API Terms of Service

These API Terms of Service ("API Terms") govern your access to and use of the application programming interfaces, WebSocket feeds, software development kits, and related documentation (collectively, the "API" or "APIs") provided by XEX ("we," "us," "our," or the "Company"). These API Terms are supplemental to and incorporated into the XEX Terms of Service ("General Terms"). In the event of any conflict between these API Terms and the General Terms, these API Terms shall control with respect to your use of the APIs. By accessing, registering for, or using any XEX API, you acknowledge that you have read, understood, and agree to be bound by these API Terms, the General Terms, and all applicable policies referenced herein. If you are using the APIs on behalf of a company, organization, or other legal entity, you represent and warrant that you have the authority to bind that entity to these API Terms.

1. API Access and Registration

1.1 API Key Requirement

Access to the XEX APIs requires a valid API key ("Key") issued by XEX. To obtain an API Key, you must have a registered, verified XEX account in good standing and must apply for API access through your account settings. XEX reserves the sole right to approve, deny, or revoke API access at any time and for any reason, including without limitation failure to comply with these API Terms, suspicious account activity, or regulatory requirements. Issuance of an API Key does not guarantee uninterrupted or continuous access to the APIs.

1.2 Account Standing

You must maintain your XEX account in good standing at all times while using the APIs. Good standing requires, at minimum, completion of all applicable identity verification (KYC) requirements, compliance with the General Terms and all applicable XEX policies, absence of unresolved disputes, outstanding debts, or pending investigations on your account, and compliance with all applicable laws and regulations. XEX may suspend or revoke API access if your account ceases to be in good standing for any reason.

1.3 Acceptance of Terms

By generating an API Key or making any request to the XEX APIs, you expressly agree to be bound by these API Terms, the General Terms, the Privacy Policy, and all other applicable XEX policies. If you do not agree to any of these terms, you must not access or use the APIs.

1.4 Key Security Obligations

You are solely responsible for the security of your API Keys, including all associated secret keys, access tokens, and credentials. You must:

• Store all API Keys securely using industry-standard practices, including encryption at rest, secure environment variables, or hardware security modules. API Keys must never be hardcoded in source code, committed to version control repositories, or stored in plaintext configuration files.
• Restrict API Key permissions to the minimum necessary for your intended use case. XEX provides granular permission controls (e.g., read-only, trade, withdrawal), and you must not enable permissions beyond what is strictly required.
• Implement IP address whitelisting for API Keys wherever possible to restrict access to known, trusted IP addresses.
• Monitor API Key usage regularly for unauthorized access, anomalous activity, or unexpected behavior.
• Immediately rotate or revoke any API Key that you suspect has been compromised, and promptly notify XEX at security@xex.to of any suspected unauthorized use.

You are liable for all activity conducted through your API Keys, regardless of whether such activity was authorized by you. XEX shall not be responsible for any losses, damages, or liabilities arising from the unauthorized use of your API Keys, including but not limited to unauthorized trades, withdrawals, or data access.

2. Rate Limits and Fair Use

2.1 Tier-Based Rate Limits

API access is subject to rate limits that vary based on your account tier. The following table summarizes the default rate limits for each tier. XEX reserves the right to modify these limits at any time:

2.2 Burst Allowance

Each tier includes a burst allowance that permits short-duration spikes in request volume above the sustained rate limit. The burst allowance is calculated as two times (2x) the per-minute rate limit, sustained for a maximum window of five (5) seconds. Exceeding the burst allowance will result in immediate throttling. Repeated or sustained bursting may trigger temporary or permanent rate limit reductions at XEX's discretion.

2.3 Throttling Behavior

When rate limits are exceeded, the API will return HTTP status code 429 (Too Many Requests) along with a Retry-After header indicating the number of seconds before the next request will be accepted. Clients must implement exponential backoff and honor the Retry-After header. Failure to respect throttling signals, including continued requests after receiving 429 responses, may result in escalating penalties, including temporary IP bans, API Key suspension, or permanent revocation of API access.

2.4 Dedicated Endpoints for High-Volume Users

Institutional clients and market makers requiring rate limits above the published tiers may apply for dedicated API endpoints with custom rate limits and performance characteristics. Dedicated endpoint access is subject to a separate agreement, additional fees, and enhanced compliance requirements. Contact api-support@xex.to for more information.

