diff --git a/Cargo.lock b/Cargo.lock
index f6f9e2c..e3e5718 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1043,12 +1043,14 @@ dependencies = [
  "ddk-messages",
  "ddk-payouts",
  "hex",
+ "hmac",
  "homedir",
  "inquire",
  "prost",
  "reqwest",
  "serde",
  "serde_json",
+ "sha2",
  "tokio",
  "tonic",
  "tonic-build",
diff --git a/ddk-node/Cargo.toml b/ddk-node/Cargo.toml
index dd21b8b..e9017cd 100644
--- a/ddk-node/Cargo.toml
+++ b/ddk-node/Cargo.toml
@@ -19,6 +19,8 @@ bitcoin = { version = "0.32.6", features = ["rand", "serde"] }
 anyhow = "1.0.86"
 clap = { version = "4.5.9", features = ["derive"] }
 hex = "0.4.3"
+hmac = "0.12"
+sha2 = "0.10"
 homedir = "0.3.3"
 inquire = "0.7.5"
 prost = "0.12.1"
diff --git a/ddk-node/README.md b/ddk-node/README.md
index ccbd3ed..1d3e100 100644
--- a/ddk-node/README.md
+++ b/ddk-node/README.md
@@ -31,7 +31,8 @@ Options:
   -n, --network <NETWORK>          Set the Bitcoin network [default: signet]
   -s, --storage-dir <STORAGE_DIR>  Data storage path [default: ~/.ddk]
   -p, --port <PORT>                Transport listening port [default: 1776]
-      --grpc <GRPC_HOST>           gRPC server host:port [default: 0.0.0.0:3030]
+      --grpc <GRPC_HOST>           gRPC server host:port [default: 127.0.0.1:3030]
+      --api-secret <API_SECRET>    HMAC secret for gRPC authentication
       --esplora <ESPLORA_HOST>     Esplora server URL [default: https://mutinynet.com/api]
       --oracle <ORACLE_HOST>       Kormir oracle URL [default: https://kormir.dlcdevkit.com]
       --seed <SEED>                Seed strategy: 'file' or 'bytes' [default: file]
@@ -39,6 +40,8 @@ Options:
   -h, --help                       Print help
 ```
 
+When binding to non-localhost addresses (e.g., `--grpc 0.0.0.0:3030`), an API secret is required via `--api-secret`.
+
 ## CLI Usage
 
 ```
diff --git a/ddk-node/src/bin/cli.rs b/ddk-node/src/bin/cli.rs
index 14a391d..0d64fb3 100644
--- a/ddk-node/src/bin/cli.rs
+++ b/ddk-node/src/bin/cli.rs
@@ -1,6 +1,18 @@
 use clap::Parser;
 use ddk_node::cli_opts::CliCommand;
 use ddk_node::ddkrpc::ddk_rpc_client::DdkRpcClient;
+use hmac::{Hmac, Mac};
+use sha2::Sha256;
+use tonic::metadata::MetadataValue;
+use tonic::transport::Channel;
+
+type HmacSha256 = Hmac<Sha256>;
+
+fn compute_signature(timestamp: &str, secret: &[u8]) -> String {
+    let mut mac = HmacSha256::new_from_slice(secret).expect("HMAC can take key of any size");
+    mac.update(timestamp.as_bytes());
+    hex::encode(mac.finalize().into_bytes())
+}
 
 #[derive(Debug, Clone, Parser)]
 #[clap(name = "ddk-cli")]
@@ -14,6 +26,9 @@ struct DdkCliArgs {
     #[arg(help = "ddk-node gRPC server to connect to.")]
