# Getting Started with SecureAPI

## <mark style="color:blue;">Introduction</mark>

AkashicPay is a secure and scalable payment platform designed to facilitate cryptocurrency transactions across multiple blockchain networks. It supports deposits, payouts, and transaction tracking with a focus on security, leveraging Confidential Virtual Machine (CVM) instances and open-source code for transparency. This API allows developers to integrate AkashicPay's functionality into their applications, enabling features like balance retrieval, transaction processing, and exchange rate queries. The documentation below provides detailed information on endpoints, parameters, responses, and best practices to help you get started.

For Mainnet and Testnet API endpoints and IP whitelisting, please contact [AkashicPay Support](https://t.me/akashicpay_support_bot).

> <mark style="color:red;">Disclaimer: AkashicPay's SecureAPI service does not collect or store Business Partner's (BP) KeyPair. This can be verfied through our public codebase and attestation protocols to ensure our SecureAPI service does not contain any malicious code.</mark>

## <mark style="color:blue;">Authentication</mark>

All API requests require the following headers:

* `x-ap-k`: Your [KeyPair (Private Key)](https://docs.akashicpay.com/dashboard/developers#generate-secondary-keypair)
* `x-ap-a`: Your [L2 address](https://app.gitbook.com/s/jTzAhj8xX1UBFrwsZKbN/guides/quick-guide#copy-address)

Example:

```sh
curl -H "x-ap-k: your-private-key" -H "x-ap-a: your-l2-address" https://xxx.xxx.xxx.xxx/getBalance
```

***

## <mark style="color:blue;">Verifying API Security</mark>

As our API accepts user private keys, it is critical to ensure that our API server operates in a highly trusted execution environment securely. To promote transparency and trust, we have open-sourced our API at <https://github.com/akashicpay/secured-api>. We provide an Attestation endpoint to verify that our service is running in a legitimate Confidential VM instance and operating in an expected state. Additionally, the Verify endpoint allows you to confirm that our running code matches the open-source version exactly. You can clone the repository to your local environment and run the same endpoint with the same seed to compare the hash. We highly recommend checking these endpoints periodically to ensure ongoing security. Any changes to the API or its environment will be announced in advance on our website and in the GitHub repository, allowing you to reference and verify them.

### <mark style="color:blue;">Attestation</mark>

**Endpoint:** `GET /`

**Description:** Attestation is the process of increasing confidence that a Confidential VM instance is legitimate and operating in an expected state.

