API
Description
The Ardor API allows interaction with Ardor nodes using HTTP requests to port 27876. Most HTTP requests can use either the GET or POST methods, but some API calls accept only the POST method for security reasons. Responses are returned as JSON objects.
If you want to interact with an Ardor testnet local node, please be aware that the port for sending the HTTP requests is different, you should use 26876 instead of the mainnet one 27876.
Each API call is documented (see the full API list), with definitions given for HTTP request parameters and JSON response fields, followed by an example:
- The JSON response fields are each followed by one of S for string, A for array, O for object, N for number or B for boolean.
- In the examples, the Ardor node is represented as localhost and requests and responses are formatted for easy reading; line breaks and spaces are not actually used except in some parameter values. All requests are in URL format which implies the HTTP GET method. When GET is allowed, the URL can be entered into a browser URL field but proper URL encoding is usually required (e.g., spaces in a parameter value must be replaced by + or %20). Otherwise, the URL should be used as a guide to preparing an HTTP POST request using cURL, for example.
All API calls can be viewed and tested at http://localhost:27876/test while the local server node is running. For specific API calls, use 'http://localhost:27876/test?requestType=specificRequestType'
There are some Sample Java Programs, which demonstrate how to perform operations such as calculating the best bundling fee for child chain transactions, the use of APIs locally without relying on a remote node among others.
This document corresponds to Ardor Software Version 2.4.3: Download Ardor Developers Cheat Sheet
Java Conversion Functions
From | To | Code |
---|---|---|
Secret Phrase | Public Key | Crypto.getPublicKey(String s)
|
Public Key | Numeric ID | Account.getId(byte[] pk)
|
Numeric ID | Public Key | Account.getPublicKey(long id)
|
Numeric ID | String ID | Long.toUnsignedString(long id)
|
String ID | Numeric ID | Convert.parseUnsignedLong(String s)
|
Numeric ID | RS Format | Convert.rsAccount(id)
|
RS Format or String ID | Numeric ID | Convert.parseAccountId(String s)
|
byte[] | Hex String | Convert.toHexString(b)
|
Hex String | byte[] | Convert.parseHexString(hex)
|
Full Hash | ID | Convert.fullHashToId(byte[] b)
|
Epoch Time | Time Millis | Convert.fromEpochTime(int t)
|
Time Millis | Epoch Time | Convert.toEpochTime(long t)
|
String | byte[] | Convert.toString(byte[] b, Boolean isText)
|
byte[] | String | Convert.toBytes(String s, boolean isText)
|
Java Common Operations
Operation | Code | Return |
---|---|---|
Sign | Crypto.sign(byte[] message, String secretPhrase)
|
byte[]
|
Verify | Crypto.verify(byte[] signature, byte[] message, byte[] publicKey)
|
Boolean
|
Encrypt | Account.encryptTo(byte[] publicKey, byte[] data, String senderSecretPhrase, boolean compress)
|
EncryptedData
|
Decrypt | Account.decryptFrom(EncryptedData encryptedData, String recipientSecretPhrase, boolean uncompress)
|
byte[]
|
Sha256 | Crypto.sha256().digest(byte[] b)
|
byte[]
|
Compress | Convert.compress(byte[] bytes)
|
byte[]
|
Uncompress | Convert.uncompress(byte[] bytes)
|
byte[]
|
Useful Constants see nxt.Constants
class
Reading from properties file Nxt.getBooleanProperty(), Nxt.getIntProperty(), Nxt.getStringProperty(), Nxt.getStringListProperty()
Javascript Conversion Functions
From | To | Code |
---|---|---|
Secret Phrase | Public Key | NRS.getPublicKey(converters.stringToHexString(secretPhrase))
|
Public Key | String ID | NRS.getAccountIdFromPublicKey(publicKeyHexString)
|
String ID | Public Key | NRS.getPublicKey(id, true)
|
String ID | RS Format | NRS.convertNumericToRSAccountFormat(id)
|
byte[] | Hex String | converters.byteArrayToHexString(bytes)
|
Hex String | byte[] | converters.hexStringToByteArray(hex)
|