     #[arg(default_value = "http://127.0.0.1:3030")]
     pub server: String,
+    #[arg(long)]
+    #[arg(help = "HMAC secret for authentication")]
+    pub api_secret: Option<String>,
     #[clap(subcommand)]
     pub command: CliCommand,
 }
@@ -22,9 +37,33 @@ struct DdkCliArgs {
 async fn main() -> anyhow::Result<()> {
     let opts = DdkCliArgs::parse();
 
-    let mut client = DdkRpcClient::connect(opts.server).await?;
+    if let Some(secret) = opts.api_secret {
+        let channel = Channel::from_shared(opts.server)?.connect().await?;
+        let secret_bytes = secret.into_bytes();
+
+        let mut client =
+            DdkRpcClient::with_interceptor(channel, move |mut req: tonic::Request<()>| {
+                let timestamp = std::time::SystemTime::now()
+                    .duration_since(std::time::UNIX_EPOCH)
+                    .expect("Time went backwards")
+                    .as_secs()
+                    .to_string();
+
+                let signature = compute_signature(&timestamp, &secret_bytes);
+
+                let ts_value: MetadataValue<_> = timestamp.parse().unwrap();
+                let sig_value: MetadataValue<_> = signature.parse().unwrap();
+
+                req.metadata_mut().insert("x-timestamp", ts_value);
+                req.metadata_mut().insert("x-signature", sig_value);
+                Ok(req)
+            });
 
-    ddk_node::command::cli_command(opts.command, &mut client).await?;
+        ddk_node::command::cli_command(opts.command, &mut client).await?;
+    } else {
+        let mut client = DdkRpcClient::connect(opts.server).await?;
+        ddk_node::command::cli_command(opts.command, &mut client).await?;
+    }
 
     Ok(())
 }
diff --git a/ddk-node/src/command.rs b/ddk-node/src/command.rs
index f2f1dd3..c7b14b1 100644
--- a/ddk-node/src/command.rs
+++ b/ddk-node/src/command.rs
@@ -27,12 +27,15 @@ use ddk_messages::oracle_msgs::{EventDescriptor, OracleAnnouncement};
 use ddk_messages::{AcceptDlc, OfferDlc};
 use inquire::{Select, Text};
 use serde_json::Value;
-use tonic::transport::Channel;
 
-pub async fn cli_command(
-    arg: CliCommand,
-    client: &mut DdkRpcClient<Channel>,
-) -> anyhow::Result<()> {
+pub async fn cli_command<T>(arg: CliCommand, client: &mut DdkRpcClient<T>) -> anyhow::Result<()>
+where
+    T: tonic::client::GrpcService<tonic::body::BoxBody> + Send + 'static,
+    T::Error: Into<Box<dyn std::error::Error + Send + Sync>>,
+    T::ResponseBody: tonic::codegen::Body<Data = tonic::codegen::Bytes> + Send + 'static,
+    <T::ResponseBody as tonic::codegen::Body>::Error:
+        Into<Box<dyn std::error::Error + Send + Sync>> + Send,
+{
     match arg {
         CliCommand::Info => {
             let info = client.info(InfoRequest::default()).await?.into_inner();
@@ -306,9 +309,16 @@ async fn generate_contract_input() -> anyhow::Result<ContractInput> {
     })
 }
 
-async fn interactive_contract_input(
-    client: &mut DdkRpcClient<Channel>,
-) -> anyhow::Result<ContractInput> {
+async fn interactive_contract_input<T>(
+    client: &mut DdkRpcClient<T>,
+) -> anyhow::Result<ContractInput>
+where
+    T: tonic::client::GrpcService<tonic::body::BoxBody> + Send + 'static,
+    T::Error: Into<Box<dyn std::error::Error + Send + Sync>>,
+    T::ResponseBody: tonic::codegen::Body<Data = tonic::codegen::Bytes> + Send + 'static,
+    <T::ResponseBody as tonic::codegen::Body>::Error:
+        Into<Box<dyn std::error::Error + Send + Sync>> + Send,
+{
     let contract_type =
         Select::new("Select type of contract.", vec!["enum", "numerical"]).prompt()?;
 
diff --git a/ddk-node/src/ddkrpc.rs b/ddk-node/src/ddkrpc.rs
index ad25d1d..89ce09b 100644
--- a/ddk-node/src/ddkrpc.rs
+++ b/ddk-node/src/ddkrpc.rs
@@ -277,8 +277,8 @@ pub struct SignResponse {
 /// Generated client implementations.
