Getting Started with SecureAPI

How to setup the AkashicPay SecureAPI for use in your applications

Introduction

AkashicPay is a secure and scalable payment platform designed to facilitate cryptocurrency transactions across multiple blockchain networks. It supports deposits, payouts, and transaction tracking with a focus on security, leveraging Confidential Virtual Machine (CVM) instances and open-source code for transparency. This API allows developers to integrate AkashicPay's functionality into their applications, enabling features like balance retrieval, transaction processing, and exchange rate queries. The documentation below provides detailed information on endpoints, parameters, responses, and best practices to help you get started.

For Mainnet and Testnet API endpoints and IP whitelisting, please contact [email protected].

Disclaimer: AkashicPay's SecureAPI service does not collect or store Business Partner's (BP) KeyPair. This can be verfied through our public codebase and attestation protocols to ensure our SecureAPI service does not contain any malicious code.

Authentication

All API requests require the following headers:

x-ap-k: Your KeyPair (Private Key)
x-ap-a: Your L2 address

Example:

curl -H "x-ap-k: your-private-key" -H "x-ap-a: your-l2-address" https://xxx.xxx.xxx.xxx/getBalance

Verifying API Security

As our API accepts user private keys, it is critical to ensure that our API server operates in a highly trusted execution environment securely. To promote transparency and trust, we have open-sourced our API at https://github.com/akashicpay/secured-api. We provide an Attestation endpoint to verify that our service is running in a legitimate Confidential VM instance and operating in an expected state. Additionally, the Verify endpoint allows you to confirm that our running code matches the open-source version exactly. You can clone the repository to your local environment and run the same endpoint with the same seed to compare the hash. We highly recommend checking these endpoints periodically to ensure ongoing security. Any changes to the API or its environment will be announced in advance on our website and in the GitHub repository, allowing you to reference and verify them.

Attestation

Endpoint: GET /

Description: Attestation is the process of increasing confidence that a Confidential VM instance is legitimate and operating in an expected state.

Request Parameters: None

Response:

