@cubist-labs/cubesigner-sdk 0.4.241 → 0.4.244

package/src/schema.ts

@@ -1751,34 +1751,99 @@ export type webhooks = Record<string, never>;
 export interface components {
   schemas: {
     AcceptedResponse: components["schemas"]["ErrorResponse"] & Record<string, never>;
+    /** @description Different responses we return for success status codes. */
+    AcceptedValue: OneOf<
+      [
+        {
+          SignDryRun: components["schemas"]["SignDryRunArgs"];
+        },
+        {
+          BinanceDryRun: components["schemas"]["BinanceDryRunArgs"];
+        },
+        {
+          MfaRequired: components["schemas"]["MfaRequiredArgs"];
+        },
+      ]
+    >;
+    /** @enum {string} */
+    AcceptedValueCode: "SignDryRun" | "BinanceDryRun" | "MfaRequired";
+    /**
+     * @description Determines who controls the keys within an org
+     * @enum {string}
+     */
+    AccessModel: "User" | "Org";
     /**
-     * @description Different responses we return for status code "202 Accepted".
+     * @description One asset balance entry in [`AccountInfoResponse::balances`]. Distinct from
+     * [`SubAccountAsset`] because the spot-account schema lacks the `freeze` and
+     * `withdrawing` fields.
+     */
+    AccountBalance: {
+      /** @description Asset symbol (e.g. `"USDT"`, `"BTC"`). */
+      asset: string;
+      /** @description Available balance. */
+      free: string;
+      /** @description Balance locked in open orders. */
+      locked: string;
+    };
+    /**
+     * @description Parameters for `GET /api/v3/account`.
      *
-     * Even though "202 Accepted" is a successful response, we represent
-     * it as a Rust error because that makes it easy to have route handlers
-     * return `Result<T, SignerError>` where `T` is the type of the
-     * response for the status code "200 Ok".
+     * Returns Spot account info for whichever account the signing key
+     * authenticates as (master or sub).
      */
-    AcceptedValue: {
-      MfaRequired: {
-        /** @description Always set to first MFA id from `Self::ids` */
-        id: string;
-        /** @description Non-empty MFA request IDs */
-        ids: string[];
-        /** @description Organization id */
-        org_id: string;
-        /** @description Optional policy evaluation tree (included in signer responses, when requested) */
-        policy_eval_tree?: unknown;
-        session?: components["schemas"]["NewSessionResponse"] | null;
-      };
+    AccountInfoRequest: {
+      /**
+       * @description If `true`, the response omits assets with all-zero balances. Defaults to
+       * `false` (Binance's default).
+       */
+      omitZeroBalances?: boolean | null;
+    };
+    /** @description Response for [`BinanceManager::account_info`]. */
+    AccountInfoResponse: {
+      /** @description Account type, e.g. `"SPOT"`. Left as `String` for forward compatibility. */
+      accountType: string;
+      /** @description One entry per asset. Affected by the `omit_zero_balances` request flag. */
+      balances: components["schemas"]["AccountBalance"][];
+      brokered: boolean;
+      /** Format: int64 */
+      buyerCommission: number;
+      canDeposit: boolean;
+      canTrade: boolean;
+      canWithdraw: boolean;
+      commissionRates: components["schemas"]["CommissionRates"];
+      /**
+       * Format: int64
+       * @description Maker commission, in basis points (e.g. `10` = 0.1%). Superseded by
+       * [`AccountInfoResponse::commission_rates`] for fractional rates.
+       */
+      makerCommission: number;
+      /** @description Permission flags, e.g. `["SPOT", "MARGIN"]`. */
+      permissions: string[];
+      preventSor: boolean;
+      requireSelfTradePrevention: boolean;
+      /** Format: int64 */
+      sellerCommission: number;
+      /** Format: int64 */
+      takerCommission: number;
+      /**
+       * Format: int64
+       * @description Account user id.
+       */
+      uid: number;
+      /**
+       * Format: int64
+       * @description Last account update time (ms since epoch).
+       */
+      updateTime: number;
     };
-    /** @enum {string} */
-    AcceptedValueCode: "MfaRequired";
     /**
-     * @description Determines who controls the keys within an org
+     * @description Wallet type used as the source or destination of a [`UniversalTransferRequest`].
+     *
+     * Serializes to the SCREAMING_SNAKE_CASE strings Binance expects. The default
+     * is [`AccountType::Spot`].
