Getting access
What 0Bit must approve before a partner can use 0Pools in sandbox or production.
0Pools access is an onboarding process, not a sign-up button. A headless liquidity API gives a partner the ability to build its own money UX, so 0Bit must approve the account, product, compliance model, pool list, limits, funding, and support path before live traffic.
Access lifecycle
Product fit review
0Pools is appropriate when:
- The partner must own the native customer UX.
- The partner has an approved compliance and support model.
- The integration is server-to-server.
- The use case needs direct quote/transact/status control.
- 0Gate's hosted widget or redirect is not the right product surface.
0Gate is usually better when the user can complete the ramp inside 0Bit-hosted screens.
Required setup
| Setup item | Why it exists |
|---|---|
| Organization | Ties keys, partner id, and support records together. |
| Secret key | Server-only access for quotes, execution, reads, and balances. |
| Publishable key | Optional discovery access where approved. |
| PartnerPoolAccess | Status, KYC/KYB, tier, allowed pools, webhook config. |
| Funding instructions | Required when prefunded balance is enabled. |
| Webhook endpoint | Optional async terminal events. |
| Limits | Per-partner safety controls around size and velocity. |
Deny-closed behavior
Every important gate fails closed:
| Missing or invalid | Expected behavior |
|---|---|
| Wrong or absent key | Unauthorized. |
| Wrong environment | Key mode mismatch or environment error. |
| No active access row | Forbidden. |
| KYC/KYB not approved | Forbidden. |
| Pool not allowed | Forbidden on guarded execution or not-found for cross-tenant reads. |
| Insufficient prefunded balance | Payment required. |
| Off-ramp not enabled | Not implemented / gated. |
This is intentional. A denied request should not move money.
Smoke test plan
Before launch, prove each path:
GET /v1/poolsreturns only allowed pools.- Capabilities match the approved side/network/limit set.
- Indicative quote returns price or safe unavailable state.
- Firm quote returns expiry and quote id.
- Duplicate
transactdoes not create a duplicate trade. - Status polling reaches a terminal test state.
- Webhook handler verifies signature and dedupes event id.
- Balance/ledger view reconciles with your order record.
What to send support
For access issues, include partner id or organization name, environment, request id, pool id, endpoint, and timestamp. Do not send secret keys, webhook secrets, bank credentials, or raw customer identity data.
Access approval matrix
| Area | Question 0Bit needs answered | Why it matters |
|---|---|---|
| Product fit | Why is headless 0Pools required instead of hosted 0Gate? | Headless liquidity puts UX and support duties on the partner. |
| Customer responsibility | Who owns onboarding, disclosures, fraud, and support? | Prevents unclear user-of-record and support boundaries. |
| Pool scope | Which pairs, sides, networks, limits, and environment are needed? | Keeps discovery and capabilities narrow. |
| Funding model | Is the program prefunded, settlement-based, or otherwise reviewed? | Prevents delivering value before funding policy is satisfied. |
| Webhooks | Which endpoint receives terminal events and how are they deduped? | Keeps async status reliable. |
| Monitoring | Who responds to quote failures, stuck reserved trades, and ledger gaps? | Ensures production incidents have responsible teams. |
| Reconciliation | Which records close finance reporting? | Prevents ambiguous movement history. |
Onboarding flow with evidence
Each step should produce evidence: config, test ids, screenshots if useful, and reconciliation rows. Live approval should not be based only on "the quote endpoint returned 200 once."
Before and after access
| Self-serve liquidity access | 0Pools access model |
|---|---|
| Any developer can try any route and discover failures late. | Approved partners see only reviewed pools. |
| Compliance and support responsibilities are clarified after an incident. | Responsibilities are reviewed before live traffic. |
| Keys are enough to move money. | Keys plus entitlement, funding, limits, and monitoring are required. |
| Production launch is a traffic switch. | Launch is a staged process with evidence and reconciliation. |
First production order checklist
Before sending meaningful volume, run one controlled production order and confirm:
- Live key mode is correct.
- Pool discovery returns only expected pools.
- Capabilities match approved side/network/limits.
- Firm quote has expected expiry and quote-bound destination.
- Transact is idempotent.
- Status can be retrieved after execution.
- Webhook arrives or polling fallback works.
- Ledger/reconciliation row closes with quote and trade ids.
- Support can find the order from the partner reference.