 pub mod ddk_rpc_client {
     #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)]
-    use tonic::codegen::*;
     use tonic::codegen::http::Uri;
+    use tonic::codegen::*;
     #[derive(Debug, Clone)]
     pub struct DdkRpcClient<T> {
         inner: tonic::client::Grpc<T>,
@@ -322,9 +322,8 @@ pub mod ddk_rpc_client {
                     <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
                 >,
             >,
-            <T as tonic::codegen::Service<
-                http::Request<tonic::body::BoxBody>,
-            >>::Error: Into<StdError> + Send + Sync,
+            <T as tonic::codegen::Service<http::Request<tonic::body::BoxBody>>>::Error:
+                Into<StdError> + Send + Sync,
         {
             DdkRpcClient::new(InterceptedService::new(inner, interceptor))
         }
@@ -363,131 +362,103 @@ pub mod ddk_rpc_client {
             &mut self,
             request: impl tonic::IntoRequest<super::InfoRequest>,
         ) -> std::result::Result<tonic::Response<super::InfoResponse>, tonic::Status> {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/Info");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "Info"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "Info"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn send_offer(
             &mut self,
             request: impl tonic::IntoRequest<super::SendOfferRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::SendOfferResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::SendOfferResponse>, tonic::Status> {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/SendOffer");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "SendOffer"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "SendOffer"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn accept_offer(
             &mut self,
             request: impl tonic::IntoRequest<super::AcceptOfferRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::AcceptOfferResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::AcceptOfferResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/AcceptOffer",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/AcceptOffer");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "AcceptOffer"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "AcceptOffer"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn list_offers(
             &mut self,
             request: impl tonic::IntoRequest<super::ListOffersRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListOffersResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::ListOffersResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/ListOffers");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListOffers"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListOffers"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn new_address(
             &mut self,
             request: impl tonic::IntoRequest<super::NewAddressRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::NewAddressResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::NewAddressResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/NewAddress");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "NewAddress"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "NewAddress"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn wallet_balance(
             &mut self,
             request: impl tonic::IntoRequest<super::WalletBalanceRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::WalletBalanceResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::WalletBalanceResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/WalletBalance",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/WalletBalance");
             let mut req = request.into_request();
             req.extensions_mut()
                 .insert(GrpcMethod::new("ddkrpc.DdkRpc", "WalletBalance"));
@@ -496,64 +467,51 @@ pub mod ddk_rpc_client {
         pub async fn wallet_sync(
             &mut self,
             request: impl tonic::IntoRequest<super::WalletSyncRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::WalletSyncResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::WalletSyncResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/WalletSync");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "WalletSync"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "WalletSync"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn sync(
             &mut self,
             request: impl tonic::IntoRequest<super::SyncRequest>,
         ) -> std::result::Result<tonic::Response<super::SyncResponse>, tonic::Status> {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/Sync");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "Sync"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "Sync"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn get_wallet_transactions(
             &mut self,
             request: impl tonic::IntoRequest<super::GetWalletTransactionsRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::GetWalletTransactionsResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::GetWalletTransactionsResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/GetWalletTransactions",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/GetWalletTransactions");
             let mut req = request.into_request();
             req.extensions_mut()
                 .insert(GrpcMethod::new("ddkrpc.DdkRpc", "GetWalletTransactions"));
@@ -562,115 +520,85 @@ pub mod ddk_rpc_client {
         pub async fn list_utxos(
             &mut self,
             request: impl tonic::IntoRequest<super::ListUtxosRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListUtxosResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::ListUtxosResponse>, tonic::Status> {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/ListUtxos");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListUtxos"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListUtxos"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn list_peers(
             &mut self,
             request: impl tonic::IntoRequest<super::ListPeersRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListPeersResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::ListPeersResponse>, tonic::Status> {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/ListPeers");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListPeers"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListPeers"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn connect_peer(
             &mut self,