      * @enum {string}
      */
-    AccessModel: "User" | "Org";
+    AccountType: "SPOT" | "USDT_FUTURE" | "COIN_FUTURE" | "MARGIN";
     /** @description Request to add OIDC identity to an existing user account */
     AddIdentityRequest: {
       oidc_token: string;
@@ -2075,6 +2140,8 @@ export interface components {
     AuthenticatorTransport: "usb" | "nfc" | "ble" | "internal";
     /** @description Request to sign a serialized Avalanche transaction */
     AvaSerializedTxSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -2097,6 +2164,8 @@ export interface components {
     };
     /** @description Request to sign an Avalanche transaction */
     AvaSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -2134,6 +2203,8 @@ export interface components {
     /** @description Wrapper around a zeroizing 32-byte fixed-size array */
     B32: string;
     BabylonCovSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -2327,6 +2398,8 @@ export interface components {
        */
       value: number;
     }) & {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -2797,10 +2870,15 @@ export interface components {
       | "InvalidMfaReceiptInvalidOrgId"
       | "MfaRequestNotFound"
       | "InvalidKeyType"
+      | "InvalidPropertiesForKeyType"
+      | "MismatchedKeyPropertiesPatch"
+      | "MissingBinanceApiKey"
+      | "BinanceKeyMasterMismatch"
       | "InvalidKeyMaterial"
       | "InvalidHexValue"
       | "InvalidBase32Value"
       | "InvalidBase58Value"
+      | "InvalidBase64Value"
       | "InvalidSs58Value"
       | "InvalidForkVersionLength"
       | "InvalidEthAddress"
@@ -3116,6 +3194,15 @@ export interface components {
       | "RpcCreateTransaction"
       | "RpcGetTransaction"
       | "RpcListTransactions"
+      | "RpcBinanceSubToMaster"
+      | "RpcBinanceSubToSub"
+      | "RpcBinanceUniversalTransfer"
+      | "RpcBinanceSubAccountAssets"
+      | "RpcBinanceAccountInfo"
+      | "RpcBinanceSubAccountTransferHistory"
+      | "RpcBinanceUniversalTransferHistory"
+      | "RpcBinanceWithdraw"
+      | "RpcBinanceWithdrawHistory"
       | "CustomChainRpcCall"
       | "EsploraApiCall"
       | "SentryApiCall"
@@ -3125,6 +3212,176 @@ export interface components {
       | "UserOrgs"
       | "PublicOrgInfo"
       | "EmailMyOrgs";
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceAccountInfoParams: components["schemas"]["AccountInfoRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
+    BinanceApiPropertiesPatch: {
+      /** @description The Binance-issued API key string. Encrypted server-side before storage. */
+      api_key?: string | null;
+      /** @description Email address of the Binance (master or sub) account this key authenticates as. */
+      email?: string | null;
+      /** @description Whether this corresponds to a master (as opposed to a sub) account on Binance. */
+      is_master?: boolean | null;
+      /** @description Arbitrary label. Useful for storing the corresponding API key label on the Binance side. */
+      label?: string | null;
+    };
+    BinanceDryRunArgs: {
+      /** @description The Binance API method that would have been used */
+      method: string;
+      /** @description The Binance API url method that would have been called */
+      url: string;
+    };
+    /**
+     * @description Different "dry run" modes for executing Binance requests
+     * @enum {string}
+     */
+    BinanceDryRunMode: "NO_SIGN" | "NO_SUBMIT";
+    /**
+     * @description Binance-family RPC methods. Each variant authenticates as the
+     * [`KeyType::Ed25519BinanceApi`] key in its `params.key_id`.
+     */
+    BinanceRpc:
+      | {
+          /** @enum {string} */
+          method: "cs_binanceSubToMaster";
+          params: components["schemas"]["BinanceSubToMasterParams"];
+        }
+      | {
+          /** @enum {string} */
+          method: "cs_binanceSubToSub";
+          params: components["schemas"]["BinanceSubToSubParams"];
+        }
+      | {
+          /** @enum {string} */
+          method: "cs_binanceUniversalTransfer";
+          params: components["schemas"]["BinanceUniversalTransferParams"];
+        }
+      | {
+          /** @enum {string} */
+          method: "cs_binanceSubAccountAssets";
+          params: components["schemas"]["BinanceSubAccountAssetsParams"];
+        }
+      | {
+          /** @enum {string} */
+          method: "cs_binanceAccountInfo";
+          params: components["schemas"]["BinanceAccountInfoParams"];
+        }
+      | {
+          /** @enum {string} */
+          method: "cs_binanceSubAccountTransferHistory";
+          params: components["schemas"]["BinanceSubAccountTransferHistoryParams"];
+        }
+      | {
+          /** @enum {string} */
+          method: "cs_binanceUniversalTransferHistory";
+          params: components["schemas"]["BinanceUniversalTransferHistoryParams"];
+        }
+      | {
+          /** @enum {string} */
+          method: "cs_binanceWithdraw";
+          params: components["schemas"]["BinanceWithdrawParams"];
+        }
+      | {
+          /** @enum {string} */
+          method: "cs_binanceWithdrawHistory";
+          params: components["schemas"]["BinanceWithdrawHistoryParams"];
+        };
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceSubAccountAssetsParams: components["schemas"]["SubAccountAssetsRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceSubAccountTransferHistoryParams: components["schemas"]["SubAccountTransferHistoryRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceSubToMasterParams: components["schemas"]["SubToMasterRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceSubToSubParams: components["schemas"]["SubToSubRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceUniversalTransferHistoryParams: components["schemas"]["UniversalTransferHistoryRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceUniversalTransferParams: components["schemas"]["UniversalTransferRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceWithdrawHistoryParams: components["schemas"]["WithdrawHistoryRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
+    /** @description Parameters envelope for all Binance RPC methods. */
+    BinanceWithdrawParams: components["schemas"]["WithdrawRequest"] & {
+      dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
+      keyId: components["schemas"]["Id"];
+      /**
+       * @description Optional "receive window", i.e., for how long the request stays valid.
+       * May only be specified in milliseconds, with up to three decimal places of precision.
+       * If omitted, defaults to "10000". Must not be greater than "60000".
