API and IDLs
Public API endpoints, oracle-update payloads, deployment manifests, and Anchor IDLs.
Nest provides on-chain accounts and a public HTTP API:
| Surface | Use it for | Authority |
|---|---|---|
| Solana accounts and program IDLs | balances, debt, parameters, transaction construction | canonical |
| Nest API | indexed analytics, display prices, RPC access, atomic oracle payloads | convenience, except signed payload delivery |
Static integration artifacts
https://docs.nestusd.com/deployments/mainnet.json
https://docs.nestusd.com/idl/nest_core.json
https://docs.nestusd.com/idl/nest_stake.json
https://docs.nestusd.com/idl/nest_vaults.jsonThe deployment manifest is generated from the reviewed service configuration, and the IDLs are copied from the current contract build. The docs build fails if the generated artifacts drift from their source.
Public API
// Public Nest API. Static IDLs and deployments use https://docs.nestusd.com.
const NEST_API_ORIGIN = "https://api.nestusd.com";
async function nestApi<T>(path: string, apiKey?: string): Promise<T> {
const response = await fetch(`${NEST_API_ORIGIN}${path}`, {
cache: "no-store",
headers: apiKey ? { "x-api-key": apiKey } : undefined,
});
if (!response.ok) {
const body = await response.text();
throw new Error(`Nest API ${path}: HTTP ${response.status} ${body}`);
}
return response.json() as Promise<T>;
}
export const getProtocolConfig = (apiKey?: string) => nestApi("/api/config", apiKey);
export const getAllCollateralPrices = (apiKey?: string) => nestApi("/api/prices", apiKey);
export const getSelectedCollateralPrices = (symbols: string[], apiKey?: string) =>
nestApi(
`/api/prices?${new URLSearchParams({ symbols: symbols.join(",") })}`,
apiKey,
);
export const getCollateralPrice = (symbol: string, apiKey?: string) =>
nestApi(`/api/prices/${encodeURIComponent(symbol)}`, apiKey);GET /api/prices returns every configured collateral price in one request. The
optional symbols query parameter limits the response to a comma-separated
subset. Each entry includes the integer fields used for risk calculations:
priceE8, confidenceE8, safePriceE8, provider, feed identity, publish time,
cache freshness, and the transaction-ready oracleUpdate. The update uses the
same schema for every provider: proof.payload contains the base64 proof bytes,
while proof.signature and proof.signer are populated for Jupiter-signed
prices and are null when those values are embedded in a Pyth Lazer proof.
Validate these fields before using the response in a quote. The complete batch
validation function is in
Atomic oracle transactions.
Use the included oracleUpdate immediately for transaction construction. Do
not persist it for later use. Validate the returned provider, symbol, feed,
proof, signer when present, and source age, then put verification, refresh, and
the protected Nest instruction in the same transaction.
Rate limits and API keys
Requests without a key are limited to 30 requests per minute for each visitor
IP. Nest is proxied through Cloudflare, and the origin trusts only configured
Cloudflare proxy ranges when resolving the visitor IP. API responses are not
stored in Cloudflare's shared cache, so every request reaches the origin limiter.
Responses include x-ratelimit-limit,
x-ratelimit-remaining, x-ratelimit-reset, and x-ratelimit-tier. A 429
response also includes retry-after.
Approved integrations can pass an API key in the x-api-key header. Configured
keys receive 1,000 requests per minute by default, and the protocol can assign a
different limit to an individual key. A supplied but invalid key returns 401;
it does not fall back to the public tier. Keep API keys in server-side environment
variables. Do not place one in browser code, a NEXT_PUBLIC_ variable, a URL,
or Git.
Need a higher rate limit?
Contact the Nest team on Discord to request an API key or discuss a higher per-key limit.
Add the issued key to your server environment:
NEST_API_KEY=tab-your-issued-keyThen add it to every Nest API request from your server:
const NEST_API_ORIGIN = "https://api.nestusd.com";
export async function getNestPrices() {
const apiKey = process.env.NEST_API_KEY;
if (!apiKey) throw new Error("NEST_API_KEY is not configured");
const response = await fetch(`${NEST_API_ORIGIN}/api/prices`, {
cache: "no-store",
headers: {
"x-api-key": apiKey,
},
});
if (!response.ok) {
throw new Error(`Nest price API returned HTTP ${response.status}`);
}
return response.json();
}Browser applications should use the public tier or call their own server route. The server route can attach the API key without exposing it in the browser bundle.
Use on-chain state for transactions
Indexed API data is useful for discovery and UI previews, but it can lag a block or fail independently. Before a write, read the affected on-chain accounts and rely on simulation plus the program's checks.