             request: impl tonic::IntoRequest<super::ConnectRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ConnectResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::ConnectResponse>, tonic::Status> {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/ConnectPeer",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/ConnectPeer");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "ConnectPeer"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "ConnectPeer"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn list_oracles(
             &mut self,
             request: impl tonic::IntoRequest<super::ListOraclesRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListOraclesResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::ListOraclesResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/ListOracles",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/ListOracles");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListOracles"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListOracles"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn list_contracts(
             &mut self,
             request: impl tonic::IntoRequest<super::ListContractsRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListContractsResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::ListContractsResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/ListContracts",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/ListContracts");
             let mut req = request.into_request();
             req.extensions_mut()
                 .insert(GrpcMethod::new("ddkrpc.DdkRpc", "ListContracts"));
@@ -680,41 +608,32 @@ pub mod ddk_rpc_client {
             &mut self,
             request: impl tonic::IntoRequest<super::SendRequest>,
         ) -> std::result::Result<tonic::Response<super::SendResponse>, tonic::Status> {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/Send");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "Send"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "Send"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn oracle_announcements(
             &mut self,
             request: impl tonic::IntoRequest<super::OracleAnnouncementsRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::OracleAnnouncementsResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::OracleAnnouncementsResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/OracleAnnouncements",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/OracleAnnouncements");
             let mut req = request.into_request();
             req.extensions_mut()
                 .insert(GrpcMethod::new("ddkrpc.DdkRpc", "OracleAnnouncements"));
@@ -723,45 +642,34 @@ pub mod ddk_rpc_client {
         pub async fn create_enum(
             &mut self,
             request: impl tonic::IntoRequest<super::CreateEnumRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::CreateEnumResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::CreateEnumResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
             let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/CreateEnum");
             let mut req = request.into_request();
-            req.extensions_mut().insert(GrpcMethod::new("ddkrpc.DdkRpc", "CreateEnum"));
+            req.extensions_mut()
+                .insert(GrpcMethod::new("ddkrpc.DdkRpc", "CreateEnum"));
             self.inner.unary(req, path, codec).await
         }
         pub async fn create_numeric(
             &mut self,
             request: impl tonic::IntoRequest<super::CreateNumericRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::CreateNumericResponse>,
-            tonic::Status,
-        > {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+        ) -> std::result::Result<tonic::Response<super::CreateNumericResponse>, tonic::Status>
+        {
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/CreateNumeric",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/CreateNumeric");
             let mut req = request.into_request();
             req.extensions_mut()
                 .insert(GrpcMethod::new("ddkrpc.DdkRpc", "CreateNumeric"));
@@ -771,19 +679,14 @@ pub mod ddk_rpc_client {
             &mut self,
             request: impl tonic::IntoRequest<super::SignRequest>,
         ) -> std::result::Result<tonic::Response<super::SignResponse>, tonic::Status> {
-            self.inner
-                .ready()
-                .await
-                .map_err(|e| {
-                    tonic::Status::new(
-                        tonic::Code::Unknown,
-                        format!("Service was not ready: {}", e.into()),
-                    )
-                })?;
+            self.inner.ready().await.map_err(|e| {
+                tonic::Status::new(
+                    tonic::Code::Unknown,
+                    format!("Service was not ready: {}", e.into()),
+                )
+            })?;
             let codec = tonic::codec::ProstCodec::default();
-            let path = http::uri::PathAndQuery::from_static(
-                "/ddkrpc.DdkRpc/SignAnnouncement",
-            );
+            let path = http::uri::PathAndQuery::from_static("/ddkrpc.DdkRpc/SignAnnouncement");
             let mut req = request.into_request();
             req.extensions_mut()
                 .insert(GrpcMethod::new("ddkrpc.DdkRpc", "SignAnnouncement"));
@@ -805,45 +708,27 @@ pub mod ddk_rpc_server {
         async fn send_offer(
             &self,
             request: tonic::Request<super::SendOfferRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::SendOfferResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::SendOfferResponse>, tonic::Status>;
         async fn accept_offer(
             &self,
             request: tonic::Request<super::AcceptOfferRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::AcceptOfferResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::AcceptOfferResponse>, tonic::Status>;
         async fn list_offers(
             &self,
             request: tonic::Request<super::ListOffersRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListOffersResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::ListOffersResponse>, tonic::Status>;
         async fn new_address(
             &self,
             request: tonic::Request<super::NewAddressRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::NewAddressResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::NewAddressResponse>, tonic::Status>;
         async fn wallet_balance(
             &self,
             request: tonic::Request<super::WalletBalanceRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::WalletBalanceResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::WalletBalanceResponse>, tonic::Status>;
         async fn wallet_sync(
             &self,
             request: tonic::Request<super::WalletSyncRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::WalletSyncResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::WalletSyncResponse>, tonic::Status>;