+       */
+      recvWindow?: string | null;
+    };
     /** @description A bitcoin address and its network. */
     BitcoinAddressInfo: {
       /**
@@ -3140,6 +3397,8 @@ export interface components {
      * }
      */
     BlobSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -3228,6 +3487,8 @@ export interface components {
     };
     /** @description Data to sign */
     BtcMessageSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -3270,6 +3531,8 @@ export interface components {
       | "NonePlusAnyoneCanPay"
       | "SinglePlusAnyoneCanPay";
     BtcSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -3479,6 +3742,13 @@ export interface components {
       client?: components["schemas"]["ClientProfile"];
       os_info?: components["schemas"]["OsInfo"];
     };
+    /** @description Commission rates as decimal strings (e.g. `"0.00100000"`). */
+    CommissionRates: {
+      buyer: string;
+      maker: string;
+      seller: string;
+      taker: string;
+    };
     /**
      * @description Fields that are common to different types of resources such as keys, roles, etc.
      * Includes versioning fields plus metadata, edit policy, etc.
@@ -3571,7 +3841,10 @@ export interface components {
           type: "fido";
         };
     /** @enum {string} */
-    ConflictErrorCode: "ConcurrentRequestDisallowed" | "ConcurrentLockCreation";
+    ConflictErrorCode:
+      | "ConcurrentRequestDisallowed"
+      | "ConcurrentLockCreation"
+      | "ConcurrentTransactionSubmission";
     /** @description A contact in the org. */
     Contact: components["schemas"]["CommonFields"] & {
       /**
@@ -3876,6 +4149,26 @@ export interface components {
     CreationOptionsWithHash: components["schemas"]["ChallengePieces"] & {
       options: components["schemas"]["PublicKeyCredentialCreationOptions"];
     };
+    /** @description Core RPC methods (transaction CRUD). */
+    CsRpc: OneOf<
+      [
+        {
+          /** @enum {string} */
+          method: "cs_createTransaction";
+          params: components["schemas"]["CreateTransactionRequest"];
+        },
+        {
+          /** @enum {string} */
+          method: "cs_getTransaction";
+          params: components["schemas"]["GetTransactionRequest"];
+        },
+        {
+          /** @enum {string} */
+          method: "cs_listTransactions";
+          params: components["schemas"]["ListTransactionsRequest"];
+        },
+      ]
+    >;
     CubeSignerUserInfo: {
       /** @description All multi-factor authentication methods configured for this user */
       configured_mfa: components["schemas"]["ConfiguredMfa"][];
@@ -3994,6 +4287,8 @@ export interface components {
       mnemonic_id?: string | null;
     };
     DiffieHellmanRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -4077,6 +4372,8 @@ export interface components {
       time_lock_until?: components["schemas"]["EpochDateTime"] | null;
     };
     Eip191SignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -4199,6 +4496,8 @@ export interface components {
      * }
      */
     Eip712SignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -4294,6 +4593,8 @@ export interface components {
      * at a specified block height.
      */
     EotsCreateNonceRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -4344,6 +4645,8 @@ export interface components {
     };
     /** @description Request for an EOTS signature on a specified message, chain-id, block-height triple */
     EotsSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -4440,6 +4743,8 @@ export interface components {
      * }
      */
     Eth1SignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -4502,6 +4807,8 @@ export interface components {
      * }
      */
     Eth2SignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -4639,7 +4946,7 @@ export interface components {
        *
        * Can be undefined if the transaction hasn't been signed yet, or failed to be signed.
        */
-      signature?: string;
+      signature?: string | null;
       /** @description The transaction itself. */
       tx: unknown;
     };
@@ -4803,6 +5110,7 @@ export interface components {
       | "manage:key:update:enabled"
       | "manage:key:update:region"
       | "manage:key:update:metadata"
+      | "manage:key:update:properties"
       | "manage:key:update:editPolicy"
       | "manage:key:delete"
       | "manage:policy:*"
@@ -4889,10 +5197,16 @@ export interface components {
       | "manage:org:inviteAlien"
       | "manage:org:invitation:list"
       | "manage:org:invitation:cancel"
-      | "manage:org:updateMembership"
+      | "manage:org:updateMembership:*"
+      | "manage:org:updateMembership:owner"
+      | "manage:org:updateMembership:member"
+      | "manage:org:updateMembership:alien"
       | "manage:org:listUsers"
       | "manage:org:user:get"
-      | "manage:org:deleteUser"
+      | "manage:org:deleteUser:*"
+      | "manage:org:deleteUser:owner"
+      | "manage:org:deleteUser:member"
+      | "manage:org:deleteUser:alien"
       | "manage:org:get"
       | "manage:org:update:*"
       | "manage:org:update:enabled"
@@ -4951,7 +5265,17 @@ export interface components {
       | "rpc:createTransaction:*"
       | "rpc:createTransaction:evm"
       | "rpc:getTransaction"
-      | "rpc:listTransactions";
+      | "rpc:listTransactions"
+      | "rpc:binance:*"
+      | "rpc:binance:subToMaster"
+      | "rpc:binance:subToSub"
+      | "rpc:binance:universalTransfer"
+      | "rpc:binance:subAccountAssets"
+      | "rpc:binance:accountInfo"
+      | "rpc:binance:subAccountTransferHistory"
+      | "rpc:binance:universalTransferHistory"
+      | "rpc:binance:withdraw"
+      | "rpc:binance:withdrawHistory";
     /**
      * @description This type specifies the interpretation of the `fee` field in Babylon
      * staking requests. If `sats`, the field is intpreted as a fixed value
@@ -5618,14 +5942,12 @@ export interface components {
       key_type: string;
     };
     /** @description The top-level JSON-RPC request type. */
-    JsonRpcRequest: {