// testnet
{
  "version": "1.5.4",
  "status": "running",
  "confidential": true,
  "isMocked": false,
  "isAccessible": false,
  "attestation": {
    "amd_ca_authority": "https://kdsintf.amd.com/vlek/v1/Milan/cert_chain",
    "ark": "-----BEGIN CERTIFICATE-----\nMIIGYzCCBBKgAwIBAgIDAQAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTcyMzA1WhcNNDUxMDIy\nMTcyMzA1WjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEA0Ld52RJOdeiJlqK2JdsVmD7FktuotWwX1fNg\nW41XY9Xz1HEhSUmhLz9Cu9DHRlvgJSNxbeYYsnJfvyjx1MfU0V5tkKiU1EesNFta\n1kTA0szNisdYc9isqk7mXT5+KfGRbfc4V/9zRIcE8jlHN61S1ju8X93+6dxDUrG2\nSzxqJ4BhqyYmUDruPXJSX4vUc01P7j98MpqOS95rORdGHeI52Naz5m2B+O+vjsC0\n60d37jY9LFeuOP4Meri8qgfi2S5kKqg/aF6aPtuAZQVR7u3KFYXP59XmJgtcog05\ngmI0T/OitLhuzVvpZcLph0odh/1IPXqx3+MnjD97A7fXpqGd/y8KxX7jksTEzAOg\nbKAeam3lm+3yKIcTYMlsRMXPcjNbIvmsBykD//xSniusuHBkgnlENEWx1UcbQQrs\n+gVDkuVPhsnzIRNgYvM48Y+7LGiJYnrmE8xcrexekBxrva2V9TJQqnN3Q53kt5vi\nQi3+gCfmkwC0F0tirIZbLkXPrPwzZ0M9eNxhIySb2npJfgnqz55I0u33wh4r0ZNQ\neTGfw03MBUtyuzGesGkcw+loqMaq1qR4tjGbPYxCvpCq7+OgpCCoMNit2uLo9M18\nfHz10lOMT8nWAUvRZFzteXCm+7PHdYPlmQwUw3LvenJ/ILXoQPHfbkH0CyPfhl1j\nWhJFZasCAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSFrBrRQ/fI\nrFXUxR1BSKvVeErUUzAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG\nKWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvTWlsYW4vY3JsMEYGCSqG\nSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI\nAWUDBAICBQCiAwIBMKMDAgEBA4ICAQC6m0kDp6zv4Ojfgy+zleehsx6ol0ocgVel\nETobpx+EuCsqVFRPK1jZ1sp/lyd9+0fQ0r66n7kagRk4Ca39g66WGTJMeJdqYriw\nSTjjDCKVPSesWXYPVAyDhmP5n2v+BYipZWhpvqpaiO+EGK5IBP+578QeW/sSokrK\ndHaLAxG2LhZxj9aF73fqC7OAJZ5aPonw4RE299FVarh1Tx2eT3wSgkDgutCTB1Yq\nzT5DuwvAe+co2CIVIzMDamYuSFjPN0BCgojl7V+bTou7dMsqIu/TW/rPCX9/EUcp\nKGKqPQ3P+N9r1hjEFY1plBg93t53OOo49GNI+V1zvXPLI6xIFVsh+mto2RtgEX/e\npmMKTNN6psW88qg7c1hTWtN6MbRuQ0vm+O+/2tKBF2h8THb94OvvHHoFDpbCELlq\nHnIYhxy0YKXGyaW1NjfULxrrmxVW4wcn5E8GddmvNa6yYm8scJagEi13mhGu4Jqh\n3QU3sf8iUSUr09xQDwHtOQUVIqx4maBZPBtSMf+qUDtjXSSq8lfWcd8bLr9mdsUn\nJZJ0+tuPMKmBnSH860llKk+VpVQsgqbzDIvOLvD6W1Umq25boxCYJ+TuBoa4s+HH\nCViAvgT9kf/rBq1d+ivj6skkHxuzcxbk1xv6ZGxrteJxVH7KlX7YRdZ6eARKwLe4\nAFZEAwoKCQ==\n-----END CERTIFICATE-----\n",