**Request Parameters:** None

Response:

```json
// testnet
{
  "version": "1.6.0",
  "status": "running",
  "confidential": true,
  "isMocked": false,
  "isAccessible": false,
  "attestation": {
    "amd_ca_authority": "https://kdsintf.amd.com/vlek/v1/Milan/cert_chain",
    "ark": "-----BEGIN CERTIFICATE-----\nMIIGYzCCBBKgAwIBAgIDAQAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTcyMzA1WhcNNDUxMDIy\nMTcyMzA1WjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEA0Ld52RJOdeiJlqK2JdsVmD7FktuotWwX1fNg\nW41XY9Xz1HEhSUmhLz9Cu9DHRlvgJSNxbeYYsnJfvyjx1MfU0V5tkKiU1EesNFta\n1kTA0szNisdYc9isqk7mXT5+KfGRbfc4V/9zRIcE8jlHN61S1ju8X93+6dxDUrG2\nSzxqJ4BhqyYmUDruPXJSX4vUc01P7j98MpqOS95rORdGHeI52Naz5m2B+O+vjsC0\n60d37jY9LFeuOP4Meri8qgfi2S5kKqg/aF6aPtuAZQVR7u3KFYXP59XmJgtcog05\ngmI0T/OitLhuzVvpZcLph0odh/1IPXqx3+MnjD97A7fXpqGd/y8KxX7jksTEzAOg\nbKAeam3lm+3yKIcTYMlsRMXPcjNbIvmsBykD//xSniusuHBkgnlENEWx1UcbQQrs\n+gVDkuVPhsnzIRNgYvM48Y+7LGiJYnrmE8xcrexekBxrva2V9TJQqnN3Q53kt5vi\nQi3+gCfmkwC0F0tirIZbLkXPrPwzZ0M9eNxhIySb2npJfgnqz55I0u33wh4r0ZNQ\neTGfw03MBUtyuzGesGkcw+loqMaq1qR4tjGbPYxCvpCq7+OgpCCoMNit2uLo9M18\nfHz10lOMT8nWAUvRZFzteXCm+7PHdYPlmQwUw3LvenJ/ILXoQPHfbkH0CyPfhl1j\nWhJFZasCAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSFrBrRQ/fI\nrFXUxR1BSKvVeErUUzAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG\nKWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvTWlsYW4vY3JsMEYGCSqG\nSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI\nAWUDBAICBQCiAwIBMKMDAgEBA4ICAQC6m0kDp6zv4Ojfgy+zleehsx6ol0ocgVel\nETobpx+EuCsqVFRPK1jZ1sp/lyd9+0fQ0r66n7kagRk4Ca39g66WGTJMeJdqYriw\nSTjjDCKVPSesWXYPVAyDhmP5n2v+BYipZWhpvqpaiO+EGK5IBP+578QeW/sSokrK\ndHaLAxG2LhZxj9aF73fqC7OAJZ5aPonw4RE299FVarh1Tx2eT3wSgkDgutCTB1Yq\nzT5DuwvAe+co2CIVIzMDamYuSFjPN0BCgojl7V+bTou7dMsqIu/TW/rPCX9/EUcp\nKGKqPQ3P+N9r1hjEFY1plBg93t53OOo49GNI+V1zvXPLI6xIFVsh+mto2RtgEX/e\npmMKTNN6psW88qg7c1hTWtN6MbRuQ0vm+O+/2tKBF2h8THb94OvvHHoFDpbCELlq\nHnIYhxy0YKXGyaW1NjfULxrrmxVW4wcn5E8GddmvNa6yYm8scJagEi13mhGu4Jqh\n3QU3sf8iUSUr09xQDwHtOQUVIqx4maBZPBtSMf+qUDtjXSSq8lfWcd8bLr9mdsUn\nJZJ0+tuPMKmBnSH860llKk+VpVQsgqbzDIvOLvD6W1Umq25boxCYJ+TuBoa4s+HH\nCViAvgT9kf/rBq1d+ivj6skkHxuzcxbk1xv6ZGxrteJxVH7KlX7YRdZ6eARKwLe4\nAFZEAwoKCQ==\n-----END CERTIFICATE-----\n",
    "ask": "-----BEGIN CERTIFICATE-----\nMIIGiTCCBDigAwIBAgIDAQABMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTgyNDIwWhcNNDUxMDIy\nMTgyNDIwWjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJU0VWLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEAnU2drrNTfbhNQIllf+W2y+ROCbSzId1aKZft\n2T9zjZQOzjGccl17i1mIKWl7NTcB0VYXt3JxZSzOZjsjLNVAEN2MGj9TiedL+Qew\nKZX0JmQEuYjm+WKksLtxgdLp9E7EZNwNDqV1r0qRP5tB8OWkyQbIdLeu4aCz7j/S\nl1FkBytev9sbFGzt7cwnjzi9m7noqsk+uRVBp3+In35QPdcj8YflEmnHBNvuUDJh\nLCJMW8KOjP6++Phbs3iCitJcANEtW4qTNFoKW3CHlbcSCjTM8KsNbUx3A8ek5EVL\njZWH1pt9E3TfpR6XyfQKnY6kl5aEIPwdW3eFYaqCFPrIo9pQT6WuDSP4JCYJbZne\nKKIbZjzXkJt3NQG32EukYImBb9SCkm9+fS5LZFg9ojzubMX3+NkBoSXI7OPvnHMx\njup9mw5se6QUV7GqpCA2TNypolmuQ+cAaxV7JqHE8dl9pWf+Y3arb