3. Data Usage Restrictions

3.1 Personal and Internal Use

Data obtained through the XEX APIs ("API Data") is licensed solely for your personal or internal business use. You may use API Data to build personal trading tools, perform analysis for your own investment decisions, manage your portfolio, and develop internal business intelligence, provided that such use complies with these API Terms and all applicable laws.

3.2 Redistribution Prohibited

You may not redistribute, sublicense, sell, lease, publish, broadcast, or otherwise make available API Data to any third party, whether for free or for compensation, without the prior written consent of XEX and the execution of a data redistribution license agreement. This prohibition includes, but is not limited to, the following:

• Displaying XEX market data on third-party websites, applications, or platforms.
• Providing XEX data feeds to data aggregators, financial information services, or market data vendors.
• Incorporating XEX data into products, services, or datasets offered to third parties.
• Sharing API Data through public or private APIs, webhooks, or data streams accessible by third parties.

3.3 No Competing Product Creation

You may not use the APIs or API Data to create, operate, or contribute to any product or service that competes with XEX, including but not limited to cryptocurrency exchanges, trading platforms, order matching engines, or liquidity aggregators. XEX reserves the sole right to determine whether a particular product or service constitutes a competing offering.

3.4 No Real-Time Data Resale

The resale, redistribution, or commercial exploitation of real-time market data (including order book snapshots, trade data, ticker data, and candlestick/OHLCV data) obtained through the APIs is strictly prohibited without an express written data license from XEX. Real-time data is defined as data that is less than fifteen (15) minutes old at the time of distribution.

3.5 Attribution Requirements

If XEX grants a written license permitting the display or distribution of API Data, you must include the following attribution in a prominent and clearly visible location: "Market data provided by XEX (xex.to)." The format, size, and placement of the attribution must comply with any guidelines provided by XEX. Failure to provide proper attribution is grounds for immediate revocation of any data license.

4. Permitted and Prohibited Uses

4.1 Permitted Uses

Subject to compliance with these API Terms, the following uses of the APIs are expressly permitted:

• Personal Trading: Developing and operating automated or semi-automated trading systems ("bots") for your own account, including algorithmic trading, grid trading, arbitrage, and portfolio rebalancing strategies.
• Portfolio Management: Building tools to track, analyze, and manage your XEX portfolio, including balance monitoring, performance tracking, and risk management dashboards.
• Analytics and Research: Performing market analysis, backtesting trading strategies, generating research reports, and conducting data analysis for personal or internal business purposes.
• Account Management: Automating routine account management tasks such as deposit monitoring, withdrawal processing, and notification management.
• Integration: Integrating XEX functionality into your own internal systems, dashboards, or workflows, provided that such integrations are not made available to third parties.

4.2 Prohibited Uses

The following uses of the APIs are strictly prohibited. Engaging in any of the following activities may result in immediate termination of API access, account suspension, and referral to law enforcement:

• Market Manipulation: Using the APIs to engage in any form of market manipulation, including but not limited to wash trading, spoofing, layering, pump and dump schemes, quote stuffing, momentum ignition, or any other strategy designed to artificially inflate or deflate the price of any asset or create a misleading appearance of market activity.
• Excessive Load: Intentionally or negligently generating excessive API traffic that degrades system performance, impacts service availability, or interferes with other users' access to the platform. This includes, without limitation, sending requests at rates consistently above published limits, opening unnecessary WebSocket connections, or failing to implement proper error handling and backoff logic.
• Reverse Engineering: Reverse engineering, decompiling, disassembling, or otherwise attempting to derive the source code, algorithms, internal structure, or implementation details of the APIs, XEX's matching engine, or any other XEX systems.
• Scraping Beyond API: Using web scraping, crawling, or other automated methods to extract data from XEX's website or application beyond what is provided through the documented APIs. The APIs are the sole authorized method for programmatic data access.
• Circumventing Rate Limits: Attempting to circumvent, bypass, or manipulate rate limits through any means, including the use of multiple API Keys, multiple accounts, proxy rotation, IP address rotation, or distributed request patterns designed to evade rate limiting controls.
• Unauthorized Access: Attempting to access APIs, endpoints, features, or data that are not authorized for your account tier or API Key permissions, including exploitation of undocumented endpoints or API parameters.
• Interference: Taking any action that interferes with, disrupts, or attempts to compromise the integrity, security, or proper functioning of the APIs or any XEX system.
• Illegal Activities: Using the APIs in connection with any activity that violates applicable law, including money laundering, terrorist financing, sanctions evasion, tax fraud, or any other financial crime.