    "ask": "-----BEGIN CERTIFICATE-----\nMIIGiTCCBDigAwIBAgIDAQABMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTgyNDIwWhcNNDUxMDIy\nMTgyNDIwWjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJU0VWLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEAnU2drrNTfbhNQIllf+W2y+ROCbSzId1aKZft\n2T9zjZQOzjGccl17i1mIKWl7NTcB0VYXt3JxZSzOZjsjLNVAEN2MGj9TiedL+Qew\nKZX0JmQEuYjm+WKksLtxgdLp9E7EZNwNDqV1r0qRP5tB8OWkyQbIdLeu4aCz7j/S\nl1FkBytev9sbFGzt7cwnjzi9m7noqsk+uRVBp3+In35QPdcj8YflEmnHBNvuUDJh\nLCJMW8KOjP6++Phbs3iCitJcANEtW4qTNFoKW3CHlbcSCjTM8KsNbUx3A8ek5EVL\njZWH1pt9E3TfpR6XyfQKnY6kl5aEIPwdW3eFYaqCFPrIo9pQT6WuDSP4JCYJbZne\nKKIbZjzXkJt3NQG32EukYImBb9SCkm9+fS5LZFg9ojzubMX3+NkBoSXI7OPvnHMx\njup9mw5se6QUV7GqpCA2TNypolmuQ+cAaxV7JqHE8dl9pWf+Y3arb+9iiFCwFt4l\nAlJw5D0CTRTC1Y5YWFDBCrA/vGnmTnqG8C+jjUAS7cjjR8q4OPhyDmJRPnaC/ZG5\nuP0K0z6GoO/3uen9wqshCuHegLTpOeHEJRKrQFr4PVIwVOB0+ebO5FgoyOw43nyF\nD5UKBDxEB4BKo/0uAiKHLRvvgLbORbU8KARIs1EoqEjmF8UtrmQWV2hUjwzqwvHF\nei8rPxMCAwEAAaOBozCBoDAdBgNVHQ4EFgQUO8ZuGCrD/T1iZEib47dHLLT8v/gw\nHwYDVR0jBBgwFoAUhawa0UP3yKxV1MUdQUir1XhK1FMwEgYDVR0TAQH/BAgwBgEB\n/wIBADAOBgNVHQ8BAf8EBAMCAQQwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cHM6Ly9r\nZHNpbnRmLmFtZC5jb20vdmNlay92MS9NaWxhbi9jcmwwRgYJKoZIhvcNAQEKMDmg\nDzANBglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKID\nAgEwowMCAQEDggIBAIgeUQScAf3lDYqgWU1VtlDbmIN8S2dC5kmQzsZ/HtAjQnLE\nPI1jh3gJbLxL6gf3K8jxctzOWnkYcbdfMOOr28KT35IaAR20rekKRFptTHhe+DFr\n3AFzZLDD7cWK29/GpPitPJDKCvI7A4Ug06rk7J0zBe1fz/qe4i2/F12rvfwCGYhc\nRxPy7QF3q8fR6GCJdB1UQ5SlwCjFxD4uezURztIlIAjMkt7DFvKRh+2zK+5plVGG\nFsjDJtMz2ud9y0pvOE4j3dH5IW9jGxaSGStqNrabnnpF236ETr1/a43b8FFKL5QN\nmt8Vr9xnXRpznqCRvqjr+kVrb6dlfuTlliXeQTMlBoRWFJORL8AcBJxGZ4K2mXft\nl1jU5TLeh5KXL9NW7a/qAOIUs2FiOhqrtzAhJRg9Ij8QkQ9Pk+cKGzw6El3T3kFr\nEg6zkxmvMuabZOsdKfRkWfhH2ZKcTlDfmH1H0zq0Q2bG3uvaVdiCtFY1LlWyB38J\nS2fNsR/Py6t5brEJCFNvzaDky6KeC4ion/cVgUai7zzS3bGQWzKDKU35SqNU2WkP\nI8xCZ00WtIiKKFnXWUQxvlKmmgZBIYPe01zD0N8atFxmWiSnfJl690B9rJpNR/fI\najxCW3Seiws6r1Zm+tCuVbMiNtpS9ThjNX4uve5thyfE2DgoxRFvY1CsoF5M\n-----END CERTIFICATE-----\n",
    "verify": "openssl verify --CAfile ./cert_chain.pem [ask|ark].pem"
  },
  "ca": "-----BEGIN CERTIFICATE-----\nMIIDuzCCAqOgAwIBAgIUInIGFng78Xd/UMo3Fz1fg1FnasIwDQYJKoZIhvcNAQEL\nBQAwbTELMAkGA1UEBhMCVUsxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9u\nZG9uMRMwEQYDVQQKDApOb3RhYm94IENBMQ0wCwYDVQQLDARSb290MRgwFgYDVQQD\nDA9Ob3RhYm94IFJvb3QgQ0EwHhcNMjUwNzI4MTEzOTUwWhcNMzAwNzI3MTEzOTUw\nWjBtMQswCQYDVQQGEwJVSzEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25k\nb24xEzARBgNVBAoMCk5vdGFib3ggQ0ExDTALBgNVBAsMBFJvb3QxGDAWBgNVBAMM\nD05vdGFib3ggUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nAN9Fv2fRVjSu+NVwl1x6ouuPAvRa/8pdABHaGm+qSx1utW4BZwozO4V35XZlmo8m\nQiif4mrBOSTN22VbjNc9ajIbAucFTEZHyN7Mv1cgGC7loTWfZmmMicXdRSeMasvH\nQGefuMDxFiwrg+Aj+FT6qwaDaoBkmIeOpZHFzactrtZMLyRHH5Hky2H9pEJ9CYR7\n1KbKhI52R65N/NgECgFosRnXWwV30WlGk0g6BbhyyQoIcZZG9WDcyNpu/ZCLNjNW\nxIjansyR6OdNgC2KVYrrrFqQ+DwlzB7ogvXIOzJNyCVufrItOGvs/eNDtSdSkI0h\nPZACfmBM5+hBeUKzuBGyuV8CAwEAAaNTMFEwHQYDVR0OBBYEFDXjLj2c5FU4is17\nx1r0mCOlAePgMB8GA1UdIwQYMBaAFDXjLj2c5FU4is17x1r0mCOlAePgMA8GA1Ud\nEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBANaWKZb19Ztp7fBHMfhT3Hcb\n3TPQTZlxvaTdChBL0EDA0fYPqE0mNNYVDoh0vHBCK0cQJMuIHaZfwBHTPl5igou1\nNbT+PhxjgWfsCva0t3ckiz0XBJ6j4gDuVzcOsPDuW6HWi9vMde7t6bwAfDCDPvtr\n7kBNIkZvIxAJroNrSvVtyQo6PyGS6zS5SIPz5togRsNv0TWKzMNPEayxIxhWoKMa\n/rrVo3WhFlW+IMjzznzDNIZ8cclNRUkm+YvA9aR9fOJ6Kz5/pstm4KgVB86GCD2v\nFtp8knq0WSQEFWmj6lcZEi/ttpxR/5hvXWUL3bJWVqQQWODNfplnWpYnOzPyIL4=\n-----END CERTIFICATE-----\n"
}