-      method: "JsonRpcRequest";
-    } & Omit<components["schemas"]["RpcMethod"], "method"> & {
-        /** @description Request ID */
-        id?: string;
-        /** @description JSON-RPC version. */
-        jsonrpc: string;
-      };
+    JsonRpcRequest: components["schemas"]["RpcMethod"] & {
+      /** @description Request ID */
+      id?: string;
+      /** @description JSON-RPC version. */
+      jsonrpc: string;
+    };
     /** @description The RPC API's response. */
     JsonRpcResponse: {
       error?: components["schemas"]["ErrorObj"] | null;
@@ -5639,7 +5961,15 @@ export interface components {
     /** @description Valid `result` from the JSON-RPC API. */
     JsonRpcResult:
       | components["schemas"]["TransactionInfo"]
-      | components["schemas"]["ListTransactionsPaginatedResponse"];
+      | components["schemas"]["ListTransactionsPaginatedResponse"]
+      | components["schemas"]["SubAccountTransferResponse"]
+      | components["schemas"]["UniversalTransferResponse"]
+      | components["schemas"]["SubAccountAssetsResponse"]
+      | components["schemas"]["AccountInfoResponse"]
+      | components["schemas"]["SubAccountTransferHistoryResponse"]
+      | components["schemas"]["UniversalTransferHistoryResponse"]
+      | components["schemas"]["WithdrawResponse"]
+      | components["schemas"]["WithdrawHistoryResponse"];
     JwkSetResponse: {
       /** @description The keys included in this set */
       keys: Record<string, never>[];
@@ -5741,6 +6071,7 @@ export interface components {
        * ]
        */
       policy: unknown[];
+      properties?: components["schemas"]["KeyPropertiesPatch"] | null;
       /** @description The key provenance. */
       provenance?: string | null;
       /**
@@ -5768,6 +6099,19 @@ export interface components {
     KeyInfos: {
       keys: components["schemas"]["KeyInfo"][];
     };
+    /**
+     * @description Client-side wire payload for [`KeyProperties`]. Used in both directions:
+     *
+     * - **On write**: a *patch*, i.e., for each field, missing means "leave alone",
+     * `null` means "clear", and a value means "set". Secret fields arrive in the
+     * clear and are encrypted server-side before persisting.
+     * - **On read**: each field is omitted when the stored property is unset; secret
+     * fields are emitted with the redacted marker (e.g. "[REDACTED]").
+     */
+    KeyPropertiesPatch: components["schemas"]["BinanceApiPropertiesPatch"] & {
+      /** @enum {string} */
+      kind: "BinanceApi";
+    };
     /** @enum {string} */
     KeyType:
       | "SecpEthAddr"
@@ -5787,6 +6131,7 @@ export interface components {
       | "Ed25519StellarAddr"
       | "Ed25519SubstrateAddr"
       | "Ed25519CantonAddr"
+      | "Ed25519BinanceApi"
       | "Mnemonic"
       | "Stark"
       | "BabylonEots"
@@ -5881,7 +6226,7 @@ export interface components {
        */
       owner?: string | null;
     };
-    /** @description The response to [`cs_listTransactions`](super::request::RpcMethod::ListTransactions) */
+    /** @description The response to [`cs_listTransactions`](super::request::CsRpc::ListTransactions) */
     ListTransactionsResponse: {
       /** @description A list of transaction infos. */
       transactions: components["schemas"]["TransactionInfo"][];
@@ -5975,6 +6320,17 @@ export interface components {
       request: components["schemas"]["HttpRequest"];
       status: components["schemas"]["Status"];
     };
+    MfaRequiredArgs: {
+      /** @description Always set to first MFA id from `Self::ids` */
+      id: string;
+      /** @description Non-empty MFA request IDs */
+      ids: string[];
+      /** @description Organization id */
+      org_id: string;
+      /** @description Optional policy evaluation tree (included in signer responses, when requested) */
+      policy_eval_tree?: unknown;
+      session?: components["schemas"]["NewSessionResponse"] | null;
+    };
     /** @description Org-wide MFA requirements. */
     MfaRequirements: {
       alien_login_requirement?: components["schemas"]["SecondFactorRequirement"];
@@ -6014,7 +6370,7 @@ export interface components {
       verified_email?: string | null;
     };
     MigrateUpdateUsersRequest: components["schemas"]["MigrateUpdateUserItem"][];
-    MmiMetadata: (components["schemas"]["MmiMetadataExt"] | null) & {
+    MmiMetadata: {
       /** @description Chain ID (not required when signing a personal message (EIP-191)) */
       chainId?: string | null;
       /** @description If the custodian should publish the transaction */
@@ -6028,42 +6384,6 @@ export interface components {
       /** @description The category of transaction, as best can be determined by the wallet */
       transactionCategory?: string | null;
     };
-    MmiMetadataExt: {
-      /**
-       * @description All accounts the user can access.
-       * Only set when requested explicitly, i.e., via 'customer_listAccountsSigned'.
-       */
-      accounts?:
-        | {
-            /**
-             * @description An Ethereum address, hex-encoded, with leading '0x'
-             * @example 0x0123456789012345678901234567890123456789
-             */
-            address: string;
-            /** @description Account metadata */
-            metadata?: unknown;
-            /** @description Account name */
-            name: string;
-            /** @description Ordered list of name-value pairs */
-            tags?: {
-              /** @description Tag name */
-              name: string;
-              /** @description Tag value */
-              value: string;
-            }[];
-          }[]
-        | null;
-      /** @description The customer ID of the user, i.e., the customer's organization ID. */
-      customerId: string | null;
-      /** @description A human readable name of the corresponding organization, if any. */
-      customerName: string | null;
-    } & {
-      /**
-       * @description This must match the `sub` claim of the customer proof of
-       * the user or role session which created the transaction.