         async fn sync(
             &self,
             request: tonic::Request<super::SyncRequest>,
@@ -851,24 +736,15 @@ pub mod ddk_rpc_server {
         async fn get_wallet_transactions(
             &self,
             request: tonic::Request<super::GetWalletTransactionsRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::GetWalletTransactionsResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::GetWalletTransactionsResponse>, tonic::Status>;
         async fn list_utxos(
             &self,
             request: tonic::Request<super::ListUtxosRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListUtxosResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::ListUtxosResponse>, tonic::Status>;
         async fn list_peers(
             &self,
             request: tonic::Request<super::ListPeersRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListPeersResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::ListPeersResponse>, tonic::Status>;
         async fn connect_peer(
             &self,
             request: tonic::Request<super::ConnectRequest>,
@@ -876,17 +752,11 @@ pub mod ddk_rpc_server {
         async fn list_oracles(
             &self,
             request: tonic::Request<super::ListOraclesRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListOraclesResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::ListOraclesResponse>, tonic::Status>;
         async fn list_contracts(
             &self,
             request: tonic::Request<super::ListContractsRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::ListContractsResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::ListContractsResponse>, tonic::Status>;
         async fn send(
             &self,
             request: tonic::Request<super::SendRequest>,
@@ -894,24 +764,15 @@ pub mod ddk_rpc_server {
         async fn oracle_announcements(
             &self,
             request: tonic::Request<super::OracleAnnouncementsRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::OracleAnnouncementsResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::OracleAnnouncementsResponse>, tonic::Status>;
         async fn create_enum(
             &self,
             request: tonic::Request<super::CreateEnumRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::CreateEnumResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::CreateEnumResponse>, tonic::Status>;
         async fn create_numeric(
             &self,
             request: tonic::Request<super::CreateNumericRequest>,
-        ) -> std::result::Result<
-            tonic::Response<super::CreateNumericResponse>,
-            tonic::Status,
-        >;
+        ) -> std::result::Result<tonic::Response<super::CreateNumericResponse>, tonic::Status>;
         async fn sign_announcement(
             &self,
             request: tonic::Request<super::SignRequest>,
@@ -940,10 +801,7 @@ pub mod ddk_rpc_server {
                 max_encoding_message_size: None,
             }
         }
-        pub fn with_interceptor<F>(
-            inner: T,
-            interceptor: F,
-        ) -> InterceptedService<Self, F>
+        pub fn with_interceptor<F>(inner: T, interceptor: F) -> InterceptedService<Self, F>
         where
             F: tonic::service::Interceptor,
         {
@@ -999,21 +857,15 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/Info" => {
                     #[allow(non_camel_case_types)]
                     struct InfoSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::InfoRequest>
-                    for InfoSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::InfoRequest> for InfoSvc<T> {
                         type Response = super::InfoResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::InfoRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::info(&inner, request).await
-                            };
+                            let fut = async move { <T as DdkRpc>::info(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1043,21 +895,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/SendOffer" => {
                     #[allow(non_camel_case_types)]
                     struct SendOfferSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::SendOfferRequest>
-                    for SendOfferSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::SendOfferRequest> for SendOfferSvc<T> {
                         type Response = super::SendOfferResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::SendOfferRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::send_offer(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::send_offer(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1087,23 +934,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/AcceptOffer" => {
                     #[allow(non_camel_case_types)]
                     struct AcceptOfferSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<
-                        T: DdkRpc,
-                    > tonic::server::UnaryService<super::AcceptOfferRequest>
-                    for AcceptOfferSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::AcceptOfferRequest> for AcceptOfferSvc<T> {
                         type Response = super::AcceptOfferResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::AcceptOfferRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::accept_offer(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::accept_offer(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1133,21 +973,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/ListOffers" => {
                     #[allow(non_camel_case_types)]
                     struct ListOffersSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::ListOffersRequest>
-                    for ListOffersSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::ListOffersRequest> for ListOffersSvc<T> {
                         type Response = super::ListOffersResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::ListOffersRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::list_offers(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::list_offers(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1177,21 +1012,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/NewAddress" => {
                     #[allow(non_camel_case_types)]
                     struct NewAddressSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::NewAddressRequest>
-                    for NewAddressSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::NewAddressRequest> for NewAddressSvc<T> {