Full Hash | ID | NRS.fullHashToId(fullHash)
|
Epoch Time | Time Millis | NRS.fromEpochTime(epochTime)
|
Time Millis | Epoch Time | NRS.toEpochTime(time)
|
String | byte[] | NRS.getUtf8Bytes(String), converters.stringToByteArray(String)
|
byte[] | String | converters.byteArrayToString(bytes)
|
NQT | Chain tokens | NRS.intToFloat(amountNQT, decimals)
|
NQT | formatted | NRS.formatQuantity(amountNQT, decimals) – many different variants
|
Chain tokens | NQT | NRS.floatToInt(amountNXT, decimals)
|
Javascript Common Operations
Operation | Code | Return |
---|---|---|
Sign | NRS.signBytes(hexStringMessage, secretPhrase)
|
Hex String
|
Verify | NRS.verifySignature(hexSignature, hexStringMessage, hexPublicKey, callback)
|
boolean
|
Encrypt | NRS.encryptNote(), NRS.encryptData() – see test.nrs.encryption.js
|
encrypted message, nonce
|
Decrypt | NRS.decryptNote(), NRS.decryptData() - see test.nrs.encryption.js
|
Decrypted message, shared key
|
Sha256 | CryptoJS.algo.SHA256.create(), update(), finalize()
|
word array
|
Compress | pako.gzip(new Uint8Array(bytes))
|
byte array
|
Uncompress | pako.inflate(new Uint8Array(bytes))
|
byte array
|
Useful Constants see nrs.constants.js
class
Reading account settings
NRS.settings[<setting name>]
- account specific
NRS.mobileSettings[<setting name>]
- device specific
General Notes
Flexible Account IDs
All API requests that require an account ID accept either an account number or the corresponding Reed-Solomon address.
The Ardor system is defined relative to a whole unit of the holding being transactioned. The parent chain ARDOR has a currency ARDR used to quantify value of forging in the system. Like all currencies, ARDR circulates in the system, moving from one user to another by transfers. Also, a small fee is required for every transaction, including those in which no ARDR is transferred, such as simple messages when using a child chain. This fee goes to the owner of the node that forges (generates) the new block containing the transaction that is accepted onto the blockchain, and the bundlers get the child chain fees and pay the ARDR fees to the forgers.
One billion ARDR were distributed during the snapshot, and no new ARDR will ever be created. ARDR is divisible to eight decimal places. Yet internally, the currency is still stored in integer form in units of amountNQT, where 1 ARDR = 108 amountNQT. All parameters and fields in the API involving a quantity of a token are denominated in units of amountNQT, for example feeNQT.
The Ardor system can be thought of as an asset owned by all who possess ARDR. In this sense, ARDR quantifies ownership of or stake in the system. Stakeholders are entitled to forge blocks and collect transaction fees in proportion to the amount of ARDR they possess.
Other assets can be created within ARDR using Issue Asset within a child chain (eg Ignis). The issuer must specify the number of decimal places to use in quantifying the asset, and the amount of the asset to create in generic units of QNT or Quant. Quantities of assets are stored internally as integers in units of QNT, and assets are priced at priceNQTper(Share, Coin, Unit, etc.)
For example, an ABTC (it represents Bitcoin) asset is divisible to eight decimal places, like the original bitcoin (BTC). Therefore a QNT of ABTC is equivalent to a Satoshi (10-8 BTC). To place an order to sell 25,000,000 QNT of the ABTC asset at a price of 20,000 priceNQTperShare, use the API Call Place Order with requestType=placeAskOrder, quantityQNT=25000000 and priceNQTPerShare=20000 in the chain Ignis. If the entire quantity is sold on the Asset Exchange, the seller will receive 500,000,000,000 NQT (quantityQNT * priceNQT) from the buyer(s). This trade corresponds to selling 0.25 ABTC for 5,000 IGNIS, which is how the trade appears in the NRS client. In this case, the price of 20,000 in priceNQTperShare is also the price in Ignis per ABTC, since both ABTC and Ignis are divisible to eight decimal places.