// mainnet
{
  "version": "1.5.4",
  "status": "running",
  "confidential": true,
  "isMocked": false,
  "isAccessible": false,
  "attestation": {
    "amd_ca_authority": "https://kdsintf.amd.com/vlek/v1/Milan/cert_chain",
    "ark": "-----BEGIN CERTIFICATE-----\nMIIGYzCCBBKgAwIBAgIDAQAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTcyMzA1WhcNNDUxMDIy\nMTcyMzA1WjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEA0Ld52RJOdeiJlqK2JdsVmD7FktuotWwX1fNg\nW41XY9Xz1HEhSUmhLz9Cu9DHRlvgJSNxbeYYsnJfvyjx1MfU0V5tkKiU1EesNFta\n1kTA0szNisdYc9isqk7mXT5+KfGRbfc4V/9zRIcE8jlHN61S1ju8X93+6dxDUrG2\nSzxqJ4BhqyYmUDruPXJSX4vUc01P7j98MpqOS95rORdGHeI52Naz5m2B+O+vjsC0\n60d37jY9LFeuOP4Meri8qgfi2S5kKqg/aF6aPtuAZQVR7u3KFYXP59XmJgtcog05\ngmI0T/OitLhuzVvpZcLph0odh/1IPXqx3+MnjD97A7fXpqGd/y8KxX7jksTEzAOg\nbKAeam3lm+3yKIcTYMlsRMXPcjNbIvmsBykD//xSniusuHBkgnlENEWx1UcbQQrs\n+gVDkuVPhsnzIRNgYvM48Y+7LGiJYnrmE8xcrexekBxrva2V9TJQqnN3Q53kt5vi\nQi3+gCfmkwC0F0tirIZbLkXPrPwzZ0M9eNxhIySb2npJfgnqz55I0u33wh4r0ZNQ\neTGfw03MBUtyuzGesGkcw+loqMaq1qR4tjGbPYxCvpCq7+OgpCCoMNit2uLo9M18\nfHz10lOMT8nWAUvRZFzteXCm+7PHdYPlmQwUw3LvenJ/ILXoQPHfbkH0CyPfhl1j\nWhJFZasCAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSFrBrRQ/fI\nrFXUxR1BSKvVeErUUzAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG\nKWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvTWlsYW4vY3JsMEYGCSqG\nSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI\nAWUDBAICBQCiAwIBMKMDAgEBA4ICAQC6m0kDp6zv4Ojfgy+zleehsx6ol0ocgVel\nETobpx+EuCsqVFRPK1jZ1sp/lyd9+0fQ0r66n7kagRk4Ca39g66WGTJMeJdqYriw\nSTjjDCKVPSesWXYPVAyDhmP5n2v+BYipZWhpvqpaiO+EGK5IBP+578QeW/sSokrK\ndHaLAxG2LhZxj9aF73fqC7OAJZ5aPonw4RE299FVarh1Tx2eT3wSgkDgutCTB1Yq\nzT5DuwvAe+co2CIVIzMDamYuSFjPN0BCgojl7V+bTou7dMsqIu/TW/rPCX9/EUcp\nKGKqPQ3P+N9r1hjEFY1plBg93t53OOo49GNI+V1zvXPLI6xIFVsh+mto2RtgEX/e\npmMKTNN6psW88qg7c1hTWtN6MbRuQ0vm+O+/2tKBF2h8THb94OvvHHoFDpbCELlq\nHnIYhxy0YKXGyaW1NjfULxrrmxVW4wcn5E8GddmvNa6yYm8scJagEi13mhGu4Jqh\n3QU3sf8iUSUr09xQDwHtOQUVIqx4maBZPBtSMf+qUDtjXSSq8lfWcd8bLr9mdsUn\nJZJ0+tuPMKmBnSH860llKk+VpVQsgqbzDIvOLvD6W1Umq25boxCYJ+TuBoa4s+HH\nCViAvgT9kf/rBq1d+ivj6skkHxuzcxbk1xv6ZGxrteJxVH7KlX7YRdZ6eARKwLe4\nAFZEAwoKCQ==\n-----END CERTIFICATE-----\n",
    "ask": "-----BEGIN CERTIFICATE-----\nMIIGiTCCBDigAwIBAgIDAQABMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTgyNDIwWhcNNDUxMDIy\nMTgyNDIwWjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJU0VWLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEAnU2drrNTfbhNQIllf+W2y+ROCbSzId1aKZft\n2T9zjZQOzjGccl17i1mIKWl7NTcB0VYXt3JxZSzOZjsjLNVAEN2MGj9TiedL+Qew\nKZX0JmQEuYjm+WKksLtxgdLp9E7EZNwNDqV1r0qRP5tB8OWkyQbIdLeu4aCz7j/S\nl1FkBytev9sbFGzt7cwnjzi9m7noqsk+uRVBp3+In35QPdcj8YflEmnHBNvuUDJh\nLCJMW8KOjP6++Phbs3iCitJcANEtW4qTNFoKW3CHlbcSCjTM8KsNbUx3A8ek5EVL\njZWH1pt9E3TfpR6XyfQKnY6kl5aEIPwdW3eFYaqCFPrIo9pQT6WuDSP4JCYJbZne\nKKIbZjzXkJt3NQG32EukYImBb9SCkm9+fS5LZFg9ojzubMX3+NkBoSXI7OPvnHMx\njup