Aster Spot Skill

Spot request on Aster using authenticated API endpoints. Requires API key and secret key for certain endpoints. Return the result in JSON format.

Data Fetching Guidelines (CRITICAL)

NEVER truncate JSON responses with head -c, head -n, or similar — truncated JSON is corrupted and will produce wrong results.

Mandatory Rules

Always specify symbol parameter when querying a specific trading pair. Many endpoints return ALL symbols when symbol is omitted, producing responses of 100KB+.
Always use limit parameter to constrain result size. Use the smallest limit that satisfies the request (e.g., limit=5 instead of default 500).
Use jq to extract fields — never parse raw mega-JSON visually. Pipe through jq to select only needed data.

Progressive Data Exploration Strategy

When the user asks a broad question (e.g., "what spot pairs are available?"), use a layered approach:

Step 1 — Get lightweight summary first:

```bash

# Get just the symbol list, not full exchangeInfo

curl -s "https://sapi.asterdex.com/api/v1/exchangeInfo" | jq '[.symbols[].symbol]'

```

Step 2 — Confirm scope with user before fetching detailed data for many symbols.

Step 3 — Fetch details for specific symbols only:

```bash

# Get price for ONE symbol, not all

curl -s "https://sapi.asterdex.com/api/v1/ticker/price?symbol=BTCUSDT"

```

Endpoints That Return Dangerously Large Data (without symbol filter)

Endpoint	Without `symbol`	With `symbol`
----------	------------------	---------------
`/api/v1/exchangeInfo`	ALL symbols + filters (100KB+)	N/A — use `jq` to filter
`/api/v1/ticker/24hr`	ALL symbols (50KB+)	Single object (~500B)
`/api/v1/ticker/price`	ALL symbols (10KB+)	Single object (~80B)
`/api/v1/ticker/bookTicker`	ALL symbols (20KB+)	Single object (~150B)
`/api/v1/depth`	N/A (symbol required)	Varies by `limit`: use `limit=5` for overview
`/api/v1/klines`	N/A (symbol required)	Default 500 candles — always set `limit`
`/api/v1/trades`	N/A (symbol required)	Default 500 trades — always set `limit`

Example: Safe vs Unsafe

# BAD — returns ALL symbols, then truncates = corrupted JSON
curl -s ".../api/v1/ticker/price" | head -c 5000

# GOOD — returns single symbol, complete JSON
curl -s ".../api/v1/ticker/price?symbol=BTCUSDT"

# BAD — 500 candles by default
curl -s ".../api/v1/klines?symbol=BTCUSDT&interval=1h"

# GOOD — only 5 candles
curl -s ".../api/v1/klines?symbol=BTCUSDT&interval=1h&limit=5"

# GOOD — extract just symbol names from exchangeInfo
curl -s ".../api/v1/exchangeInfo" | jq '[.symbols[] | {symbol, status}]'

Quick Reference

Endpoint	Description	Required	Optional	Authentication
----------	-------------	----------	----------	----------------
`/api/v1/ping` (GET)	Test server connectivity	None	None	No
`/api/v1/time` (GET)	Get server time	None	None	No
`/api/v1/exchangeInfo` (GET)	Trading specification information	None	None	No
`/api/v1/depth` (GET)	Order book depth	symbol	limit	No
`/api/v1/trades` (GET)	Recent trades list	symbol	limit	No
`/api/v1/historicalTrades` (GET)	Query historical trades	symbol	limit, fromId	Yes
`/api/v1/aggTrades` (GET)	Compressed/Aggregate trades list	symbol	fromId, startTime, endTime, limit	No
`/api/v1/klines` (GET)	K-line/Candlestick data	symbol, interval	startTime, endTime, limit	No
`/api/v1/ticker/24hr` (GET)	24-hour price change statistics	None	symbol	No
`/api/v1/ticker/price` (GET)	Latest price ticker	None	symbol	No
`/api/v1/ticker/bookTicker` (GET)	Best bid/ask price ticker	None	symbol	No
`/api/v1/commissionRate` (GET)	Get symbol commission rate	symbol, timestamp	recvWindow	Yes
`/api/v1/order` (POST)	Place new order	symbol, side, type, timestamp	timeInForce, quantity, quoteOrderQty, price, newClientOrderId, stopPrice, recvWindow	Yes
`/api/v1/order` (DELETE)	Cancel order	symbol, timestamp	orderId, origClientOrderId, recvWindow	Yes
`/api/v1/order` (GET)	Query order	symbol, timestamp	orderId, origClientOrderId, recvWindow	Yes
`/api/v1/allOpenOrders` (DELETE)	Cancel all open orders on a symbol	symbol, timestamp	orderIdList, origClientOrderIdList, recvWindow	Yes
`/api/v1/openOrders` (GET)	Current open orders	timestamp	symbol, recvWindow	Yes
`/api/v1/allOrders` (GET)	Query all orders	symbol, timestamp	orderId, startTime, endTime, limit, recvWindow	Yes
`/api/v1/account` (GET)	Account information	timestamp	recvWindow	Yes
`/api/v1/userTrades` (GET)	Account trade history	timestamp	symbol, orderId, startTime, endTime, fromId, limit, recvWindow	Yes
`/api/v1/asset/wallet/transfer` (POST)	Perp-Spot transfer	amount, asset, clientTranId, kindType, timestamp	None	Yes
`/api/v1/asset/sendToAddress` (POST)	Transfer asset to other address	amount, asset, toAddress, timestamp	clientTranId, recvWindow	Yes
`/api/v1/aster/withdraw/estimateFee` (GET)	Get withdrawal fee estimate	chainId, asset	None	No
`/api/v1/aster/user-withdraw` (POST)	Withdraw funds	chainId, asset, amount, fee, receiver, nonce, userSignature, timestamp	recvWindow	Yes
`/api/v1/getNonce` (POST)	Get nonce for API key creation	address, userOperationType	network	No
`/api/v1/createApiKey` (POST)	Create API key	address, userOperationType, userSignature, desc, timestamp	network, apikeyIP, recvWindow	No
`/api/v1/listenKey` (POST)	Generate user data stream listen key	None	None	Yes (API key only)
`/api/v1/listenKey` (PUT)	Extend listen key validity	listenKey	None	Yes (API key only)
`/api/v1/listenKey` (DELETE)	Close user data stream	listenKey	None	Yes (API key only)