Access packet for production review
Access review should produce a clear packet that engineering, compliance, finance, and support can all inspect.
| Packet item | Example evidence | Owner |
|---|---|---|
| Product description | User journey, countries, assets, expected volumes. | Partner product team. |
| KYB/KYC state | Approved business and user verification process. | Compliance. |
| Pool request | Desired pairs, side, networks, limits, settlement model. | Partner engineering. |
| Funding plan | Prefunding method, top-up contact, balance monitoring. | Finance/treasury. |
| Webhook plan | Endpoint URL, signing verification, retry handling. | Engineering. |
| Support plan | Escalation email, required ids, user-safe copy. | Support ops. |
Environment readiness matrix
| Capability | Sandbox | Production |
|---|---|---|
| Discovery | Test entitlements only. | Live entitlements only. |
| Quote | Synthetic or limited terms. | Live terms under approved limits. |
| Transact | Test execution path. | Real money movement or real settlement exposure. |
| Webhooks | Must be verified before go-live. | Required for automated reconciliation. |
| Reconciliation | Test ledger joins. | Daily finance close required. |
Approval decision record
{
"partner_id": "partner_01H",
"product": "wallet_buy_stablecoin",
"requested_pools": ["EUR-USDT"],
"approved_environment": "production",
"approved_sides": ["buy"],
"funding_model": "prefunded_balance",
"webhook_verified": true,
"support_escalation_ready": true
}Implementation depth
This page is about moving from account review to usable sandbox or production access. For developers, the durable boundary is simple: your product should depend on access state, enabled pools, keys, funding model, and webhook readiness; it should not depend on internal provisioning scripts, approval queues, and operator tooling. That boundary is what lets 0Pools improve liquidity operations without forcing every partner to rebuild product code.
Product scenario
A partner wants to launch a native stablecoin buy flow. Before coding production paths, the team confirms account approval, key mode, pool entitlement, funding requirements, webhook endpoint, and support contacts.
Before and after in practice
| Before 0Pools | With 0Pools |
|---|---|
| Developers receive a key and discover missing pool, KYC, funding, or webhook setup only when the first real order fails. | Access is treated as a staged checklist, and every gate is tested before customer volume is enabled. |
| Product teams infer liquidity behavior from provider-specific screens or manual notes. | Product teams branch on 0Pools objects: pool, quote, trade, balance, webhook, and ledger. |
| Support asks engineering to reconstruct state from logs. | Support starts from request id, quote id, trade id, event id, and ledger id. |
System flow
Records to keep
| Record | Why it matters | Example |
|---|---|---|
environment | Keeps sandbox and production state separate. | sandbox |
key_mode | Prevents test/live mismatch. | sk_test |
enabled_pools | Defines usable lanes. | EUR-USDT |
webhook_status | Confirms async readiness. | verified |
A useful implementation stores these records before adding optional analytics. Analytics can be rebuilt from durable state; missing ids usually cannot be reconstructed after a customer-impacting failure.
Example product record
{
"product_area": "getting-access",
"partner_reference": "partner_order_123",
"pool_id": "EUR-USDT",
"quote_id": "pq_test_123",
"transact_id": "pt_test_456",
"status": "reserved",
"request_id": "req_01HZY0POOLS",
"reconciliation_state": "open"
}This record is intentionally partner-facing. It references 0Pools objects and your own product ids, but it does not include private liquidity routes, treasury balances, raw provider payloads, or customer secrets.
Failure modes and recovery
| Failure mode | Product response |
|---|---|
| Key verifies but pool denied | Ask for the enabled pool list; do not retry random ids. |
| Webhook unavailable | Poll status until webhook verification passes. |
| Funding not credited | Keep quote actions disabled where prefunding is required. |
| Production volume too early | Use small controlled transactions before scaling. |
Use-case patterns
| Pattern | How 0Pools helps |
|---|---|
| Sandbox setup | Confirm keys and pool discovery. |
| Production cutover | Verify live entitlements and webhooks. |
| Support handoff | Document account-specific behavior. |
Developer checklist
- Read runtime discovery and capabilities before rendering enabled actions.
- Create firm quotes only when the user is ready to accept the terms.
- Execute from your server with an idempotency key.
- Treat webhooks and status reads as the source of truth for settlement state.
- Reconcile by durable ids first, then by amount and timestamp.
- Do not branch product behavior on provider names, route names, reserve balances, or treasury assumptions.