Currencies in the Ardor Monetary System are a special kind of asset with properties and exchange methods suitable for currencies. Concerning quantities, exchange rates, and decimal places, the Monetary System API calls use amountNQT, QNT, and priceNQTPer(Share, Coin, Unit, etc.) in the same way as assets.
Creating Unsigned Transactions
All API requests that create a new transaction will accept either a secretPhrase or a publicKey parameter:
- If secretPhrase is supplied, a transaction is created, signed at the server, and broadcast by the server as usual.
- If only a publicKey parameter is supplied as a 64-digit (32-byte) hex string, the transaction will be prepared by the server and returned in the JSON response as transactionJSON without a signature. This JSON object along with secretPhrase can then be supplied to Sign Transaction as unsignedTransactionJSON and the resulting signed transactionJSON can then be supplied to Broadcast Transaction. This sequence allows for offline signing of transactions so that secretPhrase never needs to be exposed.
- unsignedTransactionBytes may be used instead of unsigned transactionJSON when there is no encrypted message. Messages to be encrypted require the secretPhrase for encryption and so cannot be included in unsignedTransactionBytes.
Escrow Operations
All API requests that create a new transaction will accept an optional referencedTransactionFullHash parameter which creates a chained transaction, meaning that the new transaction cannot be confirmed unless the referenced transaction is also confirmed. This feature allows a simple way of transaction escrow:
- Alice prepares and signs a transaction A, but doesn't broadcast it by setting the broadcast parameter to false. She sends to Bob the unsignedTransactionBytes, the fullHash of the transaction, and the signatureHash. All of those are included in the JSON returned by the API request. (Warning: make sure not to send the signed transactionBytes, or the signature itself, as then Bob can just broadcast transaction A himself).
- Bob prepares, signs, and broadcasts transaction B, setting the referencedTransactionFullHash parameter to the fullHash of A provided by Alice. He can verify that this hash indeed belongs to the transaction he expects from Alice, by using Calculate Full Hash, which takes unsignedTransactionBytes and signatureHash (both of which Alice has also sent to Bob). He can also use Parse Transaction to decode the unsigned bytes and inspect all transaction fields.
- Transaction B is accepted in the unconfirmed transaction pool, but as long as A is still missing, B will not be confirmed, i.e. will not be included in the blockchain. If A is never submitted, B will eventually expire -- so Bob should make sure to set a long enough deadline, such as the maximum of 32767 minutes.
- Once in the unconfirmed transactions pool, Bob has no way of recalling B back. So now Alice can safely submit her transaction A, by just broadcasting the signedTransactionBytes she got in the first step. Transaction A will get included in the blockchain first, and in the next block, Bob's transaction B will also be included.
Note that while the above scheme is good enough for a simple escrow, the blockchain does not enforce that if A is included, B will also be included. It may happen due to forks and blockchain reorganization, that B never gets a chance to be included and expires unconfirmed, while A remains in the blockchain. However, it is not practically possible for Bob to intentionally cause such chain of events and to prevent B from being confirmed.
Prunable Data
Prunable data can be removed from the blockchain without affecting the integrity of the blockchain. When a transaction containing prunable data is created, only the 32-byte sha256 hash of the prunable data is included in the transactionBytes, not the prunable data itself. The non-prunable signed transactionBytes are used to verify the signature and to generate the transaction's fullHash and ID; when the prunable part of the transaction is removed at a later time, none of these operations are affected.
Prunable data has a predetermined minimum lifetime of two weeks (24 hours on the Testnet) from the timestamp of the transaction. Transactions and blocks received from peer nodes are not accepted if prunable data is missing before this time has elapsed. After this time has elapsed, prunable data is no longer included with transactions and blocks transmitted to peer nodes, and is no longer included in the transaction JSON returned by general-purpose API calls such as Get Transaction; the only way to retrieve it, if still available, is through special-purpose API calls such as Get Prunable Message.
