PUBLICPublic-only mode. It uses no API keys, creates no private clients, and cannot build or submit exchange write requests.
Shared terms for execution modes, testing environments, WebSockets, exchange state, runtime workflows, and durable order context.
The single runtime switch that separates public, read-only, dry-run, demo, testnet, and live behavior.
PUBLICPublic-only mode. It uses no API keys, creates no private clients, and cannot build or submit exchange write requests.
DEMOWrite-capable mode for an exchange-supported demo or sandbox venue. It must fail closed if the selected exchange or product does not support that venue. Usually requires dedicated API keys that only work in the demo environment.
TESTNETWrite-capable mode for an exchange-supported testnet venue. It must not silently route to production.
READ_ONLY_PRIVATEPrivate credentials may read account, order, fill, balance, native position, or local position-derivation state, but cannot mutate exchange state.
DRY_RUN_PRIVATEThe default order-capable mode. Private state may be read, and final order requests are built and logged without submitting to the exchange.
LIVEProduction write-capable mode. It requires explicit configuration, scoped credentials, review gates, confirmation handling, recovery behavior, tests or fixtures, and operator acknowledgement.
A local simulation mode that models intended orders, fills, balances, positions, fees, and PnL without real exchange writes.
An exchange-supported simulated trading venue for testing order flows, private streams, and account-state handling when the selected exchange supports it.
Also: CEX testnet, testnet
An exchange-operated sandbox with fake funds in fake markets, useful for API and integration testing without risking real money.
Also: conformance packs, fixture pack, validation pack
A versioned, machine-readable set of behavior-contract fixtures, expected outcomes, and runner requirements for a generated integration.
Also: behavior-contract fixtures, conformance fixture, conformance fixtures, validation fixture, fixture check
An executable or replayable validation scenario that proves integration behavior from inputs through expected state, logs, blocks, and forbidden actions.
Also: WS_KEY_MAP, wsKey, WebSocket key, websocket connection key
A WebsocketClient lookup key used by each SDK to track state for one WebSocket connection family.
Also: subscription ack, exchange acknowledgement, subscribe acknowledgement
Exchange-visible evidence that a specific WebSocket subscription request or topic was accepted.
Also: readiness, live readiness, workflow readiness, live-processing gate
A runtime latch that prevents downstream work until the required subscriptions, acknowledgements, REST hydration or backfill, buffered replay, and state-trust prerequisites are complete.
Also: account state cache, account state store, accountstate
The local account-state store used for planning. It tracks orders, fills, positions, balances, filters, and durable context, with trust tracked per subject. After startup, healthy private WebSocket events should keep the store current without routine REST polling.
Ingest
Startup, reconnect, and scoped recovery fill missing state.
The normal running path keeps state current.
Orders, fills, positions, balances, filters, and context.
Trust is tracked by subject.
Consume
Reads trusted state before choosing actions.
Places, amends, or cancels orders only after workflow checks pass.
Also: position state, native position, local position, spot position
The product, symbol, side, size, entry or cost basis, and exposure state that a trading system manages. It can be exchange-native or locally derived.
A subject-specific state view that is current enough to plan from. Order, position, market data, filters, and durable context can each have different trust status.
Evidence that an app-owned order is active, terminal, absent, filled, rejected, or still pending. REST acceptance alone is not order trust.
Evidence that position state has updated and can be used for size, entry or cost basis, exposure, and dependent replacement planning.
Also: balance, wallet, assets, position reconciliation balance
Balance or wallet evidence used for account reconciliation. Track whether private events update it, whether it includes PnL, and how it reconciles with position state.
Also: private stream reconciliation, private confirmation, user data stream confirmation
Private order, fill, balance, wallet or position evidence that confirms what happened after a submitted request or external account event.
Also: ACK, acknowledgement, accepted but pending confirmation
A state after request acceptance where the system has evidence that the exchange received a command, but not enough evidence to plan dependent actions.
Persisted local intent/order metadata keyed by Custom Order ID and scope. It lets the app recover order meaning after retries, restarts, and private events.
Also: OrderIntent, order-intent, parent intent
A local app-level request to execute an approved entry, exit, or order action. Strategy or risk code creates it; an execution adapter turns it into one or more exchange order requests.
An exchange order that the application can prove it created or explicitly adopted, with matching local durable context.
Also: client order ID, custom client order ID, opaque client order ID, exchange-visible order ID, newClientOrderId, clientAlgoId, orderLinkId
This is a user-provided property to define a custom order ID value before an order is sent to the exchange.
Also: safe commands, diagnostic command, verification command
A diagnostic, inspection, verification, or readback command that must force PUBLIC or READ_ONLY_PRIVATE behavior and cannot inherit a write-capable EXECUTION_MODE from the environment.
Also: risk check, risk limit, safety gate, kill switch
A deterministic condition that blocks a signal, order intent, order submission, replacement, or startup path when market, account, exposure, loss, stream, or operator-stop conditions are unsafe.
Also: readiness, live readiness, workflow readiness, live-processing gate
A runtime latch that prevents downstream work until the required subscriptions, acknowledgements, REST hydration or backfill, buffered replay, and state-trust prerequisites are complete.
An architecture where private events drive the main workflow.
The smallest account, product, symbol, side, or position scope that changed and needs reconciliation.
A short bounded delay after applying private events to account state, used to give related order, fill, position, and wallet events time to arrive before planning.
The single runtime owner that drains affected scopes and serializes replay, planning, submission, and follow-up reconciliation for a product or account.
The one kind of action a reconciliation pass chooses before letting account state settle again: recovery, cleanup, protective, DCA, noop, or blocked.
A scoped REST read that initializes or repairs local state. It is for startup, reconnect, missing prerequisites, unknown outcomes, or conflicting evidence, not healthy-event polling.
A bounded state repair for the affected account/product/symbol/side scope after reconnect, timeout, unknown outcome, missing prerequisites, or conflicting evidence. For app-owned order uncertainty, this can include cancelling owned orders for the affected scope, then resetting expected orders from trusted account state.