REST API v1

Endpoints

Mainnet

Spot: https://mainnet-gw.sodex.dev/api/v1/spot
Perps: https://mainnet-gw.sodex.dev/api/v1/perps

Testnet

Spot: https://testnet-gw.sodex.dev/api/v1/spot
Perps: https://testnet-gw.sodex.dev/api/v1/perps

Authentication

Public market-data endpoints are unsigned.
Authenticated REST writes use EIP-712 signatures.
API keys are used for signing only.
Account queries should use the target accountID.

For the full API key, nonce, and typed-signing rules, see the top-level Sodex Developer Documentation.

Nonces and Signing

Nonces are tracked per API key.
Each new nonce must be unique and larger than the smallest nonce in the stored high-water set.
Valid nonces must remain within (T - 2 days, T + 1 day).
Use domain spot for spot actions and futures for perps actions.

Rate Limits

All REST API requests consume request weight from a rolling one-minute window.

Weight budget: 1200 per minute
Scope: per IP address
Default unmatched endpoint weight: 20

For the full per-endpoint weight table, dynamic rules, order-placement limits, and WebSocket limits, see API Rate Limits.

Request Headers

Public read endpoints

Public read endpoints usually only require:

Accept: application/json

Signed write endpoints

Signed write endpoints use the following default headers:

Name

Type

Required

Description

Content-Type

string

true

application/json

Accept

string

true

application/json

X-API-Key

string

true

Name of the API key (e.g. "api-key-01") — a plain string, not a public key or EVM address. Must match the name of an API key created from the Sodex UI. Omit this header to sign with the master wallet directly (the "default key").

X-API-Sign

HexString

true

EIP-712 typed signature produced with the private key of either the API key named in X-API-Key, or, if that header is omitted, the master wallet. The private key is never sent — only this signature is. See Typed signature.

X-API-Nonce

uint64

true

Recommended: current timestamp in milliseconds. Must be within (T - 2 days, T + 1 day) window. Nonces are tracked per signing address (master wallet address or API key public key), not per account.

Endpoint pages include a dedicated Headers section only when they differ from this shared default.

Signed request example

# ${API_KEY_NAME} is the `name` of an API key created from the Sodex UI, e.g. "api-key-01".
# Not an EVM address, not a hex key — a plain string.
#
# ${API_SIGN} is produced by signing the payload hash with the corresponding
# API key's private key using EIP-712. See ../README.md#typed-signature.

curl -X POST ${SPOT_ENDPOINT}/trade/orders \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H "X-API-Key: ${API_KEY_NAME}" \
  -H "X-API-Sign: ${API_SIGN}" \
  -H "X-API-Nonce: ${API_NONCE}" \
  -d <JSON-Request-Body>

To sign with the master wallet directly (no API key registered), omit X-API-Key entirely. The signature must then be produced with the master wallet's private key.

Use the shared default headers above for normal signed writes. Endpoints that require additional headers such as X-API-Chain document that exception locally.

Response Format

REST endpoints return a common response envelope with:

code for status
timestamp for the server time in milliseconds
error when the request fails
data containing the endpoint-specific payload

Each endpoint's Response section only describes the endpoint-specific data payload, or notes when no endpoint-specific data is returned.

See the endpoint pages and Schema for concrete response payload definitions.

Reference Pages

PreviousAPI Rate Limits NextSpot REST API

Last updated 6 days ago