+9iiFCwFt4l\nAlJw5D0CTRTC1Y5YWFDBCrA/vGnmTnqG8C+jjUAS7cjjR8q4OPhyDmJRPnaC/ZG5\nuP0K0z6GoO/3uen9wqshCuHegLTpOeHEJRKrQFr4PVIwVOB0+ebO5FgoyOw43nyF\nD5UKBDxEB4BKo/0uAiKHLRvvgLbORbU8KARIs1EoqEjmF8UtrmQWV2hUjwzqwvHF\nei8rPxMCAwEAAaOBozCBoDAdBgNVHQ4EFgQUO8ZuGCrD/T1iZEib47dHLLT8v/gw\nHwYDVR0jBBgwFoAUhawa0UP3yKxV1MUdQUir1XhK1FMwEgYDVR0TAQH/BAgwBgEB\n/wIBADAOBgNVHQ8BAf8EBAMCAQQwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cHM6Ly9r\nZHNpbnRmLmFtZC5jb20vdmNlay92MS9NaWxhbi9jcmwwRgYJKoZIhvcNAQEKMDmg\nDzANBglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKID\nAgEwowMCAQEDggIBAIgeUQScAf3lDYqgWU1VtlDbmIN8S2dC5kmQzsZ/HtAjQnLE\nPI1jh3gJbLxL6gf3K8jxctzOWnkYcbdfMOOr28KT35IaAR20rekKRFptTHhe+DFr\n3AFzZLDD7cWK29/GpPitPJDKCvI7A4Ug06rk7J0zBe1fz/qe4i2/F12rvfwCGYhc\nRxPy7QF3q8fR6GCJdB1UQ5SlwCjFxD4uezURztIlIAjMkt7DFvKRh+2zK+5plVGG\nFsjDJtMz2ud9y0pvOE4j3dH5IW9jGxaSGStqNrabnnpF236ETr1/a43b8FFKL5QN\nmt8Vr9xnXRpznqCRvqjr+kVrb6dlfuTlliXeQTMlBoRWFJORL8AcBJxGZ4K2mXft\nl1jU5TLeh5KXL9NW7a/qAOIUs2FiOhqrtzAhJRg9Ij8QkQ9Pk+cKGzw6El3T3kFr\nEg6zkxmvMuabZOsdKfRkWfhH2ZKcTlDfmH1H0zq0Q2bG3uvaVdiCtFY1LlWyB38J\nS2fNsR/Py6t5brEJCFNvzaDky6KeC4ion/cVgUai7zzS3bGQWzKDKU35SqNU2WkP\nI8xCZ00WtIiKKFnXWUQxvlKmmgZBIYPe01zD0N8atFxmWiSnfJl690B9rJpNR/fI\najxCW3Seiws6r1Zm+tCuVbMiNtpS9ThjNX4uve5thyfE2DgoxRFvY1CsoF5M\n-----END CERTIFICATE-----\n",
    "verify": "openssl verify --CAfile ./cert_chain.pem [ask|ark].pem"
  },
  "ca": "-----BEGIN CERTIFICATE-----\nMIIDuzCCAqOgAwIBAgIUInIGFng78Xd/UMo3Fz1fg1FnasIwDQYJKoZIhvcNAQEL\nBQAwbTELMAkGA1UEBhMCVUsxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9u\nZG9uMRMwEQYDVQQKDApOb3RhYm94IENBMQ0wCwYDVQQLDARSb290MRgwFgYDVQQD\nDA9Ob3RhYm94IFJvb3QgQ0EwHhcNMjUwNzI4MTEzOTUwWhcNMzAwNzI3MTEzOTUw\nWjBtMQswCQYDVQQGEwJVSzEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25k\nb24xEzARBgNVBAoMCk5vdGFib3ggQ0ExDTALBgNVBAsMBFJvb3QxGDAWBgNVBAMM\nD05vdGFib3ggUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nAN9Fv2fRVjSu+NVwl1x6ouuPAvRa/8pdABHaGm+qSx1utW4BZwozO4V35XZlmo8m\nQiif4mrBOSTN22VbjNc9ajIbAucFTEZHyN7Mv1cgGC7loTWfZmmMicXdRSeMasvH\nQGefuMDxFiwrg+Aj+FT6qwaDaoBkmIeOpZHFzactrtZMLyRHH5Hky2H9pEJ9CYR7\n1KbKhI52R65N/NgECgFosRnXWwV30WlGk0g6BbhyyQoIcZZG9WDcyNpu/ZCLNjNW\nxIjansyR6OdNgC2KVYrrrFqQ+DwlzB7ogvXIOzJNyCVufrItOGvs/eNDtSdSkI0h\nPZACfmBM5+hBeUKzuBGyuV8CAwEAAaNTMFEwHQYDVR0OBBYEFDXjLj2c5FU4is17\nx1r0mCOlAePgMB8GA1UdIwQYMBaAFDXjLj2c5FU4is17x1r0mCOlAePgMA8GA1Ud\nEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBANaWKZb19Ztp7fBHMfhT3Hcb\n3TPQTZlxvaTdChBL0EDA0fYPqE0mNNYVDoh0vHBCK0cQJMuIHaZfwBHTPl5igou1\nNbT+PhxjgWfsCva0t3ckiz0XBJ6j4gDuVzcOsPDuW6HWi9vMde7t6bwAfDCDPvtr\n7kBNIkZvIxAJroNrSvVtyQo6PyGS6zS5SIPz5togRsNv0TWKzMNPEayxIxhWoKMa\n/rrVo3WhFlW+IMjzznzDNIZ8cclNRUkm+YvA9aR9fOJ6Kz5/pstm4KgVB86GCD2v\nFtp8knq0WSQEFWmj6lcZEi/ttpxR/5hvXWUL3bJWVqQQWODNfplnWpYnOzPyIL4=\n-----END CERTIFICATE-----\n"
}

// mainnet
{
  "version": "1.6.0",
  "status": "running",
  "confidential": true,
  "isMocked": false,
  "isAccessible": false,
  "attestation": {