                         type Response = super::NewAddressResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::NewAddressRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::new_address(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::new_address(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1221,23 +1051,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/WalletBalance" => {
                     #[allow(non_camel_case_types)]
                     struct WalletBalanceSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<
-                        T: DdkRpc,
-                    > tonic::server::UnaryService<super::WalletBalanceRequest>
-                    for WalletBalanceSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::WalletBalanceRequest> for WalletBalanceSvc<T> {
                         type Response = super::WalletBalanceResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::WalletBalanceRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::wallet_balance(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::wallet_balance(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1267,21 +1090,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/WalletSync" => {
                     #[allow(non_camel_case_types)]
                     struct WalletSyncSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::WalletSyncRequest>
-                    for WalletSyncSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::WalletSyncRequest> for WalletSyncSvc<T> {
                         type Response = super::WalletSyncResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::WalletSyncRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::wallet_sync(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::wallet_sync(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1311,21 +1129,15 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/Sync" => {
                     #[allow(non_camel_case_types)]
                     struct SyncSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::SyncRequest>
-                    for SyncSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::SyncRequest> for SyncSvc<T> {
                         type Response = super::SyncResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::SyncRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::sync(&inner, request).await
-                            };
+                            let fut = async move { <T as DdkRpc>::sync(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1355,23 +1167,18 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/GetWalletTransactions" => {
                     #[allow(non_camel_case_types)]
                     struct GetWalletTransactionsSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<
-                        T: DdkRpc,
-                    > tonic::server::UnaryService<super::GetWalletTransactionsRequest>
-                    for GetWalletTransactionsSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::GetWalletTransactionsRequest>
+                        for GetWalletTransactionsSvc<T>
+                    {
                         type Response = super::GetWalletTransactionsResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::GetWalletTransactionsRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
                             let fut = async move {
-                                <T as DdkRpc>::get_wallet_transactions(&inner, request)
-                                    .await
+                                <T as DdkRpc>::get_wallet_transactions(&inner, request).await
                             };
                             Box::pin(fut)
                         }
@@ -1402,21 +1209,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/ListUtxos" => {
                     #[allow(non_camel_case_types)]
                     struct ListUtxosSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::ListUtxosRequest>
-                    for ListUtxosSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::ListUtxosRequest> for ListUtxosSvc<T> {
                         type Response = super::ListUtxosResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::ListUtxosRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::list_utxos(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::list_utxos(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1446,21 +1248,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/ListPeers" => {
                     #[allow(non_camel_case_types)]
                     struct ListPeersSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::ListPeersRequest>
-                    for ListPeersSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::ListPeersRequest> for ListPeersSvc<T> {
                         type Response = super::ListPeersResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::ListPeersRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::list_peers(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::list_peers(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1490,21 +1287,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/ConnectPeer" => {
                     #[allow(non_camel_case_types)]
                     struct ConnectPeerSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::ConnectRequest>
-                    for ConnectPeerSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::ConnectRequest> for ConnectPeerSvc<T> {
                         type Response = super::ConnectResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::ConnectRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::connect_peer(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::connect_peer(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1534,23 +1326,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/ListOracles" => {
                     #[allow(non_camel_case_types)]
                     struct ListOraclesSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<
-                        T: DdkRpc,
-                    > tonic::server::UnaryService<super::ListOraclesRequest>
-                    for ListOraclesSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::ListOraclesRequest> for ListOraclesSvc<T> {
                         type Response = super::ListOraclesResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::ListOraclesRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::list_oracles(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::list_oracles(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1580,23 +1365,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/ListContracts" => {
                     #[allow(non_camel_case_types)]
                     struct ListContractsSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<
-                        T: DdkRpc,
-                    > tonic::server::UnaryService<super::ListContractsRequest>
