@0xmonaco/core 0.8.7-develop.34bd452 → 0.8.7-develop.a107b34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. package/README.md +3 -12
  2. package/dist/api/applications/api.d.ts +61 -8
  3. package/dist/api/applications/api.js +71 -7
  4. package/dist/api/auth/api.d.ts +7 -26
  5. package/dist/api/auth/api.js +6 -42
  6. package/dist/api/base.d.ts +35 -0
  7. package/dist/api/base.js +60 -0
  8. package/dist/api/delegated-agents/api.d.ts +2 -1
  9. package/dist/api/delegated-agents/api.js +4 -0
  10. package/dist/api/faucet/api.d.ts +25 -0
  11. package/dist/api/faucet/api.js +29 -0
  12. package/dist/api/faucet/index.d.ts +1 -0
  13. package/dist/api/faucet/index.js +1 -0
  14. package/dist/api/index.d.ts +4 -0
  15. package/dist/api/index.js +4 -0
  16. package/dist/api/margin-accounts/api.d.ts +9 -5
  17. package/dist/api/margin-accounts/api.js +57 -20
  18. package/dist/api/market/api.d.ts +5 -2
  19. package/dist/api/market/api.js +19 -3
  20. package/dist/api/perp/routes.d.ts +78 -6
  21. package/dist/api/perp/routes.js +36 -6
  22. package/dist/api/positions/api.d.ts +2 -1
  23. package/dist/api/positions/api.js +13 -1
  24. package/dist/api/profile/api.d.ts +18 -1
  25. package/dist/api/profile/api.js +41 -1
  26. package/dist/api/sub-accounts/api.d.ts +62 -0
  27. package/dist/api/sub-accounts/api.js +80 -0
  28. package/dist/api/sub-accounts/index.d.ts +1 -0
  29. package/dist/api/sub-accounts/index.js +1 -0
  30. package/dist/api/trades/api.d.ts +12 -1
  31. package/dist/api/trades/api.js +13 -1
  32. package/dist/api/trading/api.d.ts +5 -2
  33. package/dist/api/trading/api.js +7 -24
  34. package/dist/api/vault/api.d.ts +70 -26
  35. package/dist/api/vault/api.js +124 -39
  36. package/dist/api/vault/index.d.ts +1 -1
  37. package/dist/api/vault/index.js +1 -1
  38. package/dist/api/whitelist/api.d.ts +27 -0
  39. package/dist/api/whitelist/api.js +32 -0
  40. package/dist/api/whitelist/index.d.ts +1 -0
  41. package/dist/api/whitelist/index.js +1 -0
  42. package/dist/api/withdrawals/api.d.ts +17 -0
  43. package/dist/api/withdrawals/api.js +30 -0
  44. package/dist/api/withdrawals/index.d.ts +1 -0
  45. package/dist/api/withdrawals/index.js +1 -0
  46. package/dist/coverage.d.ts +92 -0
  47. package/dist/coverage.js +92 -0
  48. package/dist/sdk.d.ts +32 -1
  49. package/dist/sdk.js +88 -0
  50. package/package.json +3 -3
package/README.md CHANGED
@@ -62,26 +62,17 @@ npm install viem@^2.31.7
62
62
 
63
63
  ## Network Support
64
64
 
65
- The SDK supports the following preset networks. Configure the network by providing the `network` and `seiRpcUrl` parameters:
65
+ The SDK supports the following documented preset networks. Configure the network by providing the `network` and `seiRpcUrl` parameters:
66
66
 
67
67
  **Preset Networks:**
68
- - `"development"` - Development environment (https://develop.apimonaco.xyz)
69
68
  - `"staging"` - Staging environment (https://staging.apimonaco.xyz)
70
69
  - `"mainnet"` - Production environment (https://api.monaco.xyz)
71
- - `"local"` - Local development (http://localhost:8080)
72
70
 
73
71
  WebSocket URLs are automatically resolved per network.