    "amd_ca_authority": "https://kdsintf.amd.com/vlek/v1/Milan/cert_chain",
    "ark": "-----BEGIN CERTIFICATE-----\nMIIGYzCCBBKgAwIBAgIDAQAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTcyMzA1WhcNNDUxMDIy\nMTcyMzA1WjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEA0Ld52RJOdeiJlqK2JdsVmD7FktuotWwX1fNg\nW41XY9Xz1HEhSUmhLz9Cu9DHRlvgJSNxbeYYsnJfvyjx1MfU0V5tkKiU1EesNFta\n1kTA0szNisdYc9isqk7mXT5+KfGRbfc4V/9zRIcE8jlHN61S1ju8X93+6dxDUrG2\nSzxqJ4BhqyYmUDruPXJSX4vUc01P7j98MpqOS95rORdGHeI52Naz5m2B+O+vjsC0\n60d37jY9LFeuOP4Meri8qgfi2S5kKqg/aF6aPtuAZQVR7u3KFYXP59XmJgtcog05\ngmI0T/OitLhuzVvpZcLph0odh/1IPXqx3+MnjD97A7fXpqGd/y8KxX7jksTEzAOg\nbKAeam3lm+3yKIcTYMlsRMXPcjNbIvmsBykD//xSniusuHBkgnlENEWx1UcbQQrs\n+gVDkuVPhsnzIRNgYvM48Y+7LGiJYnrmE8xcrexekBxrva2V9TJQqnN3Q53kt5vi\nQi3+gCfmkwC0F0tirIZbLkXPrPwzZ0M9eNxhIySb2npJfgnqz55I0u33wh4r0ZNQ\neTGfw03MBUtyuzGesGkcw+loqMaq1qR4tjGbPYxCvpCq7+OgpCCoMNit2uLo9M18\nfHz10lOMT8nWAUvRZFzteXCm+7PHdYPlmQwUw3LvenJ/ILXoQPHfbkH0CyPfhl1j\nWhJFZasCAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSFrBrRQ/fI\nrFXUxR1BSKvVeErUUzAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG\nKWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvTWlsYW4vY3JsMEYGCSqG\nSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI\nAWUDBAICBQCiAwIBMKMDAgEBA4ICAQC6m0kDp6zv4Ojfgy+zleehsx6ol0ocgVel\nETobpx+EuCsqVFRPK1jZ1sp/lyd9+0fQ0r66n7kagRk4Ca39g66WGTJMeJdqYriw\nSTjjDCKVPSesWXYPVAyDhmP5n2v+BYipZWhpvqpaiO+EGK5IBP+578QeW/sSokrK\ndHaLAxG2LhZxj9aF73fqC7OAJZ5aPonw4RE299FVarh1Tx2eT3wSgkDgutCTB1Yq\nzT5DuwvAe+co2CIVIzMDamYuSFjPN0BCgojl7V+bTou7dMsqIu/TW/rPCX9/EUcp\nKGKqPQ3P+N9r1hjEFY1plBg93t53OOo49GNI+V1zvXPLI6xIFVsh+mto2RtgEX/e\npmMKTNN6psW88qg7c1hTWtN6MbRuQ0vm+O+/2tKBF2h8THb94OvvHHoFDpbCELlq\nHnIYhxy0YKXGyaW1NjfULxrrmxVW4wcn5E8GddmvNa6yYm8scJagEi13mhGu4Jqh\n3QU3sf8iUSUr09xQDwHtOQUVIqx4maBZPBtSMf+qUDtjXSSq8lfWcd8bLr9mdsUn\nJZJ0+tuPMKmBnSH860llKk+VpVQsgqbzDIvOLvD6W1Umq25boxCYJ+TuBoa4s+HH\nCViAvgT9kf/rBq1d+ivj6skkHxuzcxbk1xv6ZGxrteJxVH7KlX7YRdZ6eARKwLe4\nAFZEAwoKCQ==\n-----END CERTIFICATE-----\n",
    "ask": "-----BEGIN CERTIFICATE-----\nMIIGiTCCBDigAwIBAgIDAQABMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC\nBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS\nBgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg\nQ2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp\nY2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTgyNDIwWhcNNDUxMDIy\nMTgyNDIwWjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS\nBgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j\nZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJU0VWLU1pbGFuMIICIjANBgkqhkiG\n9w0BAQEFAAOCAg8AMIICCgKCAgEAnU2drrNTfbhNQIllf+W2y+ROCbSzId1aKZft\n2T9zjZQOzjGccl17i1mIKWl7NTcB0VYXt3JxZSzOZjsjLNVAEN2MGj9TiedL+Qew\nKZX0JmQEuYjm+WKksLtxgdLp9E7EZNwNDqV1r0qRP5tB8OWkyQbIdLeu4aCz7j/S\nl1FkBytev9sbFGzt7cwnjzi9m7noqsk+uRVBp3+In35QPdcj8YflEmnHBNvuUDJh\nLCJMW8KOjP6++Phbs3iCitJcANEtW4qTNFoKW3CHlbcSCjTM8KsNbUx3A8ek5EVL\njZWH1pt9E3TfpR6XyfQKnY6kl5aEIPwdW3eFYaqCFPrIo9pQT6WuDSP4JCYJbZne\nKKIbZjzXkJt3NQG32EukYImBb9SCkm9+fS5LZFg9ojzubMX3+NkBoSXI7OPvnHMx\njup9mw5se6QUV7GqpCA2TNypolmuQ+cAaxV7JqHE8dl9pWf+Y3arb+9iiFCwFt4l\nAlJw5D0CTRTC1Y5YWFDBCrA/vGnmTnqG8C+jjUAS7cjjR8q4OPhyDmJRPnaC/ZG5\nuP0K0z6GoO/3uen9wqshCuHegLTpOeHEJRKrQFr4PVIwVOB0+ebO5FgoyOw43nyF\nD5UKBDxEB4BKo/0uAiKHLRvvgLbORbU8KARIs1EoqEjmF8UtrmQWV2hUjwzqwvHF\nei8rPxMCAwEAAaOBozCBoDAdBgNVHQ4EFgQUO8ZuGCrD/T1iZEib47dHLLT8v/gw\nHwYDVR0jBBgwFoAUhawa0UP3yKxV1MUdQUir1XhK1FMwEgYDVR0TAQH/BAgwBgEB\n/wIBADAOBgNVHQ8BAf8EBAMCAQQwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cHM6Ly9r\nZHNpbnRmLmFtZC5jb20vdmNlay92MS9NaWxhbi9jcmwwRgYJKoZIhvcNAQEKMDmg\nDzANBglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKID\nAgEwowMCAQEDggIBAIgeUQScAf3lDYqgWU1VtlDbmIN8S2dC5kmQzsZ/HtAjQnLE\nPI1jh3gJbLxL6gf3K8jxctzOWnkYcbdfMOOr28KT35IaAR20rekKRFptTHhe+DFr\n3AFzZLDD7cWK29/GpPitPJDKCvI7A4Ug06rk7J0zBe1fz/qe4i2/F12rvfwCGYhc\nRxPy7QF3q8fR6GCJdB1UQ5SlwCjFxD4uezURztIlIAjMkt7DFvKRh+2zK+5plVGG\nFsjDJtMz2ud9y0pvOE4j3dH5IW9jGxaSGStqNrabnnpF236ETr1/a43b8FFKL5QN\nmt8Vr9xnXRpznqCRvqjr+kVrb6dlfuTlliXeQTMlBoRWFJORL8AcBJxGZ4K2mXft\nl1jU5TLeh5KXL9NW7a/qAOIUs2FiOhqrtzAhJRg9Ij8QkQ9Pk+cKGzw6El3T3kFr\nEg6zkxmvMuabZOsdKfRkWfhH2ZKcTlDfmH1H0zq0Q2bG3uvaVdiCtFY1LlWyB38J\nS2fNsR/Py6t5brEJCFNvzaDky6KeC4ion/cVgUai7zzS3bGQWzKDKU35SqNU2WkP\nI8xCZ00WtIiKKFnXWUQxvlKmmgZBIYPe01zD0N8atFxmWiSnfJl690B9rJpNR/fI\najxCW3Seiws6r1Zm+tCuVbMiNtpS9ThjNX4uve5thyfE2DgoxRFvY1CsoF5M\n-----END CERTIFICATE-----\n",
    "verify": "openssl verify --CAfile ./cert_chain.pem [ask|ark].pem"
  },
  "ca": "-----BEGIN CERTIFICATE-----\nMIIDuzCCAqOgAwIBAgIUWUvucDzD0nMv17jFcpzFWISV+DswDQYJKoZIhvcNAQEL\nBQAwbTELMAkGA1UEBhMCVUsxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9u\nZG9uMRMwEQYDVQQKDApOb3RhYm94IENBMQ0wCwYDVQQLDARSb290MRgwFgYDVQQD\nDA9Ob3RhYm94IFJvb3QgQ0EwHhcNMjUwNzI4MTEzNDI0WhcNMzAwNzI3MTEzNDI0\nWjBtMQswCQYDVQQGEwJVSzEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25k\nb24xEzARBgNVBAoMCk5vdGFib3ggQ0ExDTALBgNVBAsMBFJvb3QxGDAWBgNVBAMM\nD05vdGFib3ggUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nAKrNZiY0s4btuKLROxht2CCcohVwcoX+1gcd7+HnbozRD+FyYukiKJPBIPUJVhD9\n5ei+aOTB5t4Omyg1HFDpfaesB97DTB7Bt2PNgEze7QdPAJ+s4P3PJSntodOgZiOz\n+8k+j/w26U3QxFLtcex51aYHM2GTOqlkz13TJH+6V4BmkKt/syR6lN77cy58h+fJ\ncl4Nqd6JbwGw9Izg2KQ8Lh80xAaY0B4nkEegwqKpmFqa58RdiP/qRMq4e23QLgR7\nisAHhd/NfN7/DTgHGIFNj1v7OXScoaqnqyJe5fVzH1uZ3iO9y5kgRq+QOjvVzVa1\n/9sNJ91ET1pbi7KvYQEY4a0CAwEAAaNTMFEwHQYDVR0OBBYEFEfupidmhk3MbBk0\nfBwChr7NNuObMB8GA1UdIwQYMBaAFEfupidmhk3MbBk0fBwChr7NNuObMA8GA1Ud\nEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJX60PXrBEXuXPUPgZUfP52/\nEPrAoT00jvZNNtVWNUMUbamFOBuuP+UNe+tbOcmbSZc6ubf1lCYC3QtK8w/IcP7P\nw5EGoxlY8Im9mxETtHiclelCueqIZvpTF67HT5B9q6sMUKfeRgjx3egwkA4NCIcQ\nEMvVkJlG6hzuF1boYOB9Mi4Z75wAqN/0BoLp+hoF68QSzQSyqpxjdiUksNBLbBHZ\nqJayVd43I9O0rRP+nOve2r3CJw//VAf3wLjmVi7+2viPBYJWAdWDKBPNo3aarGL7\nPmX0FxmA0/vryEdQGsFLM6Z0Ty1UZiSK/0z3NVGa0yQw+fhGUe8tL3VMZh7AygY=\n-----END CERTIFICATE-----\n"
}
```