9mw5se6QUV7GqpCA2TNypolmuQ+cAaxV7JqHE8dl9pWf+Y3arb+9iiFCwFt4l\nAlJw5D0CTRTC1Y5YWFDBCrA/vGnmTnqG8C+jjUAS7cjjR8q4OPhyDmJRPnaC/ZG5\nuP0K0z6GoO/3uen9wqshCuHegLTpOeHEJRKrQFr4PVIwVOB0+ebO5FgoyOw43nyF\nD5UKBDxEB4BKo/0uAiKHLRvvgLbORbU8KARIs1EoqEjmF8UtrmQWV2hUjwzqwvHF\nei8rPxMCAwEAAaOBozCBoDAdBgNVHQ4EFgQUO8ZuGCrD/T1iZEib47dHLLT8v/gw\nHwYDVR0jBBgwFoAUhawa0UP3yKxV1MUdQUir1XhK1FMwEgYDVR0TAQH/BAgwBgEB\n/wIBADAOBgNVHQ8BAf8EBAMCAQQwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cHM6Ly9r\nZHNpbnRmLmFtZC5jb20vdmNlay92MS9NaWxhbi9jcmwwRgYJKoZIhvcNAQEKMDmg\nDzANBglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKID\nAgEwowMCAQEDggIBAIgeUQScAf3lDYqgWU1VtlDbmIN8S2dC5kmQzsZ/HtAjQnLE\nPI1jh3gJbLxL6gf3K8jxctzOWnkYcbdfMOOr28KT35IaAR20rekKRFptTHhe+DFr\n3AFzZLDD7cWK29/GpPitPJDKCvI7A4Ug06rk7J0zBe1fz/qe4i2/F12rvfwCGYhc\nRxPy7QF3q8fR6GCJdB1UQ5SlwCjFxD4uezURztIlIAjMkt7DFvKRh+2zK+5plVGG\nFsjDJtMz2ud9y0pvOE4j3dH5IW9jGxaSGStqNrabnnpF236ETr1/a43b8FFKL5QN\nmt8Vr9xnXRpznqCRvqjr+kVrb6dlfuTlliXeQTMlBoRWFJORL8AcBJxGZ4K2mXft\nl1jU5TLeh5KXL9NW7a/qAOIUs2FiOhqrtzAhJRg9Ij8QkQ9Pk+cKGzw6El3T3kFr\nEg6zkxmvMuabZOsdKfRkWfhH2ZKcTlDfmH1H0zq0Q2bG3uvaVdiCtFY1LlWyB38J\nS2fNsR/Py6t5brEJCFNvzaDky6KeC4ion/cVgUai7zzS3bGQWzKDKU35SqNU2WkP\nI8xCZ00WtIiKKFnXWUQxvlKmmgZBIYPe01zD0N8atFxmWiSnfJl690B9rJpNR/fI\najxCW3Seiws6r1Zm+tCuVbMiNtpS9ThjNX4uve5thyfE2DgoxRFvY1CsoF5M\n-----END CERTIFICATE-----\n",
    "verify": "openssl verify --CAfile ./cert_chain.pem [ask|ark].pem"
  },
  "ca": "-----BEGIN CERTIFICATE-----\nMIIDuzCCAqOgAwIBAgIUWUvucDzD0nMv17jFcpzFWISV+DswDQYJKoZIhvcNAQEL\nBQAwbTELMAkGA1UEBhMCVUsxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9u\nZG9uMRMwEQYDVQQKDApOb3RhYm94IENBMQ0wCwYDVQQLDARSb290MRgwFgYDVQQD\nDA9Ob3RhYm94IFJvb3QgQ0EwHhcNMjUwNzI4MTEzNDI0WhcNMzAwNzI3MTEzNDI0\nWjBtMQswCQYDVQQGEwJVSzEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25k\nb24xEzARBgNVBAoMCk5vdGFib3ggQ0ExDTALBgNVBAsMBFJvb3QxGDAWBgNVBAMM\nD05vdGFib3ggUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nAKrNZiY0s4btuKLROxht2CCcohVwcoX+1gcd7+HnbozRD+FyYukiKJPBIPUJVhD9\n5ei+aOTB5t4Omyg1HFDpfaesB97DTB7Bt2PNgEze7QdPAJ+s4P3PJSntodOgZiOz\n+8k+j/w26U3QxFLtcex51aYHM2GTOqlkz13TJH+6V4BmkKt/syR6lN77cy58h+fJ\ncl4Nqd6JbwGw9Izg2KQ8Lh80xAaY0B4nkEegwqKpmFqa58RdiP/qRMq4e23QLgR7\nisAHhd/NfN7/DTgHGIFNj1v7OXScoaqnqyJe5fVzH1uZ3iO9y5kgRq+QOjvVzVa1\n/9sNJ91ET1pbi7KvYQEY4a0CAwEAAaNTMFEwHQYDVR0OBBYEFEfupidmhk3MbBk0\nfBwChr7NNuObMB8GA1UdIwQYMBaAFEfupidmhk3MbBk0fBwChr7NNuObMA8GA1Ud\nEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJX60PXrBEXuXPUPgZUfP52/\nEPrAoT00jvZNNtVWNUMUbamFOBuuP+UNe+tbOcmbSZc6ubf1lCYC3QtK8w/IcP7P\nw5EGoxlY8Im9mxETtHiclelCueqIZvpTF67HT5B9q6sMUKfeRgjx3egwkA4NCIcQ\nEMvVkJlG6hzuF1boYOB9Mi4Z75wAqN/0BoLp+hoF68QSzQSyqpxjdiUksNBLbBHZ\nqJayVd43I9O0rRP+nOve2r3CJw//VAf3wLjmVi7+2viPBYJWAdWDKBPNo3aarGL7\nPmX0FxmA0/vryEdQGsFLM6Z0Ty1UZiSK/0z3NVGa0yQw+fhGUe8tL3VMZh7AygY=\n-----END CERTIFICATE-----\n"
}