74
72
 
75
73
  ```typescript
76
74
  import { MonacoSDK } from "@0xmonaco/core";
77
75
 
78
- // Development configuration
79
- const devSdk = new MonacoSDK({
80
- walletClient,
81
- network: "development",
82
- seiRpcUrl: "https://evm-rpc-testnet.sei-apis.com",
83
- });
84
-
85
76
  // Staging configuration
86
77
  const stagingSdk = new MonacoSDK({
87
78
  walletClient,
@@ -114,7 +105,7 @@ const walletClient = createWalletClient({
114
105
 
115
106
  const monaco = new MonacoSDK({
116
107
  walletClient,
117
- network: "development", // or "staging", "mainnet", "local"
108
+ network: "staging", // or "mainnet"
118
109
  seiRpcUrl: "https://evm-rpc-testnet.sei-apis.com", // or https://evm-rpc.sei-apis.com for mainnet
119
110
  });
120
111
 
@@ -251,7 +242,7 @@ interface SDKConfig {
251
242
  /** Wallet client for signing operations (optional - can be set later via setWalletClient) */
252
243
  walletClient?: WalletClient;
253
244
 
254
- /** Network preset: "local", "development", "staging", or "mainnet" */
245
+ /** Use "staging" for public testnet or "mainnet" for production. */
255
246
  network: Network;
256
247
 
257
248
  /** RPC URL for Sei blockchain interactions */
@@ -1,23 +1,25 @@
1
1
  /**
2
2
  * Applications API Implementation
3
3
  *
4
- * Handles application configuration operations. All operations go through
5
- * the API Gateway and require valid authentication.
6
- *
7
- * This class provides an interface for retrieving application configuration
8
- * on the Monaco protocol.
4
+ * Handles application configuration and reporting operations. This is a
5
+ * mixed-auth domain: `getApplicationConfig` is session-authenticated, while
6
+ * the reporting methods are backend-authenticated via the application secret
7
+ * key (set with {@link BaseAPI.setServerKey}, sent as `x-server-key`).
9
8
  *
10
9
  * @example
11
10
  * ```typescript
12
11
  * const applicationsAPI = new ApplicationsAPIImpl(apiUrl);
13
12
  *
14
- * // Get application configuration
13
+ * // Get application configuration (session auth)
15
14
  * const config = await applicationsAPI.getApplicationConfig();
16
15
  * console.log(`App name: ${config.name}`);
17
- * console.log(`Allowed origins: ${config.allowedOrigins.join(', ')}`);
16
+ *
17
+ * // Reporting endpoints (backend auth)
18
+ * applicationsAPI.setServerKey("sk_live_...");
19
+ * const orders = await applicationsAPI.listApplicationOrders({ status: "FILLED" });
18
20
  * ```
19
21
  */
20
- import type { ApplicationConfigResponse, ApplicationsAPI } from "@0xmonaco/types";
22
+ import type { ApplicationConfigResponse, ApplicationsAPI, GetAppStatsParams, GetAppStatsResponse, ListAppBalancesParams, ListAppBalancesResponse, ListAppMovementsParams, ListAppMovementsResponse, ListAppOrdersParams, ListAppOrdersResponse, ListAppUsersParams, ListAppUsersResponse } from "@0xmonaco/types";
21
23
  import { BaseAPI } from "../base";
22
24
  export declare class ApplicationsAPIImpl extends BaseAPI implements ApplicationsAPI {
23
25
  /**
@@ -40,4 +42,55 @@ export declare class ApplicationsAPIImpl extends BaseAPI implements Applications
40
42
  * ```
41
43
  */
42
44
  getApplicationConfig(): Promise<ApplicationConfigResponse>;
45
+ /**
46
+ * Lists orders placed by the application's users.
47
+ *
48
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
49
+ *
50
+ * @param params - Pagination and filter options
51
+ * @returns Promise resolving to a paginated list of orders
52
+ * @throws {APIError} When the server key is unset or the request fails
53
+ */
54
+ listApplicationOrders(params?: ListAppOrdersParams): Promise<ListAppOrdersResponse>;
55
+ /**
56
+ * Lists the application's users.
57
+ *
58
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
59
+ *
60
+ * @param params - Pagination and filter options
61
+ * @returns Promise resolving to a paginated list of users
62
+ * @throws {APIError} When the server key is unset or the request fails
63
+ */
64
+ listApplicationUsers(params?: ListAppUsersParams): Promise<ListAppUsersResponse>;
65
+ /**
66
+ * Lists ledger movements for the application's users.
67
+ *
68
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
69
+ *
70
+ * @param params - Pagination and filter options
71
+ * @returns Promise resolving to a paginated list of movements
72
+ * @throws {APIError} When the server key is unset or the request fails
73
+ */
74
+ listApplicationMovements(params?: ListAppMovementsParams): Promise<ListAppMovementsResponse>;
75
+ /**
76
+ * Lists user balances held within the application.
77
+ *
78
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
79
+ *
80
+ * @param params - Pagination and filter options
81
+ * @returns Promise resolving to a paginated list of balances
82
+ * @throws {APIError} When the server key is unset or the request fails
83
+ */
84
+ listApplicationBalances(params?: ListAppBalancesParams): Promise<ListAppBalancesResponse>;
85
+ /**
86
+ * Gets aggregate volume and fee stats for the application.