### <mark style="color:blue;">Verify</mark>

**Endpoint:** `GET /verify/yoursalt`

**Description:** Hashes in-memory functions against a provided salt to check if files have been modified, ensuring the running code matches the source code.

**Request Parameters:** None

**Response:**

```json
// testnet
{
  "secret": "yoursalt",
  "base": "25a65ba39781a4a88eb102bddd3f01d383d84ea2935dfceba22c6fdb6c1c5b44",
  "calculated": "5379e4816d509490d874f09b954a70cdbcd0149ace0bdfc0e9f5ececa684ee0a",
  "version": "1.6.0"
}

// mainnet
{
  "secret": "yoursalt",
  "base": "25a65ba39781a4a88eb102bddd3f01d383d84ea2935dfceba22c6fdb6c1c5b44",
  "calculated": "5379e4816d509490d874f09b954a70cdbcd0149ace0bdfc0e9f5ececa684ee0a",
  "version": "1.6.0"
}

```

### <mark style="color:blue;">Certificate Configuration</mark>

Our API uses self-signed certificates and in order to avoid SSL/TLS warnings you will need to configure your client to trust our Certificate Authority (CA). This involves either installing our root CA into your OS/Browser trust store or specifying the CA certificate when performing requests to our API in your client/codebase.

#### <mark style="color:blue;">Download Certificate Authority</mark>

Use the following links to download the SecureAPI Root CA certificate:

**Mainnet Environment:**

{% file src="<https://1693597560-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqPYtEENfsAn8w0oFPcJI%2Fuploads%2FMAAoourqHRpLYuLwnZyp%2Fsecureapi-mainnet-ca.pem?alt=media&token=66d3d005-b5cd-4961-8d3d-9dcc3069a2d5>" %}

{% tabs %}
{% tab title="Bash" %}

<pre class="language-bash" data-overflow="wrap"><code class="lang-bash"># Using wget
wget https://cdn.akashicpay.com/secureapi-mainnet-ca.pem
<strong># Using curl
</strong><strong>curl -o https://cdn.akashicpay.com/secureapi-mainnet-ca.pem
</strong></code></pre>

{% endtab %}

{% tab title="PowerShell" %}
{% code overflow="wrap" %}

```powershell
Invoke-WebRequest -Uri "https://cdn.akashicpay.com/secureapi-mainnet-ca.pem" -OutFile "secureapi-mainnet-ca.crt"
```