-       */
-      userId: string | null;
-    };
     MmiRejectRequest: {
       /** @description Optional reason for rejecting. */
       reason?: string | null;
@@ -7437,6 +7757,8 @@ export interface components {
     >;
     /** @description A request to sign a PSBT */
     PsbtSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -8050,23 +8372,14 @@ export interface components {
       /** @description A JSON Web Token whose claims contain the `RoleInfo` structure. */
       jwt: string;
     };
-    /** @description The RPC API method and matching parameters. */
-    RpcMethod:
-      | {
-          /** @enum {string} */
-          method: "cs_createTransaction";
-          params: components["schemas"]["CreateTransactionRequest"];
-        }
-      | {
-          /** @enum {string} */
-          method: "cs_getTransaction";
-          params: components["schemas"]["GetTransactionRequest"];
-        }
-      | {
-          /** @enum {string} */
-          method: "cs_listTransactions";
-          params: components["schemas"]["ListTransactionsRequest"];
-        };
+    /**
+     * @description The RPC API method and matching parameters.
+     *
+     * Top-level dispatch. Wire format is preserved by `#[serde(untagged)]`: each
+     * inbound request is matched against one of the internally-tagged inner enums
+     * ([`CsRpc`] for the core methods, [`BinanceRpc`] for the Binance family).
+     */
+    RpcMethod: components["schemas"]["CsRpc"] | components["schemas"]["BinanceRpc"];
     /** @description All scopes for accessing CubeSigner APIs */
     Scope: components["schemas"]["ExplicitScope"] | string;
     /** @description A set of scopes. */
@@ -8218,6 +8531,12 @@ export interface components {
       /** @description All metrics must include 'org_id' as a dimension. */
       org_id: string;
     };
+    SignDryRunArgs: {
+      /** @description Whether MFA is required */
+      mfa_requests: components["schemas"]["MfaRequestInfo"][];
+      /** @description Optional policy evaluation tree, if requested */
+      policy_eval_tree?: unknown;
+    };
     SignResponse: {
       /** @description Optional policy evaluation tree. */
       policy_eval_tree?: unknown;
@@ -8330,6 +8649,8 @@ export interface components {
      * }
      */
     SolanaSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -8359,6 +8680,8 @@ export interface components {
       source_ip: string;
     };
     StakeRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -8438,6 +8761,164 @@ export interface components {
       num_auth_factors: number;
       request_comparer?: components["schemas"]["HttpRequestCmp"];
     };
+    /**
+     * @description A single asset balance entry returned by [`SubAccountAssetsResponse`].
+     *
+     * All balance fields are decimal strings (Binance preserves precision by not
+     * converting to floats).
+     */
+    SubAccountAsset: {
+      /** @description Asset symbol (e.g. `"USDT"`, `"BTC"`). */
+      asset: string;
+      /** @description Available balance. */
+      free: string;
+      /** @description Balance frozen by Binance (e.g. due to compliance holds). */
+      freeze: string;
+      /** @description Balance locked in open orders. */
+      locked: string;
+      /** @description Balance currently being withdrawn. */
+      withdrawing: string;
+    };
+    /**
+     * @description Parameters for `GET /sapi/v4/sub-account/assets`.
+     *
+     * Queries the spot-wallet balances of a single sub-account. Must be called by
+     * a master-account credential.
+     */
+    SubAccountAssetsRequest: {
+      /** @description Email address of the sub-account whose balances to fetch. */
+      email: string;
+    };
+    /** @description Response for [`BinanceManager::sub_account_assets`]. */
+    SubAccountAssetsResponse: {
+      /**
+       * @description One entry per asset held in the sub-account's spot wallet. Binance
+       * omits assets with all-zero balances.
+       */
+      balances: components["schemas"]["SubAccountAsset"][];
+    };
+    /** @description One transfer entry in [`SubAccountTransferHistoryResponse`]. */
+    SubAccountTransferHistoryEntry: {
+      /** @description Asset symbol (e.g. `"USDT"`). */
+      asset: string;
+      /** @description Email of the counterparty account on the other side of the transfer. */
+      counterParty: string;
+      /**
+       * @description Email of the account this entry's API key authenticates as. Binance
+       * returns this on each row even though it is the same for the whole page.
+       */
+      email: string;
+      /**
+       * @description Wallet type debited on the source side (e.g. `"SPOT"`,
+       * `"USDT_FUTURE"`). Left as `String` for forward compatibility.
+       */
+      fromAccountType: string;
+      /** @description Amount transferred, as a decimal string. */
+      qty: string;
+      /**
+       * @description Transfer status: `"PROCESS"`, `"SUCCESS"`, or `"FAILURE"`. Left as
+       * `String` for forward compatibility.
+       */
+      status: string;
+      /**
+       * Format: int64
+       * @description Time of the transfer (ms since epoch).
+       */
+      time: number;
+      /** @description Wallet type credited on the destination side. */
+      toAccountType: string;
+      /**
+       * Format: int64
+       * @description Transfer id. Matches the `txnId` returned by the original
+       * [`SubAccountTransferResponse`].