87
+ *
88
+ * Stats are scoped to trades where the application's users were the taker.
89
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
90
+ *
91
+ * @param params - Optional `since` filter
92
+ * @returns Promise resolving to the application stats
93
+ * @throws {APIError} When the server key is unset or the request fails
94
+ */
95
+ getApplicationStats(params?: GetAppStatsParams): Promise<GetAppStatsResponse>;
43
96
  }
@@ -1,23 +1,26 @@
1
1
  /**
2
2
  * Applications API Implementation
3
3
  *
4
- * Handles application configuration operations. All operations go through
5
- * the API Gateway and require valid authentication.
6
- *
7
- * This class provides an interface for retrieving application configuration
8
- * on the Monaco protocol.
4
+ * Handles application configuration and reporting operations. This is a
5
+ * mixed-auth domain: `getApplicationConfig` is session-authenticated, while
6
+ * the reporting methods are backend-authenticated via the application secret
7
+ * key (set with {@link BaseAPI.setServerKey}, sent as `x-server-key`).
9
8
  *
10
9
  * @example
11
10
  * ```typescript
12
11
  * const applicationsAPI = new ApplicationsAPIImpl(apiUrl);
13
12
  *
14
- * // Get application configuration
13
+ * // Get application configuration (session auth)
15
14
  * const config = await applicationsAPI.getApplicationConfig();
16
15
  * console.log(`App name: ${config.name}`);
17
- * console.log(`Allowed origins: ${config.allowedOrigins.join(', ')}`);
16
+ *
17
+ * // Reporting endpoints (backend auth)
18
+ * applicationsAPI.setServerKey("sk_live_...");
19
+ * const orders = await applicationsAPI.listApplicationOrders({ status: "FILLED" });
18
20
  * ```
19
21
  */
20
22
  import { BaseAPI } from "../base";
23
+ import { perpRoutes } from "../perp/routes";
21
24
  export class ApplicationsAPIImpl extends BaseAPI {
22
25
  /**
23
26
  * Gets the configuration for the authenticated application.
@@ -51,4 +54,65 @@ export class ApplicationsAPIImpl extends BaseAPI {
51
54
  clientId: data.client_id,
52
55
  };
53
56
  }
57
+ /**
58
+ * Lists orders placed by the application's users.
59
+ *
60
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
61
+ *
62
+ * @param params - Pagination and filter options
63
+ * @returns Promise resolving to a paginated list of orders
64
+ * @throws {APIError} When the server key is unset or the request fails
65
+ */
66
+ async listApplicationOrders(params) {
67
+ return await this.makeBackendRequest(perpRoutes.applications.orders(params));
68
+ }
69
+ /**
70
+ * Lists the application's users.
71
+ *
72
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
73
+ *
74
+ * @param params - Pagination and filter options
75
+ * @returns Promise resolving to a paginated list of users
76
+ * @throws {APIError} When the server key is unset or the request fails
77
+ */
78
+ async listApplicationUsers(params) {
79
+ return await this.makeBackendRequest(perpRoutes.applications.users(params));
80
+ }
81
+ /**
82
+ * Lists ledger movements for the application's users.
83
+ *
84
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
85
+ *
86
+ * @param params - Pagination and filter options
87
+ * @returns Promise resolving to a paginated list of movements
88
+ * @throws {APIError} When the server key is unset or the request fails
89
+ */
90
+ async listApplicationMovements(params) {
91
+ return await this.makeBackendRequest(perpRoutes.applications.movements(params));
92
+ }
93
+ /**
94
+ * Lists user balances held within the application.
95
+ *
96
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
97
+ *
98
+ * @param params - Pagination and filter options
99
+ * @returns Promise resolving to a paginated list of balances
100
+ * @throws {APIError} When the server key is unset or the request fails
101
+ */
102
+ async listApplicationBalances(params) {
103
+ return await this.makeBackendRequest(perpRoutes.applications.balances(params));
104
+ }
105
+ /**
106
+ * Gets aggregate volume and fee stats for the application.
107
+ *
108
+ * Stats are scoped to trades where the application's users were the taker.
109
+ * Backend-authenticated — call {@link BaseAPI.setServerKey} first.
110
+ *
111
+ * @param params - Optional `since` filter
112
+ * @returns Promise resolving to the application stats
113
+ * @throws {APIError} When the server key is unset or the request fails
114
+ */
115
+ async getApplicationStats(params) {
116
+ return await this.makeBackendRequest(perpRoutes.applications.stats(params));
117
+ }
54
118
  }
@@ -1,11 +1,13 @@
1
1
  /**
2
2
  * Auth API Implementation
3
3
  *
4
- * Handles authentication operations including challenge creation, signature verification,
5
- * and backend authentication. All operations go through the API Gateway.
