0trace
Get API

POST /v1/emergency

Resolve an order in EMERGENCY status — continue at the live rate.

POST/api/v1/emergencyAuth required

Resolves an order whose partner-facing status is EMERGENCY. Sending choice = "EXCHANGE" instructs us to resume processing at the current live rate. The order continues through its normal lifecycle and your integration takes no further action.

Orders that cannot be resolved through EXCHANGE (rate volatility, deposit anomaly, or any other manual-review trigger) are finalised by the operator. The terminal state surfaces through order.status_changed as status EXPIRED.

Request

Body
idstring (UUID)required
Order id from the original /v1/create response.
tokenstring (43-char base64url)required
Raw access token, verified against a stored hash. Mismatch, cross-partner, or missing all collapse to code 6 NOT_FOUND.
choice"EXCHANGE"required
Case-sensitive. Any other value returns code 12 EMERGENCY_INVALID_CHOICE.

Response

200 OK
{
  "code": 0,
  "msg": "",
  "data": true
}
Fields
databoolean
Always true on success. The choice has been persisted and we will act on it shortly.

Errors

codemsgHTTPDescription
1INVALID_REQUEST400Body fails validation: unsupported asset, disabled pair, unparseable amount, invalid address, FLOAT without refundAddress, malformed Idempotency-Key. The same code + HTTP 409 fires on Idempotency-Key reuse with a different payload.
2AUTH_REQUIRED401One of X-API-KEY / X-API-SIGN is missing on an endpoint that requires authentication.
3AUTH_INVALID401Unknown key, malformed signature, signature mismatch, expired or replayed nonce, decrypt failure. Generic body — never an oracle for "which" of those it was.
4AUTH_DISABLED401Partner record enabled = false. Reachable only with a valid signature, so the operator can distinguish a kill-switched partner from a stolen-and-revoked key.
5RATE_LIMIT429Per-partner weight budget exhausted within the 60-second sliding window. Response includes Retry-After: <seconds>.
6NOT_FOUND404Order does not exist OR exists but belongs to a different partner OR exists and the token is wrong. The three cases collapse to one envelope.
12EMERGENCY_INVALID_CHOICE400POST /v1/emergency body has `choice` other than `EXCHANGE`.
99INTERNAL500Unexpected server-side condition. Already logged on our side; safe to retry.

Code examples

# Resolve an order in status = "EMERGENCY" by resuming at the live rate.
APIKEY="rWqZ...Rg"
APISECRET="G1JV...n4"
NONCE=$(openssl rand -hex 16)
BODY='{"id":"1f8c5e0b-9c92-4d6a-b0a8-3c5f8d6e7a4b","token":"v8k3-Po9...43-char-base64url","choice":"EXCHANGE"}'
SIGN=$(printf '%s' "$BODY" | openssl dgst -sha256 -hmac "$APISECRET" | sed 's/^.* //')

curl -sS -X POST "https://0trace.io/api/v1/emergency" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: $APIKEY" \
  -H "X-API-SIGN: $SIGN" \
  -H "X-API-NONCE: $NONCE" \
  --data "$BODY"

Rate limit

Weight 1 per call. Counts against the default 2500 weight-unit / minute sliding-window budget per partner.

Notes

Status guard. The order must currently be in EMERGENCY. A call against an order in any other state returns { code: 1, msg: "order not in emergency state" } with HTTP 400. No further detail is exposed via this endpoint. Poll /v1/order to resynchronise.

Partner API.
Same engine as 0trace.

A private partner integration surface. Signed quotes, server-side pricing, webhook delivery, multiple reference codes, and a self-serve cabinet — all backed by the production exchange engine.

Support

Questions? Answers.

Get the latest updates

Follow us on X
TermsPGPAPI

The 0trace team will never ask for KYC or AML. We retain no logs, metadata, or tracking cookies.

Learn more