Rates & Limits

PreviousGetting an API Key NextEndpoint URLs

Last updated 22 days ago

Rates & Limits

The Xyxyx API utilizes a two-tiered rate limiting system. Rate limits are determined by users' token balance. Two options are oferred to grant access to the API:

Token

Rate Limit (calls per 24h)

Requirement

Xyxyx API Key

Address holds at least 1 Xyxyx API Key token

Xyxyx Issuer Nodes (XINs)

TBA

Address holds at least 1 XIN

How rate limits are counted?

Action

API Call

Action

API Call

Action

API Call

How rate limits are enforced?

1. Wallet Verification

Each request must include the private key for the wallet you wish to use:

{
  "walletPrivateKey": "YOUR_PRIVATE_KEY_HERE"
}

Upon receiving the request:

The system checks the wallet balance using the provided walletPrivateKey.
It verifies which token the wallet holds (Xyxyx API Keys or XINs, or both).
The rate limit is applied based on the verified token type in the wallet.

In other words, when making an API request, you will include your walletPrivateKey in the request body (JSON format). Our system uses this private key to verify the associated public key and its token balance.

2. 24-Hour Rolling Window

All rate limits are enforced on a rolling 24-hour basis. This means that each API call is timestamped, and your remaining quota is calculated based on calls made within the last 24 hours. Once the limit is reached, further requests will be blocked until your usage resets below the threshold.

3. Error Handling

If your application exceeds its allocated rate limit, an HTTP 429 (Too Many Requests) status code is returned. The response may include information about how long you need to wait before making additional calls.

Please note that Xyxyx API Keys can be freely traded on the secondary market and are instantly activated by the new address. However, if the API key was used in the previous window and the new address is still within that same window when incorporating it, the node will keep the previous address' discounts.

4. XINs: 24-Hour Waiting Period

XINs incorporated by an address must wait a 24-hour period to be allowed to interact with the Xyxyx API.

Security Considerations

Do not expose your private key: Always ensure you transmit your private key securely. Ideally, you should sign the request and send the signature rather than the raw key.
Single point of authentication: Using a single private key for all requests simplifies your usage but also centralizes risk. Follow best practices to protect this key.
Separate wallets: You can maintain multiple wallets for different environments (development, testing, and production). Each wallet’s token balance is evaluated independently.

PreviousGetting an API Key NextEndpoint URLs

Last updated 22 days ago

The Xyxyx API utilizes a two-tiered rate limiting system. Rate limits are determined by users' token balance. Two options are oferred to grant access to the API:

Token

Rate Limit (calls per 24h)

Requirement

Xyxyx API Key

Address holds at least 1 Xyxyx API Key token

Xyxyx Issuer Nodes (XINs)

TBA

Address holds at least 1 XIN

How rate limits are counted?

Action

API Call

Action

API Call

Action

API Call

How rate limits are enforced?

1. Wallet Verification

Each request must include the private key for the wallet you wish to use:

{
  "walletPrivateKey": "YOUR_PRIVATE_KEY_HERE"
}

Upon receiving the request:

The system checks the wallet balance using the provided walletPrivateKey.
It verifies which token the wallet holds (Xyxyx API Keys or XINs, or both).
The rate limit is applied based on the verified token type in the wallet.

2. 24-Hour Rolling Window

3. Error Handling

Please note that Xyxyx API Keys can be freely traded on the secondary market and are instantly activated by the new address. However, if the API key was used in the previous window and the new address is still within that same window when incorporating it, the node will keep the previous address' discounts.

4. XINs: 24-Hour Waiting Period

XINs incorporated by an address must wait a 24-hour period to be allowed to interact with the Xyxyx API.

Security Considerations

Do not expose your private key: Always ensure you transmit your private key securely. Ideally, you should sign the request and send the signature rather than the raw key.
Single point of authentication: Using a single private key for all requests simplifies your usage but also centralizes risk. Follow best practices to protect this key.
Separate wallets: You can maintain multiple wallets for different environments (development, testing, and production). Each wallet’s token balance is evaluated independently.

If you have any questions regarding authentication, wallet usage, or encounter issues with rate limits, send us a message at .