4
+ * Handles wallet authentication operations including challenge creation, signature
5
+ * verification, and session lifecycle. All operations go through the API Gateway.
6
6
  *
7
- * This class provides a complete interface for authentication on the Monaco protocol,
8
- * including frontend wallet authentication and backend service authentication.
7
+ * This class provides a complete interface for wallet-based authentication on the
8
+ * Monaco protocol. Backend services authenticate separately by setting their
9
+ * application secret key (`sk_...`) via {@link BaseAPI.setServerKey}, which is sent
10
+ * in the `x-server-key` header on backend requests — there is no token exchange.
9
11
  *
10
12
  * @example
11
13
  * ```typescript
@@ -23,12 +25,9 @@
23
25
  * challenge.nonce,
24
26
  * clientId
25
27
  * );
26
- *
27
- * // Authenticate backend service
28
- * const backendAuth = await authAPI.authenticateBackend(secretKey);
29
28
  * ```
30
29
  */
31
- import type { AuthAPI, AuthState, BackendAuthResponse, ChallengeResponse, SessionCredentials, SessionRefreshResponse } from "@0xmonaco/types";
30
+ import type { AuthAPI, AuthState, ChallengeResponse, SessionCredentials, SessionRefreshResponse } from "@0xmonaco/types";
32
31
  import type { Chain, WalletClient } from "viem";
33
32
  import { BaseAPI } from "../base";
34
33
  export declare class AuthAPIImpl extends BaseAPI implements AuthAPI {
@@ -139,24 +138,6 @@ export declare class AuthAPIImpl extends BaseAPI implements AuthAPI {
139
138
  * ```
140
139
  */
141
140
  verifySignature(address: string, signature: string, nonce: string, clientId: string, session: SessionCredentials): Promise<AuthState>;
142
- /**
143
- * Authenticates a backend service using a secret key.
144
- *
145
- * Returns JWT tokens for API access. This method is used for backend services
146
- * that need to authenticate with the Monaco API Gateway.
147
- *
148
- * @param secretKey - Secret key of the application
149
- * @returns Promise resolving to the backend auth response with JWT tokens
150
- * @throws {APIError} When backend authentication fails
151
- *
152
- * @example
153
- * ```typescript
154
- * const backendAuth = await authAPI.authenticateBackend("my-secret-key");
155
- * console.log(`Backend access token: ${backendAuth.accessToken}`);
156
- * console.log(`Application: ${backendAuth.application.name}`);
157
- * ```
158
- */
159
- authenticateBackend(secretKey: string): Promise<BackendAuthResponse>;
160
141
  /**
161
142
  * Extends the current session's expiry.
162
143
  *
@@ -1,11 +1,13 @@
1
1
  /**
2
2
  * Auth API Implementation
3
3
  *
4
- * Handles authentication operations including challenge creation, signature verification,
5
- * and backend authentication. All operations go through the API Gateway.
4
+ * Handles wallet authentication operations including challenge creation, signature
5
+ * verification, and session lifecycle. All operations go through the API Gateway.
6
6
  *
7
- * This class provides a complete interface for authentication on the Monaco protocol,
8
- * including frontend wallet authentication and backend service authentication.
7
+ * This class provides a complete interface for wallet-based authentication on the
8
+ * Monaco protocol. Backend services authenticate separately by setting their
9
+ * application secret key (`sk_...`) via {@link BaseAPI.setServerKey}, which is sent
10
+ * in the `x-server-key` header on backend requests — there is no token exchange.
9
11
  *
10
12
  * @example
11
13
  * ```typescript
@@ -23,9 +25,6 @@
23
25
  * challenge.nonce,
24
26
  * clientId
25
27
  * );
26
- *
27
- * // Authenticate backend service
28
- * const backendAuth = await authAPI.authenticateBackend(secretKey);
29
28
  * ```
30
29
  */
31
30
  import { generateSessionKeypair, privateKeyHex, publicKeyHex } from "../../crypto/session";
@@ -216,41 +215,6 @@ export class AuthAPIImpl extends BaseAPI {
216
215
  },
217
216
  };
218
217
  }
219
- /**
220
- * Authenticates a backend service using a secret key.
221
- *
222
- * Returns JWT tokens for API access. This method is used for backend services
223
- * that need to authenticate with the Monaco API Gateway.
