Skip to main content



Request API

All endpoints require the following additional parameters, which are placed in the header

  • x-api-key: optional, contact us to generate the apiKey and secretKey for you
  • x-api-timestamp:the millisecond timestamp of when the request was created and sent(UTC+0)
  • x-api-signature: signature(optional), for specific signature rules, see signature

Data signature


Please note that the signature is optional here. You can still access our API without signature. However, you will be limited to a lower rate. If you foresee your application having a higher rate to the Off-chain API, please contact us for a dedicated apiKey and apiSecret.

  • Endpoints use HMAC SHA256 signatures. The HMAC SHA256 signature is a keyed HMAC SHA256 operation. Use your secretKey as the key and totalParams as the value for the HMAC operation
  • The signature is not case sensitive
  • The parameters of the query string and request body are sorted in ascending order by key, with & links in the middle, and finally the x-api-timestamp in the header is spliced


  • x-api-key:754ead833a9ff0e3884ee5dd689ddba2dd1dc66af1342b754291568e01fb6a5f
  • secretKey:846dca24075f067de980a4bfbae1c02599c4c34b748ce17b40ebc94e0818a9ba

request body



After sorting and splicing


HMAC SHA256 signature:

echo -n "sign=true&symbols=BTC/USD,ETH/USD&x-api-timestamp=1669845961970" | openssl dgst -sha256 -hmac "846dca24075f067de980a4bfbae1c02599c4c34b748ce17b40ebc94e0818a9ba"
(stdin)= 0eb116708c7913cb35338fc93924775048a2cab1ddcd0aea2cd7ff90bf401bc9

Code sample

import (
func main() {
apiSecret := "" // the apiSecret secret
apiKey := "" // the apiKey
timestamp := strconv.FormatInt(time.Now().UnixMilli(), 10) // the timestamp
query := make(map[string]string) //the query parameters, it can be empty
body := make(map[string]string) // the request body,can be empty
body["sign"] = "false"
body["symbols"] = "ETH/USD"
msgForSig := GenerateMsgForSig(timestamp, query, body)
sig := ComputeSig(msgForSig, apiSecret)

func GenerateMsgForSig(timestamp string, query map[string]string, body map[string]string) string {
var sortedKeys []string
if len(query) > 0 || len(body) > 0 {
sortedKeys = make([]string, len(query)+len(body))
if len(query) > 0 {
for k := range query {
sortedKeys = append(sortedKeys, k)
if len(body) > 0 {
for k := range body {
sortedKeys = append(sortedKeys, k)
var strBuild strings.Builder
if len(sortedKeys) > 0 {
for _, k := range sortedKeys {
if len(query) > 0 {
if v, ok := query[k]; ok {
strBuild.WriteString(fmt.Sprintf("&%s=%s", k, v))
if len(body) > 0 {
if v, ok := body[k]; ok {
strBuild.WriteString(fmt.Sprintf("&%s=%s", k, v))
strBuild.WriteString(fmt.Sprintf("&%s=%s", "x-api-timestamp", timestamp))
return strings.Replace(strBuild.String(), "&", "", 1)
func ComputeSig(msgForSig, appSecret string) string {
message := []byte(msgForSig)

key := []byte(appSecret)
h := hmac.New(sha256.New, key)

return hex.EncodeToString(h.Sum(nil))

Error Codes and Messages

Any endpoint can return an ERROR The error payload is as follows:

"msg": "symbol not support",
"errorCode": "200001"

Specific error codes and messages are defined in the following table

000001Too many requests
000002Unauthorized,invalid apiKey
000003Bad request
100001System error
100002System load is too high, please try again later
200001symbol not support
200002Illegal parameter
200003Signature error