Expired prunable data remains stored in the blockchain until removed at the same time derived tables are trimmed, which occurs automatically every 1000 blocks by default. Use Trim Derived Tables to remove expired prunable data immediately.
Prunable data can be preserved on a node beyond the predetermined minimum lifetime by setting the nxt.maxPrunableLifetime property to a larger value than two weeks or to -1 to preserve it indefinitely. To force the node to include such preserved prunable data when transactions and blocks are transmitted to peer nodes, set the nxt.includeExpiredPrunables property to true, thus making it an archival node.
Currently, there are two varieties of prunable data in the Nxt system: prunable Arbitrary Messages and Tagged Data. Both varieties have a maximum prunable data length of 42 kilobytes.
Properties Files
The behavior of some API calls is affected by property settings loaded from files in the ardor/conf directory during Ardor server initialization. This directory contains the nxt-default.properties and logging-default.properties files, both of which contain default property settings along with documentation. A few of the property settings can be obtained while the server is running through the Get Blockchain Status and Get State calls.
It is recommended not to modify default properties files because they can be overwritten during software updates. Instead, properties in the default files can be overridden by including them in optional nxt.properties and logging.properties files in the same directory. For example, a nxt.properties file can be created with the contents:
nxt.isTestnet=true
This causes the Ardor server to connect to the Testnet instead of the Mainnet.
Admin Password
The admin password protects the node from malicious external access. It is not related to your passphrase or seed, your account id nor your public key. Some API functions take an adminPassword parameter, which must match the nxt.adminPassword property unless the nxt.disableAdminPassword property is set to true or the API server only listens on the localhost interface (when the nxt.apiServerHost property is set to 127.0.0.1).
How to setup the Admin Password
The setup is done in the node nxt.properties
configuration file:
- Password that should be provided when executing protected (administrative) API requests.
- Please choose a decent password here. Preferably, use a password generator.
- Password protection is disabled and password is not needed when the API server only listens on the localhost interface, i.e. when
nxt.apiServerHost=127.0.0.1
- Add the
nxt.adminPassword=<type here the password>
entry - Restart the node
The same value specified in nxt.adminPassword should be passed when calling any API which accepts adminPassword as parameter. When loading the wallet from a remote node enter this value in the account settings page "Administrator Password" field.
Operations that require Admin Password
The admin password is required for the following operations (partial list)
- For any query API such as getBlockchainTransactions to return more than 100 records
- Get and stop APIs for forging, bundling, funding monitor, and shuffler
- Access to the /dbshell page to execute SQL queries
- Various administrative APIs: All Debug Operations require adminPassword since they require some kind of privilege. On some functions, adminPassword is used to override the maximum allowed value for the lastIndex parameter, which is set to 100 by default by the nxt.maxAPIRecords property. Giving you the option to retrieve more than objects per request.
Admin Password API responses
API response errors and their meaning, as follows:
- "Administrator's password is not configured. Please set nxt.adminPassword" - you need to configure the admin password on the remote node.
- "adminPassword not specified" - password is configured on the remote node but is not specified by the API call
- "Incorrect adminPassword (the specified password does not match nxt.adminPassword)" - the password specified did not match the remote node password
- "Too many incorrect admin password attempts from ..." - you specified too many incorrect password attempts
Roaming and Light Client Modes
The remote node to use when in roaming and light client modes is selected randomly, but can be changed manually in the UI, or using the new set API Proxy Peer API, or forced to a specific peer using the nxt.forceAPIProxyServerURL property.
Remote nodes can be blacklisted from the UI, or using the Blacklist API Proxy Peer API. This blacklisting is independent of peer blacklisting. The API proxy blacklisting period can be set using the nxt.apiProxyBlacklistingPeriod property (default 1800000 milliseconds).
API requests that require sending the secret phrase, shared key, or admin password to the server, for features like forging, shuffling, or running a funding monitor, are disabled when in roaming or light client mode.