+       */
+      tranId: number;
+      /**
+       * Format: int32
+       * @description `1` = transfer in, `2` = transfer out.
+       */
+      type: number;
+    };
+    /**
+     * @description Parameters for `GET /sapi/v1/sub-account/transfer/subUserHistory`.
+     *
+     * Lists the transfer history of the calling sub-account. Covers both
+     * sub-to-master and sub-to-sub transfers. All filters are optional; if
+     * `start_time`/`end_time` are omitted, Binance returns the most recent 30
+     * days. If `r#type` is omitted, Binance defaults to `TransferOut` (`2`).
+     */
+    SubAccountTransferHistoryRequest: {
+      /** @description Filter to a specific asset (e.g. `"USDT"`). */
+      asset?: string | null;
+      /**
+       * Format: int64
+       * @description Window end (ms since epoch).
+       */
+      endTime?: number | null;
+      /**
+       * Format: int32
+       * @description Page size (Binance default: 500).
+       */
+      limit?: number | null;
+      /**
+       * @description If `true`, include failed transfers in the response. Binance defaults
+       * to `false`.
+       */
+      returnFailHistory?: boolean | null;
+      /**
+       * Format: int64
+       * @description Window start (ms since epoch).
+       */
+      startTime?: number | null;
+      /**
+       * Format: int32
+       * @description Direction filter (`1` = transfer in, `2` = transfer out).
+       */
+      type?: number | null;
+    };
+    /**
+     * @description Response for [`BinanceManager::sub_account_transfer_history`].
+     *
+     * Binance returns a top-level JSON array; this newtype preserves that wire
+     * format while giving the response a named type in the OpenAPI schema.
+     */
+    SubAccountTransferHistoryResponse: components["schemas"]["SubAccountTransferHistoryEntry"][];
+    /** @description Response for [`BinanceManager::sub_to_master`] and [`BinanceManager::sub_to_sub`]. */
+    SubAccountTransferResponse: {
+      /** Format: int64 */
+      txnId: number;
+    };
+    /**
+     * @description Parameters for `POST /sapi/v1/sub-account/transfer/subToMaster`.
+     *
+     * Transfers an asset from the caller's sub-account to the master account.
+     */
+    SubToMasterRequest: {
+      /**
+       * @description The amount being transferred, formatted as a decimal string (e.g. `"0.1"`).
+       * Sent verbatim: Binance is strict about decimal formatting.
+       */
+      amount: string;
+      /** @description The asset symbol being transferred (e.g. `"USDT"`, `"BTC"`). */
+      asset: string;
+    };
+    /**
+     * @description Parameters for `POST /sapi/v1/sub-account/transfer/subToSub`.
+     *
+     * Transfers an asset from the caller's sub-account to another sub-account
+     * under the same master account.
+     */
+    SubToSubRequest: {
+      /** @description The amount being transferred, as a decimal string (e.g. `"0.1"`). */
+      amount: string;
+      /** @description The asset symbol being transferred (e.g. `"USDT"`). */
+      asset: string;
+      /**
+       * @description Email address of the destination sub-account. Must be a sub-account of
+       * the same master.
+       */
+      toEmail: string;
+    };
     /**
      * @description The status of a subscription
      * @enum {string}
@@ -8459,6 +8940,8 @@ export interface components {
     SuiChain: "mainnet" | "devnet" | "testnet";
     /** @description Request to sign a serialized SUI transaction */
     SuiSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -8485,6 +8968,8 @@ export interface components {
       tx: string;
     };
     TaprootSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -8557,6 +9042,8 @@ export interface components {
     TelegramEnvironment: "production" | "test";
     /** @description The request for using the Tendermint sign endpoint. */
     TendermintSignRequest: {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -8836,6 +9323,119 @@ export interface components {
       | "AuthorizationHeaderMissing"
       | "EndpointRequiresUserSession"
       | "RefreshTokenMissing";
+    /** @description One transfer entry in [`UniversalTransferHistoryResponse`]. */
+    UniversalTransferHistoryEntry: {
+      /** @description Amount transferred, as a decimal string. */
+      amount: string;
+      /** @description Asset symbol. */
+      asset: string;
+      /** @description Client-supplied transfer id, if one was set on the original transfer. */
+      clientTranId?: string | null;
+      /**
+       * Format: int64
+       * @description Time of the transfer (ms since epoch).
+       */
+      createTimeStamp: number;
+      /**
+       * @description Wallet type debited on the source side. Left as `String` for forward
+       * compatibility.
+       */
+      fromAccountType: string;
+      /** @description Source sub-account email; absent when the source is the master. */
+      fromEmail?: string | null;
+      /** @description Transfer status (e.g. `"SUCCESS"`). */
+      status: string;
+      /** @description Wallet type credited on the destination side. */
+      toAccountType: string;
+      /** @description Destination sub-account email; absent when the destination is master. */
+      toEmail?: string | null;
+      /**
+       * Format: int64
+       * @description Transfer id. Matches the `tranId` returned by the original
+       * [`UniversalTransferResponse`].
+       */
+      tranId: number;
+    };
+    /**
+     * @description Parameters for `GET /sapi/v1/sub-account/universalTransfer`.
+     *
+     * Lists universal transfers initiated by the master account. All filters
+     * are optional; if `start_time`/`end_time` are omitted, Binance returns the
+     * most recent 30 days. Binance does not support filtering by `tran_id`
+     * directly — use `client_tran_id` if you set one when initiating the
+     * transfer, or page through the result and match the `tranId` client-side.