Parameters

Common Parameters

symbol: Trading pair (e.g., BTCUSDT)
limit: Default 500; maximum 1000 (depth endpoint supports: 5, 10, 20, 50, 100, 500, 1000; klines max 1500)
fromId: Return starting from trade ID (e.g., 1)
startTime: Timestamp in ms to get data from INCLUSIVE (e.g., 1735693200000)
endTime: Timestamp in ms to get data until INCLUSIVE (e.g., 1735693200000)
recvWindow: The value cannot be greater than 60000. Default 5000. (e.g., 5000)
timestamp: Unix timestamp in milliseconds (e.g., 1735693200000)
quantity: Order quantity (e.g., 1)
quoteOrderQty: Quote order quantity (e.g., 100)
price: Order price (e.g., 50000)
stopPrice: Required for STOP, STOP_MARKET, TAKE_PROFIT, TAKE_PROFIT_MARKET orders (e.g., 49000)
newClientOrderId: Client-customized unique order ID. Automatically generated if not sent.
orderId: Order ID (e.g., 1)
origClientOrderId: Original client order ID
orderIdList: Order ID array string (for batch cancel)
origClientOrderIdList: Client order ID array string (for batch cancel)
amount: Transfer/withdrawal quantity (e.g., 1.5)
asset: Asset type (e.g., USDT, BTC)
clientTranId: Client transaction ID (minimum 20 characters if provided)
kindType: Transfer direction: FUTURE_SPOT or SPOT_FUTURE
toAddress: Target EVM address for transfers
chainId: Chain ID for withdrawals: 1 (ETH), 56 (BSC), 42161 (Arbi)
fee: Withdrawal fee
receiver: Current account address (for withdrawals)
nonce: Current time in microseconds (for withdrawals)
userSignature: EVM wallet signature
address: Wallet address (for API key creation)
userOperationType: Operation type: CREATE_API_KEY
network: Network type (SOL for Solana network only)
apikeyIP: Comma-separated IP addresses for whitelist
desc: API key description (max 20 characters; no duplicates per account)
listenKey: Listen key for user data streams

Enums

side: BUY | SELL
type (order type): LIMIT | MARKET | STOP | TAKE_PROFIT | STOP_MARKET | TAKE_PROFIT_MARKET
timeInForce: GTC | IOC | FOK | GTX
interval: 1m | 3m | 5m | 15m | 30m | 1h | 2h | 4h | 6h | 8h | 12h | 1d | 3d | 1w | 1M
kindType: FUTURE_SPOT | SPOT_FUTURE
orderStatus: NEW | PARTIALLY_FILLED | FILLED | CANCELED | REJECTED | EXPIRED

Authentication

For endpoints that require authentication, you will need to provide Aster API credentials.

Required credentials:

apiKey: Your Aster API key (for header)
secretKey: Your Aster API secret (for signing)

Base URL:

Mainnet: https://sapi.asterdex.com

WebSocket:

Market Streams: wss://sstream.asterdex.com

See references/authentication.md for implementation details.

Security

Share Credentials

Users can provide Aster API credentials by sending a file where the content is in the following format:

abc123...xyz
secret123...key

Never Display Full Secrets

When showing credentials to users:

API Key: Show first 5 + last 4 characters: bb3b2...02ae
Secret Key: Always mask, show only last 5: *...ae1c

Example response when asked for credentials:

Account: main

API Key: bb3b2...02ae

Secret: *...ae1c

Environment: Mainnet

Listing Accounts

When listing accounts, show names and environment only — never keys:

Aster Accounts:

main (Mainnet)
trading (Mainnet)

Transactions in Mainnet

When performing transactions in mainnet, always confirm with the user before proceeding by asking them to write "CONFIRM" to proceed.

Aster Accounts

main

API Key: your_mainnet_api_key
Secret: your_mainnet_secret
Testnet: false

TOOLS.md Structure

## Aster Accounts

### main
- API Key: abc123...xyz
- Secret: secret123...key
- Testnet: false
- Description: Primary trading account

### trading
- API Key: trade456...abc
- Secret: tradesecret...xyz
- Testnet: false
- Description: Secondary trading account

Agent Behavior

Credentials requested: Mask secrets (show last 5 chars only)
Listing accounts: Show names and environment, never keys
Account selection: Ask if ambiguous, default to main
When doing a transaction in mainnet, confirm with user before by asking to write "CONFIRM" to proceed
New credentials: Prompt for name, environment, signing mode

Adding New Accounts

When user provides new credentials:

Ask for account name
Ask: Mainnet?
Store in TOOLS.md with masked display confirmation

Signing Requests

All trading endpoints require HMAC SHA256 signature:

Build query string with all params + timestamp (Unix ms)
Sign query string with secretKey using HMAC SHA256
Append signature to query string
Include X-MBX-APIKEY header