Verify

Endpoint: GET /verify/yoursalt

Description: Hashes in-memory functions against a provided salt to check if files have been modified, ensuring the running code matches the source code.

Request Parameters: None

Response:

// testnet
{
  "secret": "yoursalt",
  "base": "de8b126fe29d5b6a6aaf726d1b6b6eb6323379d4b77a7ad8c556772a00906686",
  "calculated": "f0aa5213fb1a454d370084112997e2346a004078a2192bda1727e83e2bfb5719",
  "version": "1.5.4"
}

// mainnet
{
  "secret": "yoursalt",
  "base": "de8b126fe29d5b6a6aaf726d1b6b6eb6323379d4b77a7ad8c556772a00906686",
  "calculated": "f0aa5213fb1a454d370084112997e2346a004078a2192bda1727e83e2bfb5719",
  "version": "1.5.4"
}

Certificate Configuration

Our API uses self-signed certificates and in order to avoid SSL/TLS warnings you will need to configure your client to trust our Certificate Authority (CA). This involves either installing our root CA into your OS/Browser trust store or specifying the CA certificate when performing requests to our API in your client/codebase.

Download Certificate Authority

Use the following links to download the SecureAPI Root CA certificate:

Mainnet Environment:

1KB

secureapi-mainnet-ca.pem

# Using wget
wget https://cdn.akashicpay.com/secureapi-mainnet-ca.pem
# Using curl
curl -o https://cdn.akashicpay.com/secureapi-mainnet-ca.pem

Invoke-WebRequest -Uri "https://cdn.akashicpay.com/secureapi-mainnet-ca.pem" -OutFile "secureapi-mainnet-ca.crt"

Testnet Environment:

1KB

secureapi-testnet-ca.pem

# Using wget
wget https://cdn.akashicpay.com/secureapi-testnet-ca.pem
# Using curl
curl -o https://cdn.akashicpay.com/secureapi-testnet-ca.pem

Invoke-WebRequest -Uri "https://cdn.akashicpay.com/secureapi-testnet-ca.pem" -OutFile "secureapi-testnet-ca.crt"

The root certificates are displayed when accessing the root of the SecureAPI and are different for both testnet and mainnet SecureAPI for example:

"ca": "-----BEGIN CERTIFICATE-----\nMIIDuzCCAqOgAwIBAgIUInIGFng78Xd/UMo3Fz1fg1FnasIwDQYJKoZIhvcNAQEL\nBQAwbTELMAkGA1UEBhMCVUsxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9u\nZG9uMRMwEQYDVQQKDApOb3RhYm94IENBMQ0wCwYDVQQLDARSb290MRgwFgYDVQQD\nDA9Ob3RhYm94IFJvb3QgQ0EwHhcNMjUwNzI4MTEzOTUwWhcNMzAwNzI3MTEzOTUw\nWjBtMQswCQYDVQQGEwJVSzEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25k\nb24xEzARBgNVBAoMCk5vdGFib3ggQ0ExDTALBgNVBAsMBFJvb3QxGDAWBgNVBAMM\nD05vdGFib3ggUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nAN9Fv2fRVjSu+NVwl1x6ouuPAvRa/8pdABHaGm+qSx1utW4BZwozO4V35XZlmo8m\nQiif4mrBOSTN22VbjNc9ajIbAucFTEZHyN7Mv1cgGC7loTWfZmmMicXdRSeMasvH\nQGefuMDxFiwrg+Aj+FT6qwaDaoBkmIeOpZHFzactrtZMLyRHH5Hky2H9pEJ9CYR7\n1KbKhI52R65N/NgECgFosRnXWwV30WlGk0g6BbhyyQoIcZZG9WDcyNpu/ZCLNjNW\nxIjansyR6OdNgC2KVYrrrFqQ+DwlzB7ogvXIOzJNyCVufrItOGvs/eNDtSdSkI0h\nPZACfmBM5+hBeUKzuBGyuV8CAwEAAaNTMFEwHQYDVR0OBBYEFDXjLj2c5FU4is17\nx1r0mCOlAePgMB8GA1UdIwQYMBaAFDXjLj2c5FU4is17x1r0mCOlAePgMA8GA1Ud\nEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBANaWKZb19Ztp7fBHMfhT3Hcb\n3TPQTZlxvaTdChBL0EDA0fYPqE0mNNYVDoh0vHBCK0cQJMuIHaZfwBHTPl5igou1\nNbT+PhxjgWfsCva0t3ckiz0XBJ6j4gDuVzcOsPDuW6HWi9vMde7t6bwAfDCDPvtr\n7kBNIkZvIxAJroNrSvVtyQo6PyGS6zS5SIPz5togRsNv0TWKzMNPEayxIxhWoKMa\n/rrVo3WhFlW+IMjzznzDNIZ8cclNRUkm+YvA9aR9fOJ6Kz5/pstm4KgVB86GCD2v\nFtp8knq0WSQEFWmj6lcZEi/ttpxR/5hvXWUL3bJWVqQQWODNfplnWpYnOzPyIL4=\n-----END CERTIFICATE-----\n"