+     */
+    UniversalTransferHistoryRequest: {
+      /** @description Filter by client-supplied transfer id. */
+      clientTranId?: string | null;
+      /**
+       * Format: int64
+       * @description Window end (ms since epoch).
+       */
+      endTime?: number | null;
+      /** @description Filter to transfers originating from this sub-account email. */
+      fromEmail?: string | null;
+      /**
+       * Format: int32
+       * @description Page size (Binance default: 500, max: 500).
+       */
+      limit?: number | null;
+      /**
+       * Format: int32
+       * @description 1-based page number (Binance default: 1).
+       */
+      page?: number | null;
+      /**
+       * Format: int64
+       * @description Window start (ms since epoch).
+       */
+      startTime?: number | null;
+      /** @description Filter to transfers destined for this sub-account email. */
+      toEmail?: string | null;
+    };
+    /** @description Response for [`BinanceManager::universal_transfer_history`]. */
+    UniversalTransferHistoryResponse: {
+      /** @description Transfers in the current page. */
+      result: components["schemas"]["UniversalTransferHistoryEntry"][];
+      /**
+       * Format: int64
+       * @description Total number of transfers matching the filters across all pages.
+       */
+      totalCount: number;
+    };
+    /**
+     * @description Parameters for `POST /sapi/v1/sub-account/universalTransfer`.
+     *
+     * Transfers an asset between any two accounts (master to/from sub, or sub
+     * to/from sub) and between any two wallet types (spot, futures, margin, etc).
+     * The signing credential (the API key + Ed25519 key pair) must belong to the
+     * master account.
+     */
+    UniversalTransferRequest: {
+      /** @description The amount being transferred, as a decimal string. */
+      amount: string;
+      /** @description The asset symbol being transferred (e.g. `"USDT"`). */
+      asset: string;
+      /**
+       * @description Optional client-supplied transfer id. If set, Binance echoes it back
+       * on [`UniversalTransferResponse::client_tran_id`] and lets it be used
+       * as a filter on
+       * [`UniversalTransferHistoryRequest::client_tran_id`].
+       */
+      clientTranId?: string | null;
+      fromAccountType?: components["schemas"]["AccountType"];
+      /** @description Source sub-account email. If `None`, the source is the master account. */
+      fromEmail?: string | null;
+      toAccountType?: components["schemas"]["AccountType"];
+      /** @description Destination sub-account email. If `None`, the destination is the master account. */
+      toEmail?: string | null;
+    };
+    /** @description Response for [`BinanceManager::universal_transfer`]. */
+    UniversalTransferResponse: {
+      clientTranId?: string | null;
+      /** Format: int64 */
+      tranId: number;
+    };
     /** @description Options that should be set only for local devnet testing. */
     UnsafeConf: {
       /**
@@ -8864,6 +9464,8 @@ export interface components {
        */
       validator_index: string;
     } & {
+      /** @description Do not produce a valid signature, just evaluate attached policies. */
+      dry_run?: boolean;
       /**
        * @description Request additional information to be included in the response, explaining
        * the outcome (i.e., permitted vs. denied vs. MFA required) of the sign request.
@@ -8938,6 +9540,14 @@ export interface components {
        * Once disabled, a key cannot be used for signing.
        */
       enabled?: boolean | null;
+      /**
+       * @description If set, patch the key's structured [`KeyProperties`]. The patch's variant must
+       * match the key's [`KeyType`] (e.g. `BinanceApi` properties are only allowed on
+       * `Ed25519BinanceApi` keys). Each field in the patch is independent: missing
+       * means leave alone, JSON `null` clears, a value sets. Sending JSON `null` for
+       * the whole field clears all properties on the key.
+       */
+      properties?: unknown;
       /**
        * @description If set, change the key's region affinity to this value.
        *
@@ -9603,6 +10213,179 @@ export interface components {
     WhereAndWhen: components["schemas"]["SourceIp"] & {
       time: components["schemas"]["EpochDateTime"];
     };
+    /** @description One withdrawal entry in [`WithdrawHistoryResponse`]. */
+    WithdrawHistoryEntry: {
+      /** @description Destination address. */
+      address: string;
+      /** @description Withdrawal amount, as a decimal string. */
+      amount: string;
+      /**
+       * @description Time the withdrawal was requested (Binance returns a UTC string,
+       * e.g. `"2019-09-24 12:43:45"`).
+       */
+      applyTime: string;
+      /** @description Asset symbol (e.g. `"USDT"`, `"BTC"`). */
+      coin: string;
+      /**
+       * @description Time the withdrawal completed (UTC string), present once
+       * `status == 6`.
+       */
+      completeTime?: string | null;
+      /**
+       * Format: int32
+       * @description Number of on-chain confirmations.
+       */
+      confirmNo?: number | null;
+      /**
+       * @description Binance-assigned withdrawal id. Matches the `id` returned by
+       * [`WithdrawResponse`].
+       */
+      id: string;
+      /** @description Failure reason when the withdrawal was rejected. */
+      info?: string | null;
+      /** @description Blockchain network identifier (e.g. `"BSC"`, `"ETH"`). */
+      network?: string | null;
+      /**
+       * Format: int32
+       * @description Withdrawal status. Binance values: `0` = Email Sent,
+       * `2` = Awaiting Approval, `3` = Rejected, `4` = Processing,
+       * `6` = Completed. Left as `u8` for forward compatibility.
