Sequence/docs

Credentials & Wallets

Connect your exchange accounts and set up your Sequence Wallet for DEX trading.

Warning

Security: Only grant read and trade permissions for CEX API keys. Never enable withdrawals. We encrypt all credentials with AES-256-GCM before storage.

Sequence Wallet

Your Sequence Wallet is an MPC-secured wallet that lets you trade on-chain (DEX) via the API without keeping your browser open. It's automatically provisioned when you connect MetaMask on the dashboard.

How it works

  1. Connect MetaMask on the dashboard (Settings → Wallets)
  2. Your Sequence Wallet is auto-provisioned in the background (~5 seconds)
  3. Fund it — send ETH (for gas) and USDC (for trading) from MetaMask to your Sequence Wallet address
  4. Trade via API — submit orders without wallet_id; they auto-route to your Sequence Wallet
  5. Withdraw anytime — send funds back to your MetaMask via the dashboard or API
Tip

Your private keys never leave the secure enclave. The Sequence Wallet signs transactions server-side, so you can trade programmatically without a browser connection.

List Wallets

GET/v1/wallets

Returns all wallets for the authenticated user.

json
{
  "wallets": [
    {
      "wallet_id": "turnkey:0x7f3a...d21e",
      "address": "0x7f3a...d21e",
      "role": "trading",
      "signer_backend": "turnkey",
      "status": "ready",
      "can_trade_api": true
    },
    {
      "wallet_id": "connected:0x082a...c859",
      "address": "0x082a...c859",
      "role": "connected",
      "signer_backend": "connected",
      "status": "ready",
      "can_trade_api": false
    }
  ]
}
FieldDescription
roletrading (Sequence Wallet for API trading) or connected (browser wallet)
statusprovisioning, ready, failed, or disabled
can_trade_apitrue if this wallet can execute DEX orders without the browser

Get Trading Wallet

GET/v1/wallets/trading

Returns the trading (Sequence Wallet) details. Alias: GET /v1/wallets/default.

Create Trading Wallet Manually

POST/v1/wallets/trading/create-turnkey

Manually provision a Sequence Wallet. This is normally done automatically when you connect MetaMask, but you can also trigger it via API.

json
{
  "label": "My Trading Wallet"
}

Returns 409 if a trading wallet already exists or is being provisioned.

Fund Your Sequence Wallet

Send tokens to your Sequence Wallet address (shown in GET /v1/wallets). You need:

  • ETH for gas (~0.001 ETH on Arbitrum, ~$2)
  • USDC for the actual trades

You can fund from the dashboard (Settings → Wallets → Fund) or by sending a standard transfer from any wallet.

Withdraw

POST/v1/wallets/withdraw

Send tokens from your Sequence Wallet back to an external address.

json
{
  "chain": "arbitrum",
  "token": "USDC",
  "amount": "100.0",
  "recipient": "0x082a74ff138843b60eda88f131c54054c96ac859"
}

Order Routing

When you submit a DEX order via POST /v1/orders:

wallet_idBehavior
OmittedAuto-resolves to your Sequence Wallet (recommended for API trading)
connected:0x...Signs via MetaMask in the browser (requires dashboard open)
turnkey:0x...Explicitly targets your Sequence Wallet

If no Sequence Wallet exists, the API returns NO_TRADING_WALLET (404). If it's still being provisioned, you get TRADING_WALLET_NOT_READY (409).

List Connected Venues

GET/v1/credentials

List venues you have credentials for.

Response

json
{
  "venues": ["kraken", "coinbase", "binance", "kalshi", "polymarket"]
}

Set Credentials

POST/v1/credentials/{venue}

Add or update credentials for a venue. Overwrites any existing row for (client, venue).

Path Parameters

ParameterDescription
venuekraken, coinbase, binance, bitget, cryptocom, bitmart, okx, bybit, hyperliquid, kalshi, polymarket

Request Body (Kraken / Binance / Bitget / Crypto.com / BitMart)

json
{
  "api_key": "your-api-key",
  "api_secret": "your-api-secret"
}

Request Body (Coinbase)

Coinbase requires additional fields:

json
{
  "api_key": "your-api-key-id",
  "api_secret": "-----BEGIN EC PRIVATE KEY-----\n...\n-----END EC PRIVATE KEY-----",
  "passphrase": "optional-passphrase"
}
Note

Coinbase uses EC private keys for signing. Export from the Coinbase Developer Portal.