-                    for ListContractsSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::ListContractsRequest> for ListContractsSvc<T> {
                         type Response = super::ListContractsResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::ListContractsRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::list_contracts(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::list_contracts(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1626,21 +1404,15 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/Send" => {
                     #[allow(non_camel_case_types)]
                     struct SendSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::SendRequest>
-                    for SendSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::SendRequest> for SendSvc<T> {
                         type Response = super::SendResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::SendRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::send(&inner, request).await
-                            };
+                            let fut = async move { <T as DdkRpc>::send(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1670,15 +1442,11 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/OracleAnnouncements" => {
                     #[allow(non_camel_case_types)]
                     struct OracleAnnouncementsSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<
-                        T: DdkRpc,
-                    > tonic::server::UnaryService<super::OracleAnnouncementsRequest>
-                    for OracleAnnouncementsSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::OracleAnnouncementsRequest>
+                        for OracleAnnouncementsSvc<T>
+                    {
                         type Response = super::OracleAnnouncementsResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::OracleAnnouncementsRequest>,
@@ -1716,21 +1484,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/CreateEnum" => {
                     #[allow(non_camel_case_types)]
                     struct CreateEnumSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::CreateEnumRequest>
-                    for CreateEnumSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::CreateEnumRequest> for CreateEnumSvc<T> {
                         type Response = super::CreateEnumResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::CreateEnumRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::create_enum(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::create_enum(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1760,23 +1523,16 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/CreateNumeric" => {
                     #[allow(non_camel_case_types)]
                     struct CreateNumericSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<
-                        T: DdkRpc,
-                    > tonic::server::UnaryService<super::CreateNumericRequest>
-                    for CreateNumericSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::CreateNumericRequest> for CreateNumericSvc<T> {
                         type Response = super::CreateNumericResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::CreateNumericRequest>,
                         ) -> Self::Future {
                             let inner = Arc::clone(&self.0);
-                            let fut = async move {
-                                <T as DdkRpc>::create_numeric(&inner, request).await
-                            };
+                            let fut =
+                                async move { <T as DdkRpc>::create_numeric(&inner, request).await };
                             Box::pin(fut)
                         }
                     }
@@ -1806,13 +1562,9 @@ pub mod ddk_rpc_server {
                 "/ddkrpc.DdkRpc/SignAnnouncement" => {
                     #[allow(non_camel_case_types)]
                     struct SignAnnouncementSvc<T: DdkRpc>(pub Arc<T>);
-                    impl<T: DdkRpc> tonic::server::UnaryService<super::SignRequest>
-                    for SignAnnouncementSvc<T> {
+                    impl<T: DdkRpc> tonic::server::UnaryService<super::SignRequest> for SignAnnouncementSvc<T> {
                         type Response = super::SignResponse;
-                        type Future = BoxFuture<
-                            tonic::Response<Self::Response>,
-                            tonic::Status,
-                        >;
+                        type Future = BoxFuture<tonic::Response<Self::Response>, tonic::Status>;
                         fn call(
                             &mut self,
                             request: tonic::Request<super::SignRequest>,
@@ -1847,18 +1599,14 @@ pub mod ddk_rpc_server {
                     };
                     Box::pin(fut)
                 }
-                _ => {
-                    Box::pin(async move {
-                        Ok(
-                            http::Response::builder()
-                                .status(200)
-                                .header("grpc-status", "12")
-                                .header("content-type", "application/grpc")
-                                .body(empty_body())
-                                .unwrap(),
-                        )
-                    })
-                }
+                _ => Box::pin(async move {
+                    Ok(http::Response::builder()
+                        .status(200)
+                        .header("grpc-status", "12")
+                        .header("content-type", "application/grpc")
+                        .body(empty_body())
+                        .unwrap())
+                }),
             }
         }
     }
diff --git a/ddk-node/src/lib.rs b/ddk-node/src/lib.rs
index 44d2563..c1e8f28 100644
--- a/ddk-node/src/lib.rs
+++ b/ddk-node/src/lib.rs
@@ -32,14 +32,91 @@ use ddkrpc::{InfoRequest, InfoResponse};
 use opts::NodeOpts;
 use std::str::FromStr;
 use std::sync::Arc;
+use tonic::service::Interceptor;
 use tonic::transport::Server;
 use tonic::Request;
 use tonic::Response;
 use tonic::Status;
 use tonic::{async_trait, Code};
 
+use hmac::{Hmac, Mac};
+use sha2::Sha256;
+
+type HmacSha256 = Hmac<Sha256>;
+
 type Ddk = DlcDevKit<NostrDlc, PostgresStore, KormirOracleClient>;
 
+const TIMESTAMP_TOLERANCE_SECS: i64 = 300;
+
+/// HMAC authentication interceptor for gRPC requests.
+///
+/// This interceptor verifies requests using HMAC-SHA256 signatures. Clients must send:
+/// - `x-timestamp`: Unix timestamp (seconds) when the request was made
+/// - `x-signature`: HMAC-SHA256(timestamp, secret) as a hex string
+///
+/// The server verifies the signature matches and the timestamp is within 5 minutes.
+/// If no secret is configured, all requests are allowed (for localhost-only deployments).
