Order placement returns 400 "maker address not allowed, please use the deposit wallet flow" for Magic.link proxy wallets
Bug confirmed in py-clob-client-v2 versions 1.0.0 and 1.0.1.
Affects every account whose primary wallet was created via Magic.link (the default
sign-up flow on polymarket.com).
Summary
create_and_post_order consistently returns HTTP 400 with the error message "maker address not allowed, please use the deposit wallet flow" when placing an order signed by a Magic.link-derived EOA on behalf of its corresponding proxy wallet (signature_type=1, POLY_PROXY).
The order is rejected at the API gateway layer before any matching-engine logic runs. The same wallet can deposit, withdraw, and trade through the official Polymarket UI without issue — the rejection is specific to programmatic CLOB access.
This blocks all programmatic order placement for Magic.link-onboarded accounts.
Environment
| Field |
Value |
py-clob-client-v2 |
tested on 1.0.0 and 1.0.1 — both fail identically |
| Python |
3.11 |
| Endpoint |
https://clob.polymarket.com/order |
| Account type |
Magic.link (signed up via Polymarket web UI) |
| Signer EOA |
<MAGIC_LINK_DERIVED_EOA> |
| Funder / proxy wallet |
<MAGIC_LINK_PROXY_WALLET> |
| Signature type |
1 (POLY_PROXY) — also tested 3 (POLY_1271), same error |
| Funded asset |
pUSD (0xC011a7E1...), confirmed non-zero balance |
| Network egress |
Tested both direct and via residential proxy — same result |
Steps to reproduce
import os
from py_clob_client_v2.client import ClobClient
from py_clob_client_v2.clob_types import OrderArgs
from py_clob_client_v2.order_builder.constants import BUY
client = ClobClient(
host="https://clob.polymarket.com",
chain_id=137, # Polygon mainnet
key=os.environ["SIGNING_KEY"], # Magic.link EOA private key
funder=os.environ["FUNDER_ADDRESS"], # Magic.link proxy wallet
signature_type=1, # POLY_PROXY
)
client.set_api_creds(client.create_or_derive_api_creds())
# Any liquid market's YES token works — same error on every market.
order_args = OrderArgs(
token_id="<LIQUID_MARKET_YES_TOKEN_ID>",
price=0.01, # far below market — guaranteed NOT to fill
size=100.0,
side=BUY,
)
placed = client.create_and_post_order(order_args) # <-- raises here
Expected behavior
Order is accepted and posted to the orderbook, or rejected with a meaningful business-logic error (e.g. insufficient balance, minimum size violation, market closed). The "deposit wallet flow" is a UI funding workflow — it is not a valid order-placement constraint.
Actual behavior
[py_clob_client_v2] request error status=400
url=https://clob.polymarket.com/order
body={"error":"maker address not allowed, please use the deposit wallet flow"}
PolyApiException:
status_code=400
error_message={'error': 'maker address not allowed, please use the deposit wallet flow'}
The error is identical regardless of:
signature_type (tried both 1 POLY_PROXY and 3 POLY_1271)- Order direction (
BUY / SELL), price, or size
- Network egress (direct vs residential proxy)
- SDK version (
1.0.0 and 1.0.1)
- Whether the call is
create_and_post_order or create_order + post_order separately
What we have verified ✅
- Wallet is funded and active.
get_balance_allowance returns the correct non-zero pUSD balance.
- API credentials are valid.
derive_api_credentials succeeds; subsequent reads (orderbook, balances) work fine.
- EIP-712 signature is well-formed. The order hash matches what
OrderBuilder produces, and the recovered signer matches the Magic.link EOA.
- Same wallet works via UI. Placing the same order through
polymarket.com succeeds with no warning.
- Bug persists on
1.0.1. Upgraded recently, no change in behavior.
Hypothesis
The Polymarket order-routing API appears to maintain a server-side allowlist of "approved maker addresses" that excludes Magic.link-managed proxy wallets — despite these wallets being the default wallet type for accounts created via the public web flow.
The error message ("please use the deposit wallet flow") suggests the API is steering users into a UI funding path rather than acknowledging the order placement. This is either:
(a) A deliberate restriction — in which case CLOB API access requires a separate self-managed wallet (e.g. user-imported MetaMask). The docs should make this explicit, and py-clob-client-v2 should surface a clearer pre-flight error (e.g. on derive_api_credentials) rather than letting the user reach create_and_post_order only to fail with this opaque 400.
(b) A bug — the maker-address allowlist needs to include Magic.link proxy wallets, since they are the wallet type the platform itself provisions for new users.
Either way the current behavior is broken from the user's perspective: the SDK accepts the wallet, signs the order, posts it — and the server rejects with a message that makes no sense in the order-placement context.
