POST
/
accounts
/
{accountId}
/
blockchain-addresses
Create blockchain address.
curl --request POST \
  --url https://sandbox.api.openfx.com/v1/accounts/{accountId}/blockchain-addresses \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'Idempotency-Key: <idempotency-key>' \
  --header 'X-Signature: <api-key>' \
  --header 'X-Timestamp: <api-key>' \
  --data '
{
  "chain": "ethereum",
  "asset": "USDC"
}
'
{
  "id": "ba_01953e1a5f4b7201",
  "accountId": "acc_01953e1a5f4b7010",
  "chain": "ethereum",
  "address": "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD38",
  "asset": "USDC",
  "status": "active",
  "createdAt": "2026-02-23T12:00:00Z"
}

Authorizations

Authorization
string
header
required

API key issued at onboarding. Passed as a Bearer token in the Authorization header: Authorization: Bearer <api-key>. Identifies the caller and determines organization scope. Invalid or revoked keys return 401 with error type authentication_error.

X-Signature
string
header
required

Ed25519 or RSA-SHA256 asymmetric signature over the request payload (ADR-0015). Provides request integrity and non-repudiation. The signature covers the HTTP method, path, query string, request body, and timestamp. Invalid signatures return 401 with error type authentication_error.

X-Timestamp
string
header
required

Unix timestamp (seconds) of when the request was signed. Server rejects requests where the timestamp drifts beyond +/-60 seconds from server time to prevent replay attacks. Must match the timestamp used in the signature computation.

Headers

Idempotency-Key
string
required

Idempotency key for this request. UUID v4 recommended. Max 128 characters. 24-hour retention. Same key + same body replays original response with Idempotency-Replayed: true. Same key + different body returns 409 (code: duplicate_idempotency_key). Same key while the original request is still processing returns 409 with a Retry-After header (code: idempotency_key_in_flight).

Maximum string length: 128
Example:

"550e8400-e29b-41d4-a716-446655440000"

Path Parameters

accountId
string
required

Unique identifier of the account (acc_ prefix). Account resource identifier.

Pattern: ^acc_[A-Za-z0-9]+$
Example:

"acc_01953e1a5f4b7002"

Body

application/json
chain
enum<string>
required

Blockchain network for provisioning a deposit address. MVP: Erebor supports deposit addresses on ethereum, solana, and sui.

Available options:
ethereum,
solana,
sui
asset
enum<string>
required

Supported crypto assets.

Available options:
USDC,
USDT

Response

Blockchain address created.

Writable blockchain deposit address sub-resource. System generates the on-chain address; consumers cannot specify it.

id
string
required

Blockchain address resource identifier.

Pattern: ^ba_[A-Za-z0-9]+$
Example:

"ba_01953e1a5f4b7201"

accountId
string
required

Account resource identifier.

Pattern: ^acc_[A-Za-z0-9]+$
Example:

"acc_01953e1a5f4b7002"

chain
enum<string>
required

Supported blockchain networks.

Available options:
ethereum,
solana,
base,
ink,
sui
asset
enum<string>
required

Supported crypto assets.

Available options:
USDC,
USDT
address
string
required

On-chain deposit address (system-generated).

Example:

"0x742d35Cc6634C0532925a3b844Bc9e7595f2bD28"

status
enum<string>
required

Status of a blockchain deposit address.

Available options:
active,
suspended
createdAt
string<date-time>
required

UTC timestamp in RFC 3339 / ISO 8601 format.

Example:

"2026-02-23T12:00:00Z"