You may verify the root certificate matches with the files above, and install them once.

Root CA Installation

Operating System Installation

# Download the certificate
curl -o https://cdn.akashicpay.com/secureapi-mainnet-ca.pem

# Install to System Keychain
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain secureapi-mainnet-ca.pem

# For user keychain (alternative)
security add-trusted-cert -d -r trustRoot -k ~/Library/Keychains/login.keychain secureapi-mainnet-ca.pem

# Download the certificate
wget https://cdn.akashicpay.com/secureapi-mainnet-ca.pem

# Install to system certificate store
sudo cp secureapi-mainnet-ca.pem /usr/local/share/ca-certificates/secureapi-mainnet-ca.pem
sudo update-ca-certificates

# Download the certificate
wget https://cdn.akashicpay.com/secureapi-mainnet-ca.pem

# Install to system certificate store
sudo cp secureapi-mainnet-ca.pem /etc/pki/ca-trust/source/anchors/
sudo update-ca-trust

# Download the certificate
Invoke-WebRequest -Uri "https://api.akashicpay.com/secureapi-mainnet-ca.pem" -OutFile "secureapi-mainnet-ca.crt"

# Install to certificate store (run as Administrator)
Import-Certificate -FilePath "secureapi-mainnet-ca.crt" -CertStoreLocation Cert:\LocalMachine\Root

Browser Installation

Download the CA certificate
Open Chrome Settings → Privacy and Security → Security → Manage Certificates → Local certificates → Customised (Installed by you)
Import the certificate to "Trusted certificates"

Using the Certificate in Code

After downloading the CA certificate you may specify it in your code.

curl --cacert secureapi-mainnet-ca.pem \
  -H "x-ap-k: your-private-key" \
  -H "x-ap-a: your-l2-address" \
  https://<SecureAPI>/getBalance

Best Practices

Rate Limiting: Adhere to API rate limits (contact [email protected] for details). Implement exponential backoff for retries to avoid overwhelming the server.
Error Handling: Always handle errors gracefully. Check for specific error codes (e.g., FUNDS_EXCEEDED, INVALID_PARAMETER) and provide user-friendly messages or fallback actions.
Security: Store private keys securely (e.g., in environment variables or a secrets manager). Regularly verify the API using the Verify and Attestation endpoints to ensure the service matches the open-source code.
Parameter Validation: Validate all inputs (e.g., network, token, amount) against the defined NetworkSymbol, TokenSymbol, and Currency values before making requests to avoid INVALID_PARAMETER errors.
Pagination: Use page and limit parameters for endpoints like GET /getTransfers to manage large datasets efficiently.
Testing: Test on Testnet environments (e.g., Ethereum_Sepolia, Tron_Shasta) before deploying to Mainnet to ensure correctness.

Notes

All API requests must include proper authentication headers (x-ap-k and x-ap-a).
For production access, contact [email protected] to whitelist your IP addresses.
All amounts should be passed as strings to avoid precision issues.
Ensure that parameters like network, requestedCurrency, token, layer, and status match the defined NetworkSymbol, Currency, TokenSymbol, TransactionLayer, and TransactionStatus values, respectively.
Periodically verify the API's security using the Verify and Attestation endpoints to ensure the service is running as expected and matches the open-source code.
1. Run the latest AkashicPay SecureAPI code from our open-source repository locally, then navigate to /verify/your-secret to confirm that the calculated hash matches the one displayed on our server at /verify/your-secret.

PreviousErrors NextFunctions

Last updated 1 day ago

Was this helpful?