{% endcode %}
{% endtab %}
{% endtabs %}

**Testnet Environment:**

{% file src="<https://1693597560-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqPYtEENfsAn8w0oFPcJI%2Fuploads%2FfYOxQ1qEy5c7wFOtmSA9%2Fsecureapi-testnet-ca.pem?alt=media&token=2ba88abb-f43c-400a-96e1-beab39c03c06>" %}

{% tabs %}
{% tab title="Bash" %}

<pre class="language-bash" data-overflow="wrap"><code class="lang-bash"># Using wget
wget https://cdn.akashicpay.com/secureapi-testnet-ca.pem
<strong># Using curl
</strong><strong>curl -o https://cdn.akashicpay.com/secureapi-testnet-ca.pem
</strong></code></pre>

{% endtab %}

{% tab title="PowerShell" %}
{% code overflow="wrap" %}

```powershell
Invoke-WebRequest -Uri "https://cdn.akashicpay.com/secureapi-testnet-ca.pem" -OutFile "secureapi-testnet-ca.crt"
```

{% endcode %}
{% endtab %}
{% endtabs %}

The root certificates are displayed when accessing the root of the SecureAPI and are different for both testnet and mainnet SecureAPI for example:

{% code overflow="wrap" %}

```json
"ca": "-----BEGIN CERTIFICATE-----\nMIIDuzCCAqOgAwIBAgIUInIGFng78Xd/UMo3Fz1fg1FnasIwDQYJKoZIhvcNAQEL\nBQAwbTELMAkGA1UEBhMCVUsxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9u\nZG9uMRMwEQYDVQQKDApOb3RhYm94IENBMQ0wCwYDVQQLDARSb290MRgwFgYDVQQD\nDA9Ob3RhYm94IFJvb3QgQ0EwHhcNMjUwNzI4MTEzOTUwWhcNMzAwNzI3MTEzOTUw\nWjBtMQswCQYDVQQGEwJVSzEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25k\nb24xEzARBgNVBAoMCk5vdGFib3ggQ0ExDTALBgNVBAsMBFJvb3QxGDAWBgNVBAMM\nD05vdGFib3ggUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nAN9Fv2fRVjSu+NVwl1x6ouuPAvRa/8pdABHaGm+qSx1utW4BZwozO4V35XZlmo8m\nQiif4mrBOSTN22VbjNc9ajIbAucFTEZHyN7Mv1cgGC7loTWfZmmMicXdRSeMasvH\nQGefuMDxFiwrg+Aj+FT6qwaDaoBkmIeOpZHFzactrtZMLyRHH5Hky2H9pEJ9CYR7\n1KbKhI52R65N/NgECgFosRnXWwV30WlGk0g6BbhyyQoIcZZG9WDcyNpu/ZCLNjNW\nxIjansyR6OdNgC2KVYrrrFqQ+DwlzB7ogvXIOzJNyCVufrItOGvs/eNDtSdSkI0h\nPZACfmBM5+hBeUKzuBGyuV8CAwEAAaNTMFEwHQYDVR0OBBYEFDXjLj2c5FU4is17\nx1r0mCOlAePgMB8GA1UdIwQYMBaAFDXjLj2c5FU4is17x1r0mCOlAePgMA8GA1Ud\nEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBANaWKZb19Ztp7fBHMfhT3Hcb\n3TPQTZlxvaTdChBL0EDA0fYPqE0mNNYVDoh0vHBCK0cQJMuIHaZfwBHTPl5igou1\nNbT+PhxjgWfsCva0t3ckiz0XBJ6j4gDuVzcOsPDuW6HWi9vMde7t6bwAfDCDPvtr\n7kBNIkZvIxAJroNrSvVtyQo6PyGS6zS5SIPz5togRsNv0TWKzMNPEayxIxhWoKMa\n/rrVo3WhFlW+IMjzznzDNIZ8cclNRUkm+YvA9aR9fOJ6Kz5/pstm4KgVB86GCD2v\nFtp8knq0WSQEFWmj6lcZEi/ttpxR/5hvXWUL3bJWVqQQWODNfplnWpYnOzPyIL4=\n-----END CERTIFICATE-----\n"
```

{% endcode %}

You may verify the root certificate matches with the files above, and install them once.

