broke; the rest produce ghost fills that appear in the book and never settle.
polygolem only knows the production-safe path: deposit-wallet only, local signing, spec-implemented protocol, no shimmed Python or JS in the trust path.
Trust model
Read-only by default
Authenticated operations require an explicit private key in env. Nothing trades unless you ask it to.
Deposit-wallet only
Cannot accidentally sign as an EOA, proxy, or Safe. The mode that broke in April 2026 is not reachable from this binary.
Local signing
The process holds the key; no signing service in the trust path. No remote enclave that could be replaced.
No external SDKs
All wallet derivation, EIP-712 payloads, ERC-7739 envelopes, and relayer calls are in this repo, in Go, from spec.
Risk controls
Per-trade caps, daily loss limits, and a circuit breaker live in internal/risk and are on by default.
Secret redaction
API keys and signatures are redacted in logs by the transport layer. No accidental leakage in CI output.
The on-chain identity model
EOA ──signs──▶ Order
│ (signatureType=3, maker=DepositWallet, signer=DepositWallet)
│
▼ derives (CREATE2) ▼ submitted by
Deposit Wallet ◀──holds pUSD── Polymarket matching engine
(ERC-1967 proxy, (gas-sponsored fillOrders settlement)
validates signatures ──┐
via ERC-1271) │
▼
V2 Relayer ──sponsors──▶ WALLET-CREATE + approval batch
(relayer-v2.polymarket.com)The EOA signs; the deposit wallet holds funds and is the on-order maker; Polymarket-run services pay every gas fee except your single ERC-20 funding transfer. Read the full identity model →
Trade in four commands
export POLYMARKET_PRIVATE_KEY="0x..."
polygolem auth headless-onboard # mint V2 relayer key (gasless)
polygolem deposit-wallet onboard --fund-amount 0.71 # deploy + approve + fund
polygolem clob update-balance --asset-type collateral
polygolem clob market-order --token <ID> --side buy --amount 1 --price 0.012 --order-type FOK
# {
# "success": true,
# "orderID": "0x43083109...c423d793d",
# "status": "matched",
# "makingAmount": "1",
# "takingAmount": "86.606666",
# "transactionsHashes": ["0x74ad015d...4f7adc"]
# }After onboarding, every trade is fully headless. Total user-paid cost on the reference run was ~$0.01 in POL gas for the single ERC-20 transfer that funds the deposit wallet — every other tx (WALLET-CREATE, approvals, fillOrders settlements) is sponsored by Polymarket-run services.
⚠ New users need one browser login. Polymarket's L1 auth endpoint does not currently support ERC-1271 validation, so a brand-new EOA needs one browser login at polymarket.com to mint the deposit-wallet-bound CLOB API key. After that, all trading is fully headless. See the full onboarding →