224
- *
225
- * @param secretKey - Secret key of the application
226
- * @returns Promise resolving to the backend auth response with JWT tokens
227
- * @throws {APIError} When backend authentication fails
228
- *
229
- * @example
230
- * ```typescript
231
- * const backendAuth = await authAPI.authenticateBackend("my-secret-key");
232
- * console.log(`Backend access token: ${backendAuth.accessToken}`);
233
- * console.log(`Application: ${backendAuth.application.name}`);
234
- * ```
235
- */
236
- async authenticateBackend(secretKey) {
237
- const responseBody = await this.makePublicRequest("/api/v1/auth/backend", {
238
- method: "POST",
239
- body: JSON.stringify({
240
- secret_key: secretKey,
241
- chain_id: this.chain.id,
242
- }),
243
- });
244
- return {
245
- accessToken: responseBody.access_token,
246
- expiresAt: responseBody.expires_at,
247
- application: {
248
- id: responseBody.application.id,
249
- name: responseBody.application.name,
250
- clientId: responseBody.application.client_id,
251
- },
252
- };
253
- }
254
218
  /**
255
219
  * Extends the current session's expiry.
256
220
  *
@@ -30,6 +30,8 @@ export declare abstract class BaseAPI {
30
30
  protected readonly apiUrl: string;
31
31
  /** Active session keypair (raw bytes) used to sign authenticated requests. */
32
32
  protected sessionKeypair?: SessionKeypair;
33
+ /** Application secret key (`sk_...`) sent in the `x-server-key` header for backend-authenticated requests. */
34
+ protected serverKey?: string;
33
35
  protected retryOptions: Required<RetryOptions>;
34
36
  /**
35
37
  * Creates a new BaseAPI instance.
@@ -44,6 +46,19 @@ export declare abstract class BaseAPI {
44
46
  * @param credentials - Hex-encoded session keypair, or `undefined` to clear.
45
47
  */
46
48
  setSessionKeypair(credentials: SessionCredentials | undefined): void;
49
+ /**
50
+ * Set (or clear) the application secret key used for backend-authenticated
51
+ * requests.
52
+ *
53
+ * Backend endpoints (those annotated `#[require_backend]` on the gateway)
54
+ * authenticate with a static application secret key rather than a session
55
+ * signature. When set, the raw key is sent verbatim in the `x-server-key`
56
+ * header on every {@link makeBackendRequest}. This is independent of the
57
+ * session keypair — a client may hold both.
58
+ *
59
+ * @param serverKey - The application secret key (`sk_...`), or `undefined` to clear.
60
+ */
61
+ setServerKey(serverKey: string | undefined): void;
47
62
  /**
48
63
  * Parse request body for error logging
49
64
  *
@@ -99,6 +114,26 @@ export declare abstract class BaseAPI {
99
114
  * so a request can't be replayed with a different body.
100
115
  */
101
116
  private buildSignatureHeaders;
117
+ /**
118
+ * Makes a backend-authenticated API request using the application secret key.
119
+ *
120
+ * Sends the raw `sk_...` key (set via {@link setServerKey}) in the
121
+ * `x-server-key` header. The gateway hashes and matches it against the
122
+ * application on every request — there is no signing and no token exchange.
123
+ * Use this for endpoints annotated `#[require_backend]`.
124
+ *
125
+ * @param endpoint - The API endpoint to call (should start with /)
126
+ * @param options - Request options (method, body, headers, etc.)
127
+ * @returns Promise resolving to the response data
128
+ * @throws {APIError} When the server key is not set or the API request fails
129
+ *
130
+ * @example
131
+ * ```typescript
132
+ * this.setServerKey("sk_live_...");
133
+ * const orders = await this.makeBackendRequest<ListAppOrdersResponse>('/api/v1/applications/orders');
134
+ * ```
135
+ */
136
+ protected makeBackendRequest<T>(endpoint: string, options?: RequestInit): Promise<T>;
102
137
  /**
103
138
  * Makes an unauthenticated API request.
104
139
  *
package/dist/api/base.js CHANGED
@@ -28,6 +28,8 @@ export class BaseAPI {
28
28
  apiUrl;
29
29
  /** Active session keypair (raw bytes) used to sign authenticated requests. */
30
30
  sessionKeypair;
31
+ /** Application secret key (`sk_...`) sent in the `x-server-key` header for backend-authenticated requests. */
32
+ serverKey;
31
33
  retryOptions;
32
34
  /**
33
35
  * Creates a new BaseAPI instance.
