Developers
One API for the regulated middle.
Issue wallets, move money, and react to events through a typed, idempotent API. Identical requests are safe to retry; conflicting ones are caught before they cause damage.
Typed errorsIdempotentOpenAPI 3.0Signed webhooks
withdrawals.create.ts
import { Cystody } from "@cystody/sdk";const cystody = new Cystody({ apiKey: process.env.CYSTODY_KEY });// Idempotent, safe to retry, never double-spends.const withdrawal = await cystody.withdrawals.create( { accountId: "acct_8f21", asset: "USDC", network: "base", to: "0x9f...", amount: "2500.00", }, { idempotencyKey: "payout-2026-06-17" },);withdrawal.status; // "pending", durable from hereSurfaces
Three APIs, one model.
Each surface is scoped to its audience, with the same conventions: typed errors, idempotency, and an OpenAPI reference.
Public APIFor your application. API-key auth, rate-limited.
Portal APIPowers the merchant dashboard. Session + MFA.
Admin APIPlatform operations. Session, MFA, and granular roles.
Conventions
Built to be retried.
- Idempotent
- Retry safely; conflicts return 409
- Typed errors
- Specific codes; failing field named
- Reference
- OpenAPI 3.0, generated from source
- Webhooks
- Signed, retried, dead-lettered
SDKs
In the languages you ship.
With built-in retries, idempotency-key generation, and webhook signature verification.
Go · roadmapNode / TypeScript · roadmapPython · roadmap
Read the docs. Ship in a sprint.
The hard parts are already built. Your integration is mostly wiring, and we'll help with that.