By Simon Heinrich, Chief Information Officer and Scott Weatherill, Japan’s Chief Risk Manager at B2C2, a leading cryptocurrency liquidity provider
By Simon Heinrich, Chief Information Officer and Scott Weatherill, Japan’s Chief Risk Manager at B2C2, a leading cryptocurrency liquidity provider

Leveraging the power of APIs for cryptocurrency trading

Simon Heinrich and Scott Weatherill, explore many of the issues associated with utilising APIs for trading cyptocurrencies. In September 2000, Roy Fielding defended his doctoral dissertation on the ‘REST’ (REpresentational State Transfer) software architectural style. He had a simple objective — creating a new standard for online messaging so that any server in the world could coherently talk to any other server. It was a huge step forward. To write his paper, Fielding got feedback from over 500 developers and laid out “a core set of principles, properties, and constraints that are now called REST”.

Thanks in part to Fielding’s seminal work, over the past two decades there has been an explosion in web APIs. From the comfort of one’s home, it’s now possible to stream live weather data, grab a tweet reel, catch up on the latest Mars Rover photos via the NasaAPI, check your bank balance, or even request random Chuck Norris jokes on a timer — all with just a little programming know-how and an internet connection. Both public and private APIs exist, or rather, public and private endpoints in the case of RESTful APIs, depending on the nature of the information a query to that endpoint would return. Sensitive information that should only be available to a select group should be accessible via a private endpoint that requires some form of authentication. A digital handshake, so to speak. 

APIs are particularly useful for trading, especially if a user desires to automate her workflow as much as possible. A firm can hook up to one or more APIs to stream real-time data, continuously analyse that data using computer programmes they’ve written in-house, and then send orders to an exchange or OTC dealer via their respective APIs upon the discovery of a signal. APIs also allow one to keep track of account equity, risk exposures, instrument funding, trade histories, and even manage settlement requests, among other things. While not as sexy as running your favourite machine learning prediction algorithm to make trades while you sleep, these more vanilla request types and matters related to system monitoring are critical for any business wishing to operate at scale. 

Not for everyone

Before we get too carried away with the possibilities, it’s important to first note that APIs aren’t for everyone. Your typical directional hedge fund or family office that trades occasionally in size with a macro view in mind is far more suited to using a web GUI that offers streaming prices. Executing in this fashion has the benefit of human oversight. After dealing, one can sanity check the position and balances on the platform to ensure the trade went through successfully and that risk is in line with expectations. 

Indeed, connecting to a venue’s API requires an IT investment. The API documentation must be read carefully, syntax perused, and the appropriate workflow planned out in logical steps. Mapping the data points from A to B is generally the easy part. Matching the semantics and message orchestration where A and B have different expectations is where the fun begins! 

For those contemplating systematic strategies, best practice involves having suitable error handling and reconciliation processes in place, as well as sensible execution protections monitoring the logic so that said algorithm doesn’t get a little too bullish or bearish! But of course, go-live day isn’t the end of the IT effort. APIs evolve — with or without warning!—and extra IT investment will be required, sometimes with little notice, to cater for changes at one end or the other.

See below for an example of a systematic strategy based purely on historical closes for ETHBTC. Signal resolution is based on daily closes (it won’t matter much which exchange you use). A simple moving average of 50 periods is contrasted with an exponentially weighted moving average of 35 periods. The strategy buys when the EMA > SMA and flips short when the EMA < SMA. A note of caution though, strategies relying on parameter optimisation such as the below have effectively been fitted to the historical data, so one must be wary of whether its effectiveness will persist. On a brighter note, if cryptocurrencies continue to exhibit bouts of extreme volatility and a tendency to trend, then simple trend following strategies such as those championed by the Turtle Traders in the 1980s will likely offer compelling risk-adjusted returns. Easy to build but hard to follow! Perfect for automating into a few simple scripts so that you can prevent your pesky emotions from destroying your edge.

Aside from those favouring a systematic tilt, APIs are well suited to institutions handling large trade volumes, or for those manually trading across a fragmented liquidity landscape where it’s untenable for a human to familiarise themselves with —let alone simultaneously operate —a multitude of GUIs. 

Low latency
Many crypto market participants get hung up on latency

Not all created equal

It should be noted, however, that not all APIs are created equal. In an ideal world for both producer and consumer, the syntax and semantics of trading APIs would be standardised. Where industry bodies exist they attempt to do just that, while most participants pay lip service to their efforts. Where such bodies don’t exist, most designers attempt to mimic the API of an incumbent. Queue the obligatory copyright infringement dispute which typically fails to result in any breach being found. 

System owners who expose APIs are also responsible for managing the non-functional requirements of their services implementing those APIs — such as reliability and scalability. An API is not a database or even a server. It refers to the code that governs the access points to the server: the contract between that service and those that use it. The technology behind the scenes handling the requests is subject to the usual hardware and software constraints and hence not infinitely scalable. 

For instance, if an exchange is bombarded with a large number of API calls within a short space of time, it may run out of the resources required to process and respond to them all. At times such as these when the server becomes ‘overloaded’, API calls may timeout or simply be rejected. In an effort to minimise the frequency of these occurrences, exchanges impose ‘rate limits’ on users. These may take the form of “X requests per minute” or “Y orders per 24 hours”, for example. Search “Token Bucket” if you wish to scratch the surface. 