Impact
Blocks every Magic.link-onboarded user from any programmatic CLOB activity:
- 烙 Algorithmic / quant trading
- Dispute monitoring and automated position closing
- Dashboard tools that need to place or cancel orders
- Integrations (e.g. portfolio rebalancers, API connectors)
The only workaround currently is to import a separate EOA into MetaMask, fund it manually, and trade from that — bypassing Magic.link entirely. This contradicts the official onboarding flow.
Suggested fix
Either:
- Allowlist Magic.link proxy wallets at the order-routing API.
- Document the restriction clearly:
- In the SDK README under a prominent Wallet requirements section.
- In
derive_api_credentials — return / raise an error before the user signs anything.
- In the Polymarket developer docs.
- Replace the error message. "Use the deposit wallet flow" implies a UI action that doesn't exist for API users. A clearer message would be:
"Magic.link-managed wallets cannot place orders via the CLOB API. Please use a self-custody wallet (e.g. MetaMask)."
Reproducer
I'm happy to share full request/response traces (with Authorization headers redacted), order hashes, and the exact OrderArgs construction code in a sanitized form if helpful for reproduction. Just let me know what would be useful.
Related
- Originally observed with
py-clob-client-v2 1.0.0
- No change after upgrade to
1.0.1
- Multiple existing issues against
Polymarket/py-clob-client and Polymarket/py-clob-client-v2 describing the same symptom — but no fix has been merged or root-caused publicly.
Filed by @malyshrus — an active Polymarket trader running an automated quant pipeline. Please prioritize — this is a hard-block on a fundamental SDK use case.
Order placement returns 400
"maker address not allowed, please use the deposit wallet flow"for Magic.link proxy walletsSummary
create_and_post_orderconsistently returns HTTP 400 with the error message"maker address not allowed, please use the deposit wallet flow"when placing an order signed by a Magic.link-derived EOA on behalf of its corresponding proxy wallet (signature_type=1,POLY_PROXY).The order is rejected at the API gateway layer before any matching-engine logic runs. The same wallet can deposit, withdraw, and trade through the official Polymarket UI without issue — the rejection is specific to programmatic CLOB access.
This blocks all programmatic order placement for Magic.link-onboarded accounts.
Environment
py-clob-client-v23.11https://clob.polymarket.com/order<MAGIC_LINK_DERIVED_EOA><MAGIC_LINK_PROXY_WALLET>1(POLY_PROXY) — also tested3(POLY_1271), same error0xC011a7E1...), confirmed non-zero balanceSteps to reproduce
Expected behavior
Order is accepted and posted to the orderbook, or rejected with a meaningful business-logic error (e.g. insufficient balance, minimum size violation, market closed). The "deposit wallet flow" is a UI funding workflow — it is not a valid order-placement constraint.
Actual behavior
The error is identical regardless of:
signature_type(tried both1POLY_PROXYand3POLY_1271)BUY/SELL), price, or size1.0.0and1.0.1)create_and_post_orderorcreate_order+post_orderseparatelyWhat we have verified ✅
get_balance_allowancereturns the correct non-zero pUSD balance.derive_api_credentialssucceeds; subsequent reads (orderbook, balances) work fine.OrderBuilderproduces, and the recovered signer matches the Magic.link EOA.polymarket.comsucceeds with no warning.1.0.1. Upgraded recently, no change in behavior.Hypothesis
The Polymarket order-routing API appears to maintain a server-side allowlist of "approved maker addresses" that excludes Magic.link-managed proxy wallets — despite these wallets being the default wallet type for accounts created via the public web flow.
The error message (
"please use the deposit wallet flow") suggests the API is steering users into a UI funding path rather than acknowledging the order placement. This is either:Either way the current behavior is broken from the user's perspective: the SDK accepts the wallet, signs the order, posts it — and the server rejects with a message that makes no sense in the order-placement context.
Impact
Blocks every Magic.link-onboarded user from any programmatic CLOB activity:
The only workaround currently is to import a separate EOA into MetaMask, fund it manually, and trade from that — bypassing Magic.link entirely. This contradicts the official onboarding flow.
Suggested fix
Either:
derive_api_credentials— return / raise an error before the user signs anything."Magic.link-managed wallets cannot place orders via the CLOB API. Please use a self-custody wallet (e.g. MetaMask)."Reproducer
I'm happy to share full request/response traces (with
Authorizationheaders redacted), order hashes, and the exactOrderArgsconstruction code in a sanitized form if helpful for reproduction. Just let me know what would be useful.Related
py-clob-client-v2 1.0.01.0.1Polymarket/py-clob-clientandPolymarket/py-clob-client-v2describing the same symptom — but no fix has been merged or root-caused publicly.Filed by @malyshrus — an active Polymarket trader running an automated quant pipeline. Please prioritize — this is a hard-block on a fundamental SDK use case.