### <mark style="color:blue;">Root CA Installation</mark>

**Operating System Installation**

{% tabs %}
{% tab title="macOS" %}
{% code overflow="wrap" %}

```bash
# Download the certificate
curl -o https://cdn.akashicpay.com/secureapi-mainnet-ca.pem

# Install to System Keychain
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain secureapi-mainnet-ca.pem

# For user keychain (alternative)
security add-trusted-cert -d -r trustRoot -k ~/Library/Keychains/login.keychain secureapi-mainnet-ca.pem
```

{% endcode %}
{% endtab %}

{% tab title="Ubuntu/Debian" %}
{% code overflow="wrap" %}

```bash
# Download the certificate
wget https://cdn.akashicpay.com/secureapi-mainnet-ca.pem

# Install to system certificate store
sudo cp secureapi-mainnet-ca.pem /usr/local/share/ca-certificates/secureapi-mainnet-ca.pem
sudo update-ca-certificates
```

{% endcode %}
{% endtab %}

{% tab title="CentOS/RHEL/Fedora" %}
{% code overflow="wrap" %}

```bash
# Download the certificate
wget https://cdn.akashicpay.com/secureapi-mainnet-ca.pem

# Install to system certificate store
sudo cp secureapi-mainnet-ca.pem /etc/pki/ca-trust/source/anchors/
sudo update-ca-trust
```

{% endcode %}
{% endtab %}

{% tab title="Windows" %}
{% code overflow="wrap" %}

```powershell
# Download the certificate
Invoke-WebRequest -Uri "https://api.akashicpay.com/secureapi-mainnet-ca.pem" -OutFile "secureapi-mainnet-ca.crt"

# Install to certificate store (run as Administrator)
Import-Certificate -FilePath "secureapi-mainnet-ca.crt" -CertStoreLocation Cert:\LocalMachine\Root
```

{% endcode %}
{% endtab %}
{% endtabs %}

**Browser Installation**

{% tabs %}
{% tab title="Chrome/Edge" %}

1. Download the CA certificate
2. Open Chrome Settings → Privacy and Security → Security → Manage Certificates → Local certificates → Customised (Installed by you)
3. Import the certificate to "Trusted certificates"
   {% endtab %}

{% tab title="Firefox" %}

1. Download the CA certificate
2. Open Firefox Settings → Privacy & Security → View Certificates
3. Import the certificate to "Authorities" tab
   {% endtab %}
   {% endtabs %}

#### Using the Certificate in Code

After downloading the CA certificate you may specify it in your code.

{% tabs %}
{% tab title="cURL" %}

```bash
curl --cacert secureapi-mainnet-ca.pem \
  -H "x-ap-k: your-private-key" \
  -H "x-ap-a: your-l2-address" \
  https://<SecureAPI>/getBalance
```

{% endtab %}
{% endtabs %}

## <mark style="color:blue;">Best Practices</mark>

1. **Rate Limiting**: Adhere to API rate limits (contact [AkashicPay Support](https://t.me/akashicpay_support_bot) for details). Implement exponential backoff for retries to avoid overwhelming the server.
2. **Error Handling**: Always handle errors gracefully. Check for specific error codes (e.g., `FUNDS_EXCEEDED`, `INVALID_PARAMETER`) and provide user-friendly messages or fallback actions.
3. **Security**: Store private keys securely (e.g., in environment variables or a secrets manager). Regularly verify the API using the **Verify** and **Attestation** endpoints to ensure the service matches the open-source code.
4. **Parameter Validation**: Validate all inputs (e.g., `network`, `token`, `amount`) against the defined `NetworkSymbol`, `TokenSymbol`, and `Currency` values before making requests to avoid `INVALID_PARAMETER` errors.
5. **Pagination**: Use `page` and `limit` parameters for endpoints like `GET /getTransfers` to manage large datasets efficiently.
6. **Testing**: Test on Testnet environments (e.g., `Ethereum_Sepolia`, `Tron_Shasta`, `Binance_Smart_Chain_Testnet`,  `Solana_Devnet`) before deploying to Mainnet to ensure correctness.

## <mark style="color:blue;">Notes</mark>

1. All API requests must include proper authentication headers (`x-ap-k` and `x-ap-a`).
2. For production access, contact [AkashicPay Support](https://t.me/akashicpay_support_bot) to whitelist your IP addresses.
3. All amounts should be passed as strings to avoid precision issues.
4. Ensure that parameters like `network`, `requestedCurrency`, `token`, `layer`, and `status` match the defined `NetworkSymbol`, `Currency`, `TokenSymbol`, `TransactionLayer`, and `TransactionStatus` values, respectively.
5. Periodically verify the API's security using the **Verify** and **Attestation** endpoints to ensure the service is running as expected and matches the open-source code.
   1. Run the latest AkashicPay SecureAPI code from our open-source repository locally, then navigate to `/verify/your-secret` to confirm that the `calculated` hash matches the one displayed on our server at `/verify/your-secret`.