Request Body (Kalshi)

Kalshi uses an API key ID + RSA private key. Orders are signed with RSA-PSS over SHA-256.

json
{
  "api_key": "dc9d0cd5-076a-4ea8-b406-1847279dac4b",
  "api_secret": "-----BEGIN RSA PRIVATE KEY-----\nMIIE...\n-----END RSA PRIVATE KEY-----"
}
  • api_key = the Kalshi API key ID (UUID shown in the Kalshi dashboard).
  • api_secret = the full PEM of the paired private key. Both PKCS#1 (BEGIN RSA PRIVATE KEY) and PKCS#8 (BEGIN PRIVATE KEY) are accepted.

Request Body (Polymarket)

Polymarket orders are EIP-712 signed client-side from an EVM signer key. Sequence derives the CLOB L2 credentials from that signer on first use (calling Polymarket's /auth/derive-api-key under the hood), so you only need to supply the signer material in extra_json:

json
{
  "api_key": "",
  "api_secret": "",
  "extra_json": {
    "signer_private_key": "0xyour-32-byte-private-key",
    "proxy_address": "0xoptional-proxy-wallet-address",
    "builder": "0xoptional-builder-code-address"
  }
}
FieldRequiredDescription
extra_json.signer_private_keyHex-encoded EVM private key that will sign every EIP-712 order.
extra_json.proxy_addressPolymarket proxy (funder) wallet. Omit to use the signer address directly. Required when the USDC lives on the proxy.
extra_json.builderBuilder-code recipient — include only if you're enrolled in Polymarket's builder program.
api_key / api_secret / passphraseLeave empty unless you already have L2 credentials and want to bypass auto-derivation. If supplied, Sequence uses them verbatim instead of calling /auth/derive-api-key.
Warning

Sending api_key or api_secret as non-empty values without also supplying extra_json.signer_private_key will fail with "Polymarket orders require signer material in credentials.extra_json.signer_private_key". The signer key is the source of truth — L2 creds are a derived cache.

Note

Polymarket fees are read per-token from the CLOB's fee_schedule broadcast on market-data WS and supplied in the signed order body as feeRateBps. There is no global override — the edge uses the rate the venue advertises for each token, honoring the taker_only flag for maker vs. taker orders.

Response

json
{
  "venue": "kalshi",
  "status": "stored"
}

Delete Credentials

DELETE/v1/credentials/{venue}

Remove credentials for an exchange.

Response

json
{
  "venue": "kraken",
  "deleted": true
}

Get Positions

Balances and positions are unified into one endpoint. See Positions — use GET /v1/positions?kinds=fiat,crypto for the old balances() shape.

Fee Tiers

Your per-venue maker/taker fee tier is fetched automatically in the background whenever you POST /v1/credentials/{venue} — the edge probes the venue's fee endpoint (where supported) and caches the result. The cached tier feeds the SOR cost model and TCA reports; it isn't exposed as a standalone read endpoint. If the probe fails (API lacks the permission, venue doesn't expose it), SOR falls back to hardcoded per-venue defaults.

API Key Management

Sequence uses two key prefixes to distinguish live and sandbox environments:

PrefixModeDescription
seq_live_LiveReal orders on real exchanges
seq_test_SandboxPaper trading - live market data, no real orders

The key prefix determines the mode automatically on the server side. All API endpoints respect this: a seq_test_ key can only interact with sandbox infrastructure (sandbox edges, sandbox algo deployments), and a seq_live_ key only interacts with live infrastructure. The two modes are fully isolated - same client, same symbol, different modes.