+#[derive(Clone)]
+pub struct HmacAuthInterceptor {
+    secret: Option<Vec<u8>>,
+}
+
+impl HmacAuthInterceptor {
+    pub fn new(secret: Option<String>) -> Self {
+        Self {
+            secret: secret.map(|s| s.into_bytes()),
+        }
+    }
+
+    fn verify_signature(&self, timestamp: &str, signature: &str, secret: &[u8]) -> bool {
+        let Ok(mut mac) = HmacSha256::new_from_slice(secret) else {
+            return false;
+        };
+        mac.update(timestamp.as_bytes());
+        let expected = hex::encode(mac.finalize().into_bytes());
+        expected == signature
+    }
+}
+
+impl Interceptor for HmacAuthInterceptor {
+    fn call(&mut self, req: Request<()>) -> Result<Request<()>, Status> {
+        let Some(secret) = &self.secret else {
+            return Ok(req);
+        };
+
+        let metadata = req.metadata();
+
+        let timestamp = metadata
+            .get("x-timestamp")
+            .and_then(|v| v.to_str().ok())
+            .ok_or_else(|| Status::unauthenticated("Missing x-timestamp header"))?;
+
+        let signature = metadata
+            .get("x-signature")
+            .and_then(|v| v.to_str().ok())
+            .ok_or_else(|| Status::unauthenticated("Missing x-signature header"))?;
+
+        let ts: i64 = timestamp
+            .parse()
+            .map_err(|_| Status::unauthenticated("Invalid timestamp format"))?;
+
+        let now = std::time::SystemTime::now()
+            .duration_since(std::time::UNIX_EPOCH)
+            .map_err(|_| Status::internal("System time error"))?
+            .as_secs() as i64;
+
+        if (now - ts).abs() > TIMESTAMP_TOLERANCE_SECS {
+            return Err(Status::unauthenticated("Timestamp expired"));
+        }
+
+        if !self.verify_signature(timestamp, signature, secret) {
+            return Err(Status::unauthenticated("Invalid signature"));
+        }
+
+        Ok(req)
+    }
+}
+
 #[derive(Clone)]
 pub struct DdkNode {
     pub node: Arc<Ddk>,
@@ -53,6 +130,17 @@ impl DdkNode {
     }
 
     pub async fn serve(opts: NodeOpts) -> anyhow::Result<()> {
+        let is_localhost =
+            opts.grpc_host.starts_with("127.0.0.1") || opts.grpc_host.starts_with("localhost");
+
+        if !is_localhost && opts.api_secret.is_none() {
+            anyhow::bail!(
+                "API secret is required when binding to non-localhost address ({}). \
+                Use --api-secret to set a secret or bind to 127.0.0.1 for local-only access.",
+                opts.grpc_host
+            );
+        }
+
         let logger = Arc::new(Logger::console(
             "console_logger".to_string(),
             LogLevel::Info,
@@ -102,8 +190,11 @@ impl DdkNode {
         ddk.start()?;
         let node = DdkNode::new(ddk);
         let node_stop = node.node.clone();
+
+        let interceptor = HmacAuthInterceptor::new(opts.api_secret.clone());
+
         let server = Server::builder()
-            .add_service(DdkRpcServer::new(node))
+            .add_service(DdkRpcServer::with_interceptor(node, interceptor))
             .serve_with_shutdown(opts.grpc_host.parse()?, async {
                 tokio::signal::ctrl_c()
                     .await
@@ -111,6 +202,12 @@ impl DdkNode {
                 let _ = node_stop.stop();
             });
 
+        if opts.api_secret.is_some() {
+            tracing::info!("gRPC server starting with HMAC authentication enabled");
+        } else {
+            tracing::info!("gRPC server starting without authentication (localhost only)");
+        }
+
         server.await?;
 
         Ok(())
diff --git a/ddk-node/src/opts.rs b/ddk-node/src/opts.rs
index 01df9d0..9387097 100644
--- a/ddk-node/src/opts.rs
+++ b/ddk-node/src/opts.rs
@@ -30,9 +30,12 @@ pub struct NodeOpts {
     #[arg(help = "Listening port for the lightning network transport.")]
     pub listening_port: u16,
     #[arg(long = "grpc")]
-    #[arg(default_value = "0.0.0.0:3030")]
+    #[arg(default_value = "127.0.0.1:3030")]
     #[arg(help = "Host and port the gRPC server will run on.")]
     pub grpc_host: String,
+    #[arg(long = "api-secret")]
+    #[arg(help = "HMAC secret for gRPC authentication. Required for non-localhost bindings.")]
+    pub api_secret: Option<String>,
     #[arg(long = "esplora")]
     #[arg(default_value = "https://mutinynet.com/api")]
     #[arg(help = "Esplora server to connect to.")]