+       */
+      status: number;
+      /** @description Network fee charged for the withdrawal, as a decimal string. */
+      transactionFee: string;
+      /**
+       * Format: int32
+       * @description `0` = external transfer, `1` = internal (Binance↔Binance) transfer.
+       */
+      transferType: number;
+      /**
+       * @description On-chain transaction hash, once Binance has broadcast the withdrawal.
+       * May be empty until then.
+       */
+      txId?: string | null;
+      /**
+       * Format: int32
+       * @description Source wallet: `0` = spot wallet, `1` = funding wallet.
+       */
+      walletType: number;
+      /**
+       * @description Client-supplied withdrawal id, if one was set on the original
+       * withdrawal call.
+       */
+      withdrawOrderId?: string | null;
+    };
+    /**
+     * @description Parameters for `GET /sapi/v1/capital/withdraw/history`.
+     *
+     * Returns the master account's withdrawal history. All filters are
+     * optional; if `start_time`/`end_time` are omitted, Binance returns the
+     * most recent 90 days. Use `id_list` to look up specific withdrawals by
+     * the `id` returned from [`BinanceRpc::Withdraw`], or `withdraw_order_id`
+     * to look one up by its client-supplied id.
+     */
+    WithdrawHistoryRequest: {
+      /** @description Filter to a specific asset (e.g. `"USDT"`). */
+      coin?: string | null;
+      /**
+       * Format: int64
+       * @description Window end (ms since epoch).
+       */
+      endTime?: number | null;
+      /**
+       * @description Comma-separated list of Binance-assigned withdrawal ids (the `id`
+       * field of [`WithdrawResponse`]). Up to 45 ids per query, per Binance.
+       */
+      idList?: string | null;
+      /**
+       * Format: int32
+       * @description Page size (Binance default and max: 1000).
+       */
+      limit?: number | null;
+      /**
+       * Format: int32
+       * @description Pagination offset.
+       */
+      offset?: number | null;
+      /**
+       * Format: int64
+       * @description Window start (ms since epoch).
+       */
+      startTime?: number | null;
+      /**
+       * Format: int32
+       * @description Filter by withdrawal status. Binance values:
+       * `0` = Email Sent, `2` = Awaiting Approval, `3` = Rejected,
+       * `4` = Processing, `6` = Completed. Left as `u8` for forward
+       * compatibility.
+       */
+      status?: number | null;
+      /**
+       * @description Filter by the client-supplied withdrawal id originally passed to
+       * [`WithdrawRequest::withdraw_order_id`].
+       */
+      withdrawOrderId?: string | null;
+    };
+    /**
+     * @description Response for [`BinanceManager::withdraw_history`].
+     *
+     * Binance returns a top-level JSON array; this newtype preserves that wire
+     * format while giving the response a named type in the OpenAPI schema.
+     */
+    WithdrawHistoryResponse: components["schemas"]["WithdrawHistoryEntry"][];
+    /**
+     * @description Parameters for `POST /sapi/v1/capital/withdraw/apply`.
+     *
+     * Submits a withdrawal of `amount` of `coin` to the given external `address`.
+     * The signing key's account must have withdrawal permissions enabled.
+     */
+    WithdrawRequest: {
+      /** @description Destination address. */
+      address: string;
+      /**
+       * @description Secondary address identifier required by some assets (e.g. memo for
+       * XRP, tag for XLM).
+       */
+      addressTag?: string | null;
+      /**
+       * @description The amount being withdrawn, formatted as a decimal string (e.g. `"0.1"`).
+       * Sent verbatim: Binance is strict about decimal formatting.
+       */
+      amount: string;
+      /** @description The asset symbol being withdrawn (e.g. `"USDT"`, `"BTC"`). */
+      coin: string;
+      /** @description Optional human-readable description for the withdrawal. */
+      name?: string | null;
+      /**
+       * @description Network identifier (e.g. `"BSC"`, `"ETH"`). If omitted, Binance picks
+       * the default network for the asset.
+       */
+      network?: string | null;
+      /**
+       * @description If `true`, the withdrawal fee is deducted from the destination amount;
+       * if `false` (Binance default), it is deducted from the account balance
+       * in addition to `amount`.
+       */
+      transactionFeeFlag?: boolean | null;
+      /**
+       * Format: int32
+       * @description Source wallet: `0` = spot wallet (default), `1` = funding wallet.
+       */
+      walletType?: number | null;
+      /**
+       * @description Client-supplied withdrawal id, returned by Binance as `withdrawOrderId`
+       * in subsequent withdrawal-history queries.
+       */
+      withdrawOrderId?: string | null;
+    };
+    /** @description Response for [`BinanceManager::withdraw`]. */
+    WithdrawResponse: {
+      /**
+       * @description Binance-assigned withdrawal id. Used to look the request up later via
+       * the withdrawal-history endpoint.
+       */
+      id: string;
+    };
   };
   responses: {
     AddThirdPartyUserResponse: {
@@ -10187,6 +10970,7 @@ export interface components {
            * ]
            */
           policy: unknown[];
+          properties?: components["schemas"]["KeyPropertiesPatch"] | null;
           /** @description The key provenance. */
           provenance?: string | null;
           /**
@@ -16833,6 +17617,11 @@ export interface operations {
         user_id: string;
       };
     };
+    requestBody: {
+      content: {
+        "application/json": components["schemas"]["Empty"];
+      };
+    };
     responses: {
       200: components["responses"]["EmptyImpl"];
       default: {