5. Liability Limitations

5.1 APIs Provided "As Is"

THE APIS AND ALL API DATA ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, ACCURACY, COMPLETENESS, RELIABILITY, OR AVAILABILITY. XEX DOES NOT WARRANT THAT THE APIS WILL OPERATE WITHOUT INTERRUPTION, ERRORS, OR DEFECTS, OR THAT THE APIS WILL MEET YOUR REQUIREMENTS OR EXPECTATIONS.

5.2 No Service Level Guarantee

While XEX targets an availability of 99.9% for its API infrastructure, this target is provided as a best-effort goal only and does not constitute a service level agreement (SLA) or any binding commitment. XEX is not liable for any downtime, latency, degraded performance, or unavailability of the APIs, whether planned or unplanned, regardless of cause. XEX may perform scheduled maintenance, upgrades, or migrations that require temporary API downtime, and will endeavor (but is not obligated) to provide advance notice of planned maintenance windows.

5.3 No Liability for Trading Losses

XEX SHALL NOT BE LIABLE FOR ANY TRADING LOSSES, FINANCIAL DAMAGES, LOST PROFITS, LOST OPPORTUNITIES, OR ANY OTHER DAMAGES ARISING FROM OR RELATED TO YOUR USE OF THE APIS, INCLUDING WITHOUT LIMITATION LOSSES CAUSED BY API ERRORS, BUGS, LATENCY, CONNECTIVITY ISSUES, INCORRECT OR DELAYED DATA, ORDER EXECUTION FAILURES, PARTIAL FILLS, SYSTEM OUTAGES, OR ANY OTHER API MALFUNCTION. YOU ACKNOWLEDGE THAT AUTOMATED TRADING INVOLVES SIGNIFICANT RISKS AND THAT YOU ARE SOLELY RESPONSIBLE FOR ALL TRADING DECISIONS AND THEIR CONSEQUENCES, WHETHER OR NOT SUCH DECISIONS WERE MADE BY AUTOMATED SYSTEMS USING THE APIS.

5.4 No Warranty of Accuracy

XEX does not warrant the accuracy, completeness, timeliness, or reliability of any API Data, including but not limited to market data, price quotes, order book information, trade data, account balances, or any other information provided through the APIs. API Data may be delayed, inaccurate, incomplete, or subject to errors, and you should not rely solely on API Data for making trading or investment decisions. You are responsible for independently verifying all API Data before acting upon it.

5.5 Data Feed Interruptions

XEX shall not be liable for any interruptions, gaps, or delays in API data feeds, including real-time market data feeds, WebSocket streams, and order status updates. Data feed interruptions may occur due to network issues, system maintenance, high load conditions, force majeure events, or other causes beyond XEX's reasonable control. Your systems must be designed to handle data feed interruptions gracefully, including implementing reconnection logic, state reconciliation, and fallback mechanisms. XEX shall have no obligation to provide backfill data or to compensate for any data gaps.

5.6 Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, XEX'S TOTAL AGGREGATE LIABILITY TO YOU FOR ALL CLAIMS ARISING FROM OR RELATED TO YOUR USE OF THE APIS SHALL NOT EXCEED THE LESSER OF (A) THE TOTAL FEES PAID BY YOU TO XEX IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (B) ONE HUNDRED UNITED STATES DOLLARS (USD $100). IN NO EVENT SHALL XEX BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, GOODWILL, DATA, OR OTHER INTANGIBLE LOSSES, EVEN IF XEX HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

6. Service Modifications

6.1 Right to Modify

XEX reserves the right to modify, update, deprecate, or discontinue any API endpoint, feature, functionality, or data feed at any time, with or without notice, and for any reason. Such modifications may include changes to request/response formats, authentication mechanisms, rate limits, available data fields, endpoint URLs, WebSocket message formats, and error codes. You acknowledge that the APIs are a dynamic service and that changes are a normal part of API operations.

6.2 Deprecation Policy

For breaking changes to stable, versioned API endpoints, XEX will endeavor to provide at least ninety (90) days' advance notice when reasonably practicable. Notice may be provided through the API documentation, developer portal, email to the address associated with your API Key, or in-response deprecation headers. However, XEX reserves the right to make immediate changes without notice in the following circumstances:

• Security vulnerabilities that require immediate patching or endpoint modification.
• Regulatory or legal requirements that mandate immediate changes.
• Critical bugs that materially affect the accuracy, integrity, or security of the APIs.
• Abuse or exploitation of API functionality that threatens platform stability or user safety.