@@ -50,6 +52,21 @@ export class BaseAPI {
50
52
  setSessionKeypair(credentials) {
51
53
  this.sessionKeypair = credentials ? keypairFromHex(credentials.publicKey, credentials.privateKey) : undefined;
52
54
  }
55
+ /**
56
+ * Set (or clear) the application secret key used for backend-authenticated
57
+ * requests.
58
+ *
59
+ * Backend endpoints (those annotated `#[require_backend]` on the gateway)
60
+ * authenticate with a static application secret key rather than a session
61
+ * signature. When set, the raw key is sent verbatim in the `x-server-key`
62
+ * header on every {@link makeBackendRequest}. This is independent of the
63
+ * session keypair — a client may hold both.
64
+ *
65
+ * @param serverKey - The application secret key (`sk_...`), or `undefined` to clear.
66
+ */
67
+ setServerKey(serverKey) {
68
+ this.serverKey = serverKey;
69
+ }
53
70
  /**
54
71
  * Parse request body for error logging
55
72
  *
@@ -170,6 +187,12 @@ export class BaseAPI {
170
187
  retryAfter,
171
188
  });
172
189
  }
190
+ // A successful response with an empty body (e.g. 204 No Content from a
191
+ // DELETE) is not an error — there is simply nothing to parse. Return
192
+ // `undefined` so void-returning methods resolve cleanly.
193
+ if (responseText.trim() === "") {
194
+ return undefined;
195
+ }
173
196
  // If response is OK but not JSON, throw a more specific error
174
197
  throw new APIError(`Expected JSON response but received ${contentType}`, {
175
198
  endpoint: url,
@@ -269,6 +292,43 @@ export class BaseAPI {
269
292
  "X-Monaco-Signature": signature,
270
293
  };
271
294
  }
295
+ /**
296
+ * Makes a backend-authenticated API request using the application secret key.
297
+ *
298
+ * Sends the raw `sk_...` key (set via {@link setServerKey}) in the
299
+ * `x-server-key` header. The gateway hashes and matches it against the
300
+ * application on every request — there is no signing and no token exchange.
301
+ * Use this for endpoints annotated `#[require_backend]`.
302
+ *
303
+ * @param endpoint - The API endpoint to call (should start with /)
304
+ * @param options - Request options (method, body, headers, etc.)
305
+ * @returns Promise resolving to the response data
306
+ * @throws {APIError} When the server key is not set or the API request fails
307
+ *
308
+ * @example
309
+ * ```typescript
310
+ * this.setServerKey("sk_live_...");
311
+ * const orders = await this.makeBackendRequest<ListAppOrdersResponse>('/api/v1/applications/orders');
312
+ * ```
313
+ */
314
+ async makeBackendRequest(endpoint, options = {}) {
315
+ if (!this.serverKey) {
316
+ throw new APIError("Server key not set. Call setServerKey(sk_...) first.", {
317
+ endpoint: `${this.apiUrl}${endpoint}`,
318
+ statusCode: StatusCodes.UNAUTHORIZED,
319
+ });
320
+ }
321
+ const url = `${this.apiUrl}${endpoint}`;
322
+ const requestBody = this.parseRequestBody(options.body);
323
+ return this.executeRequest(url, endpoint, {
324
+ ...options,
325
+ headers: {
326
+ "Content-Type": "application/json",
327
+ "x-server-key": this.serverKey,
328
+ ...options.headers,
329
+ },
330
+ }, requestBody);
331
+ }
272
332
  /**
273
333
  * Makes an unauthenticated API request.
