Get Withdrawal by ID
Description
Returns the full withdrawal record for a single withdrawal UUID scoped to the authenticated user. Returns 404 if the ID does not exist or belongs to a different user.
Useful for polling status after calling POST /spot/withdraw/request. For the complete end-to-end flow, see Withdraw Flow.
HTTP Request
GET /spot/withdrawals/:id (JWT or API Key)
The :id path segment is the withdrawal UUID returned by POST /spot/withdraw/request.
Weight
0 — no per-IP weight limit today (MVP).
Response Example
200 OK
{
"id": "9f2a1c4e-5b67-4d8a-bf93-2e1f4a6c8d10",
"token": "DF",
"amount": "100",
"fee": "0",
"chain_id": 97,
"nonce": 42,
"status": "confirmed",
"deadline": 1778402000,
"tx_hash": "0xabc123...",
"block_number": 106400000,
"requested_at": 1778315530,
"confirmed_at": 1778316040
}
| Field | Notes |
|---|---|
id | Withdrawal UUID. |
token | Token symbol — DF in MVP. |
amount | Decimal string of the requested amount. |
fee | Withdrawal fee (decimal string). Currently always "0". |
chain_id | Target chain id — 97 (BSC Testnet). |
nonce | EIP-712 per-(user, chain) nonce. |
status | signed / confirmed / expired. See Withdrawal Status. |
deadline | Unix seconds — the EIP-712 signature validity cutoff. |
tx_hash | On-chain transaction hash. null until status = confirmed. |
block_number | Block number of the SpotWithdrawal event. null until status = confirmed. |
requested_at | Unix seconds — when the backend signed the release message. |
confirmed_at | Unix seconds — when the listener observed the on-chain event. null until confirmed. |
Error Responses
| HTTP | error |
|---|---|
400 | invalid id — :id is not a valid UUID. |
401 | (empty body) — missing or invalid credential. |
404 | not found — withdrawal does not exist or belongs to another user. |
500 | internal — unexpected database error. |
Full list: Error Codes.
Code Examples
cURL (JWT)
JWT="your_jwt_token"
WITHDRAWAL_ID="9f2a1c4e-5b67-4d8a-bf93-2e1f4a6c8d10"
curl -s "https://api-sepolia.p99.world/api/v1/spot/withdrawals/${WITHDRAWAL_ID}" \
-H "Authorization: Bearer ${JWT}"
cURL (HMAC API Key)
API_KEY="your_api_key"
API_SECRET="your_api_secret"
WITHDRAWAL_ID="9f2a1c4e-5b67-4d8a-bf93-2e1f4a6c8d10"
TIMESTAMP=$(date +%s%3N)
PAYLOAD="timestamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "${PAYLOAD}" | openssl dgst -sha256 -hmac "${API_SECRET}" | awk '{print $2}')
curl -s \
-H "X-MBX-APIKEY: ${API_KEY}" \
"https://api-sepolia.p99.world/api/v1/spot/withdrawals/${WITHDRAWAL_ID}?timestamp=${TIMESTAMP}&signature=${SIGNATURE}"
Python
import time, hmac, hashlib, requests
API_KEY = "your_api_key"
API_SECRET = "your_api_secret"
BASE_URL = "https://api-sepolia.p99.world/api/v1"
WITHDRAWAL_ID = "9f2a1c4e-5b67-4d8a-bf93-2e1f4a6c8d10"
def signed_get(path: str) -> dict:
ts = int(time.time() * 1000)
payload = f"timestamp={ts}"
sig = hmac.new(API_SECRET.encode(), payload.encode(), hashlib.sha256).hexdigest()
r = requests.get(
f"{BASE_URL}{path}?timestamp={ts}&signature={sig}",
headers={"X-MBX-APIKEY": API_KEY},
timeout=5,
)
r.raise_for_status()
return r.json()
row = signed_get(f"/spot/withdrawals/{WITHDRAWAL_ID}")
print(f"status={row['status']} tx_hash={row.get('tx_hash')} confirmed_at={row.get('confirmed_at')}")