List API Keys

GET/v1/api_keys

Returns all API keys for the authenticated client.

json
{
  "keys": [
    {
      "id": "a1b2c3d4-...",
      "key_prefix": "seq_live_94b98a3c",
      "label": "production",
      "is_active": true,
      "last_used_at": "2026-02-28T12:00:00Z",
      "created_at": "2026-01-15T08:00:00Z"
    }
  ]
}

Create API Key

POST/v1/api_keys
json
{
  "label": "my-new-key",
  "sandbox": false
}
FieldRequiredDefaultDescription
labelNonullHuman-readable label for the key
sandboxNofalseIf true, creates a seq_test_ (sandbox) key instead of seq_live_ (live)

Response:

json
{
  "id": "a1b2c3d4-...",
  "key_prefix": "seq_live_f8a2b1c0",
  "raw_key": "seq_live_f8a2b1c0..."
}

To create a sandbox key for paper trading:

json
{
  "label": "paper-trading",
  "sandbox": true
}

Returns a seq_test_ key:

json
{
  "id": "b2c3d4e5-...",
  "key_prefix": "seq_test_a1b2c3d4",
  "raw_key": "seq_test_a1b2c3d4..."
}
Warning

The full raw_key is only returned once at creation time. Store it securely - it cannot be retrieved again.

Note

If you're authenticated with a sandbox key (seq_test_), the sandbox field is ignored - sandbox sessions can only create sandbox keys.

Delete API Key

DELETE/v1/api_keys/{key_id}

Deactivates the key. Cannot delete the key you're currently authenticated with.

Rotate API Key

POST/v1/api_keys/{key_id}/rotate

Atomically deactivates the old key and creates a new one with the same label. Returns the new key:

json
{
  "id": "new-key-uuid",
  "key_prefix": "seq_live_d2e4f6a8",
  "raw_key": "seq_live_d2e4f6a8..."
}
Tip

Use rotation for zero-downtime key refresh. The old key is immediately invalidated.

Venue Setup Guides

Kraken
  1. Go to Kraken API Settings
  2. Create new API key
  3. Enable: Query Funds, Query Orders, Create/Modify Orders, Cancel Orders
  4. Do NOT enable: Withdraw Funds
Coinbase
  1. Go to Coinbase Developer Portal
  2. Create API key with Trade permissions
  3. Download the private key (PEM format)
  4. Use the key ID as api_key and PEM contents as api_secret
Binance
  1. Go to Binance API Management
  2. Create new API key
  3. Enable: Enable Spot Trading
  4. Restrict to your IP for security
Bitget
  1. Go to Bitget API Management
  2. Create API key with Trade permissions
  3. Set passphrase (required by Bitget)
Crypto.com
  1. Go to Crypto.com Exchange API
  2. Create API key with Spot Trading permissions
  3. Restrict to your IP for security
BitMart
  1. Go to API Management in your BitMart account settings
  2. Create API key with Trade permissions
  3. Set memo (required by BitMart)
OKX
  1. Go to OKX API Management
  2. Create API key with Trade permissions
  3. Set passphrase (required by OKX)
  4. Restrict to your IP for security
Bybit
  1. Go to Bybit API Management
  2. Create API key with Spot Trading permissions
  3. Restrict to your IP for security
Hyperliquid
  1. Go to Hyperliquid API Settings
  2. Generate an API wallet (agent wallet)
  3. Use the wallet address as api_key and private key hex as api_secret
  4. For vault trading, provide the vault address as passphrase
  5. Alternative: Use your Sequence Wallet — Sequence auto-derives Hyperliquid credentials from it
Kalshi
  1. Go to Kalshi's API Keys page (Settings → API Keys)
  2. Create a new API key — Kalshi generates the key ID (UUID) and downloads an RSA private key as PEM
  3. api_key = the key ID, api_secret = the complete PEM body (keep the -----BEGIN/END----- markers)
  4. RSA-PSS over SHA-256 is the signing algorithm; Sequence handles that internally
  5. Symbols use Kalshi tickers directly (e.g. KXBTCZ-26DEC31-T99000). See Prediction Markets for discovery.
Polymarket
  1. Have an EVM wallet funded with USDC on Polygon, and (optionally) a Polymarket proxy wallet
  2. Export the signer's 32-byte private key (hex, with or without 0x prefix)
  3. Submit with api_key and api_secret empty; put the signer key in extra_json.signer_private_key
  4. Set extra_json.proxy_address if your USDC is on a proxy rather than on the signer address
  5. On first order, Sequence derives L2 CLOB credentials from the signer via /auth/derive-api-key and caches them in-memory — you never see the L2 key yourself
  6. Symbols accept event slugs, :yes / :no slug suffixes, raw CTF token IDs, or full polymarket.com/event/... URLs