274
334
  *
@@ -1,8 +1,9 @@
1
- import type { CreateDelegatedSessionRequest, CreateDelegatedSessionResponse, DelegatedAgent, DelegatedAgentsAPI, ListDelegatedAgentsResponse, UpsertDelegatedAgentRequest } from "@0xmonaco/types";
1
+ import type { CreateDelegatedSessionRequest, CreateDelegatedSessionResponse, DelegatedAgent, DelegatedAgentsAPI, ListDelegatedAgentsResponse, ListDelegatedOwnersResponse, UpsertDelegatedAgentRequest } from "@0xmonaco/types";
2
2
  import { BaseAPI } from "../base";
3
3
  export declare class DelegatedAgentsAPIImpl extends BaseAPI implements DelegatedAgentsAPI {
4
4
  upsertDelegatedAgent(request: UpsertDelegatedAgentRequest): Promise<DelegatedAgent>;
5
5
  listDelegatedAgents(): Promise<ListDelegatedAgentsResponse>;
6
+ listDelegatedOwners(): Promise<ListDelegatedOwnersResponse>;
6
7
  revokeDelegatedAgent(delegatedAgentId: string): Promise<{
7
8
  status: "REVOKED";
8
9
  }>;
@@ -22,6 +22,9 @@ export class DelegatedAgentsAPIImpl extends BaseAPI {
22
22
  async listDelegatedAgents() {
23
23
  return this.makeAuthenticatedRequest(perpRoutes.delegatedAgents.list());
24
24
  }
25
+ async listDelegatedOwners() {
26
+ return this.makeAuthenticatedRequest(perpRoutes.delegatedAgents.owners());
27
+ }
25
28
  async revokeDelegatedAgent(delegatedAgentId) {
26
29
  return this.makeAuthenticatedRequest(perpRoutes.delegatedAgents.byId(delegatedAgentId), {
27
30
  method: "DELETE",
@@ -32,6 +35,7 @@ export class DelegatedAgentsAPIImpl extends BaseAPI {
32
35
  method: "POST",
33
36
  body: JSON.stringify({
34
37
  owner_user_id: request.ownerUserId,
38
+ session_public_key: request.sessionPublicKey,
35
39
  }),
36
40
  });
37
41
  }
@@ -0,0 +1,25 @@
1
+ /**
2
+ * Faucet API Implementation
3
+ *
4
+ * Testnet token faucet. Session-authenticated. Performs real on-chain mints
5
+ * from a backend-operator-funded signer and is rate-limited per user
6
+ * (default 1 request / 24h). It is unavailable if the gateway operator has not
7
+ * configured a signer — the SDK caller has no control over that.
8
+ *
9
+ * @example
10
+ * ```typescript
11
+ * const { minted, failed, remaining_requests_24h } = await sdk.faucet.mint();
12
+ * ```
13
+ */
14
+ import type { FaucetAPI, MintTokensResponse } from "@0xmonaco/types";
15
+ import { BaseAPI } from "../base";
16
+ export declare class FaucetAPIImpl extends BaseAPI implements FaucetAPI {
17
+ /**
18
+ * Mints the full set of testnet tokens to the authenticated user.
19
+ *
20
+ * Partial success is possible — inspect `minted` and `failed` in the response.
21
+ *
22
+ * @returns Promise resolving to the minted/failed tokens and remaining quota
23
+ */
24
+ mint(): Promise<MintTokensResponse>;
25
+ }
@@ -0,0 +1,29 @@
1
+ /**
2
+ * Faucet API Implementation
3
+ *
4
+ * Testnet token faucet. Session-authenticated. Performs real on-chain mints
5
+ * from a backend-operator-funded signer and is rate-limited per user
6
+ * (default 1 request / 24h). It is unavailable if the gateway operator has not
7
+ * configured a signer — the SDK caller has no control over that.
8
+ *
9
+ * @example
10
+ * ```typescript
11
+ * const { minted, failed, remaining_requests_24h } = await sdk.faucet.mint();
12
+ * ```
13
+ */
14
+ import { BaseAPI } from "../base";
15
+ import { perpRoutes } from "../perp/routes";
16
+ export class FaucetAPIImpl extends BaseAPI {
17
+ /**
18
+ * Mints the full set of testnet tokens to the authenticated user.
19
+ *
20
+ * Partial success is possible — inspect `minted` and `failed` in the response.
21
+ *
22
+ * @returns Promise resolving to the minted/failed tokens and remaining quota
23
+ */
24
+ async mint() {
25
+ return await this.makeAuthenticatedRequest(perpRoutes.faucet.mint(), {
26
+ method: "POST",
27
+ });
28
+ }
29
+ }
@@ -0,0 +1 @@
1
+ export { FaucetAPIImpl } from "./api";
@@ -0,0 +1 @@
1
+ export { FaucetAPIImpl } from "./api";
@@ -6,6 +6,7 @@
6
6
  export * from "./applications/index";
7
7
  export * from "./base";
8
8
  export * from "./delegated-agents";
9
+ export * from "./faucet";
9
10
  export * from "./fees";
10
11
  export * from "./margin-accounts";
11
12
  export * from "./market";
@@ -13,7 +14,10 @@ export * from "./orderbook";
13
14
  export * from "./perp";
14
15
  export * from "./positions";
15
16
  export * from "./profile";
17
+ export * from "./sub-accounts";