The load on exchange servers can be quite considerable, especially on a busy day when volumes are strong. The most popular crypto trading exchanges boast millions of users and can handle an impressive amount of traffic, but that can only be achieved when all users receive the same view of liquidity. Electronic OTC dealers on the other hand are unencumbered by such large retail client bases, so can offer tailored connectivity solutions with bespoke liquidity and flexible limits. 

Earlier we referred to the REST architectural style that revolutionised communication over the internet. It’s time to look at the broader landscape of protocols. The REST architecture Fielding envisaged makes use of the HTTP protocol. You’ll find it at the beginning of domain names when you surf the web.

Essentially, making a REST API call where you fetch information is no different than entering a website domain into a browser. In fact, for public REST API calls, you can do just that but instead of the server returning a website, you’ll see a response in ‘JSON’ format. Here’s an example of a request URL for the first two layers of the XBT perpetual swap orderbook on BitMEX and the associated response:


Response: [{“symbol”:”XBTUSD”, ”id”:8798973550, ”side”:”Sell”, ”size”:888959, ”price”:10264.5}, {“symbol”:”XBTUSD”, ”id”:8798973600, ”side”:”Sell”, ”size”:1546987, ”price”:10264}, {“symbol”:”XBTUSD”, ”id”:8798973650, ”side”:”Buy”, ”size”:305569, ”price”:10263.5}, {“symbol”:”XBTUSD”, ”id”:8798973700, ”side”:”Buy”, ”size”:40120, ”price”:10263}]

Authenticated REST API calls are slightly more tricky as they involve proving your identity with a digital signature using your API keys. Although communicating via REST is fairly straightforward, it has one serious limitation— namely, it is inherently a request and response interaction, otherwise known as ‘polling’. 

Systematic strategy based purely on historical closes for ETHBTC
Systematic strategy based purely on historical closes for ETHBTC


Luckily, thanks to the hard work of Michael Carter and Ian Hickson among others, the ‘WebSocket’ protocol shipped in 2011 — featuring bi-directional, full-duplex communication over a persistent TCP connection. With WebSockets, you can complete an initial handshake in HTTP which then ‘upgrades’ you to a persistent connection where data is streamed between the servers in real-time. 

Having sprung from the minds of web developers and software professionals educated and trained in that era, most crypto-native exchanges started life with REST-based APIs. That’s OK for placing a Market, FOK or IOC order where it fills (or expires) immediately and its end state can be returned in the response to the caller. But for resting Limit orders in the book? Hmmm. Trading 101 is to know your position at all times. That’s impossible with such a protocol as the exchange has no way of notifying fills. 

The trading systems must continually poll to ascertain the fate of a resting order and update risk appropriately ex post facto— and even more so if rate limits have been exceeded! As the reader can appreciate, polling for market data makes reacting to a fast market something of a challenge. Many crypto-native exchanges still operate on REST only, but are increasingly employing WebSockets for market data, and some for order entry and trading as well.

Connecting to a venue’s API requires an IT investment
Connecting to a venue’s API requires an IT investment


The elephant in the room is of course FIX. An open standard with a huge community — mainly commercial — built around it. A 25+ year stalwart of traditional trading infrastructure, greasing the integration of countless systems across the world, in various asset classes, from front-office to back. The FIX standard covers a multitude of two-way workflows and trading modalities, delivered part and parcel with a TCP based session layer that can offer helpful qualities of service, such as guaranteed message delivery. Integrating two systems which speak FIX is, for the most part, an exercise in copy and paste, although inevitably some devil in the detail remains.

Many crypto market participants get hung up on latency, with a deep-seated belief that they need, and the crypto industry trades at, nanosecond latencies, akin to equities and traditional FX. They generally don’t, it definitely doesn’t, and it’s unlikely to do so anytime soon. A peculiarity of crypto-native exchanges which do support FIX is that they often wrap REST or WebSocket APIs — and are therefore unavoidably more latent. But a difference measured in tens of microseconds, or single digit milliseconds is generally not an issue, given matching engines typically run on a web server and have internal reordering latencies to match. One of the many divides in the crypto world is between institutional (read: established / traditional) firms who have an extensive pre-existing FIX infrastructure — often outsourced to a vendor; and crypto-native (read: newbie) firms who find REST and WebSockets a more natural playground. To make or to take cryptocurrency liquidity, one therefore needs IT infrastructure for both, or else be certain of the class of counterparty with whom they wish to trade and accept that API integration will be a blocker to expansion outside of that.

A generic HFT infrastructure setup
A generic HFT infrastructure setup

Featured above is a generic HFT infrastructure setup well poised to navigate the fragmented liquidity landscape characteristic of the cryptocurrency market. APIs can be incredibly useful in automating workflows and improving trading performance. However, it’s important to be cognisant of the limitations you may face at the protocol level, as well as the potential controls your counterparties may choose to enforce. For those planning to make the leap, we hope you’ve found this article useful in guiding your investment.