6.3 Versioning Policy

XEX uses semantic versioning for its APIs. Major version changes (e.g., v1 to v2) indicate breaking changes and will be deployed to new base URLs, with the previous version maintained for a transitional period of at least ninety (90) days. Minor version changes and patches are backward compatible and may be deployed to existing endpoints without prior notice. You are responsible for monitoring API changelogs and updating your integrations accordingly. XEX is not responsible for any issues arising from your failure to migrate to supported API versions within the published transition period.

7. Termination

7.1 Termination by XEX

XEX may suspend, restrict, or permanently revoke your API access at any time, with or without cause, and with or without notice. Without limiting the generality of the foregoing, XEX may terminate your API access for any of the following reasons:

• Violation of any provision of these API Terms, the General Terms, or any other applicable XEX policy.
• Abusive, excessive, or anomalous API usage patterns that XEX determines, in its sole discretion, to be detrimental to platform performance, security, or integrity.
• Suspicious activity on your account, including but not limited to suspected fraud, money laundering, market manipulation, or unauthorized access.
• Failure to maintain your account in good standing, including failure to complete required identity verification or comply with regulatory requirements.
• Request by a law enforcement or regulatory authority.
• Discontinuation of the API service or any portion thereof.

7.2 No Appeal Process Required

XEX is not obligated to provide a reason for terminating or suspending your API access, nor is XEX required to offer an appeal or review process. While XEX may, at its sole discretion, consider reinstatement requests submitted to api-support@xex.to, there is no guarantee that such requests will be reviewed or granted. XEX's decision regarding termination or suspension of API access is final and binding.

7.3 Effect of Termination

Upon termination or suspension of your API access, you must immediately cease all use of the APIs and delete or destroy all API Keys in your possession. Any API Data in your possession that was obtained in violation of these API Terms must be deleted. Termination does not relieve you of your obligations under these API Terms with respect to data usage restrictions, confidentiality, intellectual property, and liability limitations, all of which survive termination. Termination of API access does not automatically terminate your XEX account, though your account may be separately terminated in accordance with the General Terms.

8. Intellectual Property

8.1 XEX's Intellectual Property

The APIs, including their design, architecture, protocols, endpoint structures, request and response schemas, error codes, documentation, developer portal, and all associated intellectual property, are and shall remain the exclusive property of XEX. These API Terms do not grant you any ownership interest in the APIs or any XEX intellectual property. Your right to use the APIs is limited to the license expressly granted herein, which is non-exclusive, non-transferable, non-sublicensable, revocable, and subject to the terms and conditions of these API Terms.

8.2 Trademarks

The XEX name, logo, and all related trademarks, service marks, and trade dress are the property of XEX. You may not use any XEX trademarks in connection with your use of the APIs without prior written permission from XEX, except as expressly required for attribution purposes as described in Section 3.5. Any permitted use of XEX trademarks must comply with XEX's brand guidelines, as provided upon request.

8.3 Open-Source SDKs

XEX may make available open-source software development kits (SDKs), client libraries, and code samples to facilitate integration with the APIs. Such open-source software is licensed separately under the terms of the applicable open-source license (e.g., MIT License, Apache License 2.0) as specified in the relevant repository or source code files. The availability of open-source SDKs does not alter or expand the rights granted under these API Terms with respect to the APIs themselves. Open-source SDKs are provided "as is" without warranty of any kind, and XEX is not obligated to maintain, update, or support any open-source SDK.

8.4 Feedback

If you provide any feedback, suggestions, ideas, or recommendations regarding the APIs ("Feedback"), you hereby grant XEX a perpetual, irrevocable, worldwide, royalty-free, fully paid-up, non-exclusive, sublicensable, and transferable license to use, reproduce, modify, distribute, display, and otherwise exploit such Feedback for any purpose, without attribution, compensation, or obligation to you. You represent and warrant that you have the right to provide such Feedback and that the Feedback does not infringe any third-party rights.

By accessing or using the XEX APIs, you acknowledge that you have read, understood, and agree to be bound by these API Terms in their entirety. These API Terms, together with the General Terms and all policies referenced herein, constitute the entire agreement between you and XEX with respect to your use of the APIs and supersede all prior or contemporaneous agreements, representations, and understandings. XEX reserves the right to update or modify these API Terms at any time by posting the revised terms on its website. Your continued use of the APIs after any such modification constitutes your acceptance of the updated terms.