16
18
  export * from "./trades";
17
19
  export * from "./trading";
18
20
  export * from "./vault";
19
21
  export * from "./websocket";
22
+ export * from "./whitelist";
23
+ export * from "./withdrawals";
package/dist/api/index.js CHANGED
@@ -6,6 +6,7 @@
6
6
  export * from "./applications/index";
7
7
  export * from "./base";
8
8
  export * from "./delegated-agents";
9
+ export * from "./faucet";
9
10
  export * from "./fees";
10
11
  export * from "./margin-accounts";
11
12
  export * from "./market";
@@ -13,7 +14,10 @@ export * from "./orderbook";
13
14
  export * from "./perp";
14
15
  export * from "./positions";
15
16
  export * from "./profile";
17
+ export * from "./sub-accounts";
16
18
  export * from "./trades";
17
19
  export * from "./trading";
18
20
  export * from "./vault";
19
21
  export * from "./websocket";
22
+ export * from "./whitelist";
23
+ export * from "./withdrawals";
@@ -1,14 +1,18 @@
1
- import type { CreateMarginAccountRequest, CreateMarginAccountResponse, GetAvailableCollateralParams, GetAvailableCollateralResponse, GetMarginAccountMovementsParams, GetMarginAccountMovementsResponse, ListMarginAccountsParams, ListMarginAccountsResponse, MarginAccountSummary, MarginAccountsAPI, SimulateOrderRiskRequest, SimulateOrderRiskResponse, TransferCollateralRequest, TransferCollateralResponse, TransferCollateralToAutoMarginAccountRequest } from "@0xmonaco/types";
1
+ import type { GetAvailableCollateralParams, GetAvailableCollateralResponse, GetMarginAccountMovementsParams, GetMarginAccountMovementsResponse, GetMarginAccountSummaryParams, ListMarginAccountsParams, ListMarginAccountsResponse, MarginAccountSummary, MarginAccountsAPI, SimulateOrderRiskRequest, SimulateOrderRiskResponse, SimulateRiskBucketOrderRiskRequest, TransferCollateralFromParentMarginAccountRequest, TransferCollateralRequest, TransferCollateralResponse, TransferCollateralToParentMarginAccountRequest, TransferCollateralToRiskBucketRequest } from "@0xmonaco/types";
2
2
  import { BaseAPI } from "../base";
3
3
  export declare class MarginAccountsAPIImpl extends BaseAPI implements MarginAccountsAPI {
4
4
  listMarginAccounts(params?: ListMarginAccountsParams): Promise<ListMarginAccountsResponse>;
5
- createMarginAccount(request?: CreateMarginAccountRequest): Promise<CreateMarginAccountResponse>;
6
- getMarginAccountSummary(marginAccountId: string): Promise<MarginAccountSummary>;
5
+ getMarginAccountSummary(marginAccountId: string, params?: GetMarginAccountSummaryParams): Promise<MarginAccountSummary>;
6
+ getParentMarginAccountSummary(params?: GetMarginAccountSummaryParams): Promise<MarginAccountSummary>;
7
7
  getAvailableCollateral(params?: GetAvailableCollateralParams): Promise<GetAvailableCollateralResponse>;
8
8
  transferCollateralToMarginAccount(marginAccountId: string, request: TransferCollateralRequest): Promise<TransferCollateralResponse>;
9
- transferCollateralToAutoMarginAccount(request: TransferCollateralToAutoMarginAccountRequest): Promise<TransferCollateralResponse>;
9
+ transferCollateralToParentMarginAccount(request: TransferCollateralToParentMarginAccountRequest): Promise<TransferCollateralResponse>;
10
+ transferCollateralToRiskBucket(request: TransferCollateralToRiskBucketRequest): Promise<TransferCollateralResponse>;
10
11
  transferCollateralFromMarginAccount(marginAccountId: string, request: TransferCollateralRequest): Promise<TransferCollateralResponse>;
12
+ transferCollateralFromParentMarginAccount(request: TransferCollateralFromParentMarginAccountRequest): Promise<TransferCollateralResponse>;
11
13
  getMarginAccountMovements(marginAccountId: string, params?: GetMarginAccountMovementsParams): Promise<GetMarginAccountMovementsResponse>;
14
+ getParentMarginAccountMovements(params?: GetMarginAccountMovementsParams): Promise<GetMarginAccountMovementsResponse>;
12
15
  simulateOrderRisk(marginAccountId: string, request: SimulateOrderRiskRequest): Promise<SimulateOrderRiskResponse>;
13
- simulateAutoMarginOrderRisk(request: SimulateOrderRiskRequest): Promise<SimulateOrderRiskResponse>;
16
+ simulateParentMarginOrderRisk(request: SimulateOrderRiskRequest): Promise<SimulateOrderRiskResponse>;
17
+ simulateRiskBucketOrderRisk(request: SimulateRiskBucketOrderRiskRequest): Promise<SimulateOrderRiskResponse>;
14
18
  }