# API ## Current State The production build now includes a lightweight Node API for market data, exchange events and Telegram delivery checks. Static terminal pages keep embedded fallback data, but selected modules hydrate from live API endpoints when available. ## Target API Groups ### Auth - `GET /auth/session` - `GET /auth/me` - `POST /auth/login` - `POST /auth/register` ### I18n - `GET /i18n/languages` - `GET /i18n/translations/:language` - `GET /i18n/geo-language` ### Markets - `GET /markets` - `GET /markets/:symbol` - `GET /ticker/:exchange/:symbol` - `GET /orderbook/:exchange/:symbol` ### Arbitrage - `GET /arbitrage/opportunities` - `GET /arbitrage/opportunities/:id` - `GET /arbitrage/opportunities/:id/spread-history` - `GET /arbitrage/opportunities/:id/convergence` - `GET /arbitrage/opportunities/:id/timeline` - `GET /arbitrage/opportunities/:id/related-events` ### Events - `GET /listings` - `GET /announcements` - `GET /market-events` - `GET /api/market/events?limit=12&types=spot,futures,delisting,maintenance,deposit` Returns normalized exchange announcements from official public sources. The exchange registry mirrors the public Fundoor exchange coverage: 16 CEX sources, 17 DEX sources and 6 Hyperliquid hip3 sources. The current live adapters are Binance CMS and Bybit Announcements; the remaining sources are exposed in `sourceStatuses` as staged adapters until each official source contract is verified. ### Alerts - `GET /alerts` - `POST /alerts` - `PATCH /alerts/:id` - `DELETE /alerts/:id` - `POST /alerts/test` ### Watchlist - `GET /watchlist` - `POST /watchlist` - `DELETE /watchlist/:symbol` ### Billing - `GET /billing/plans` - `GET /billing/subscription` - `POST /billing/checkout` - `POST /billing/portal` ### Admin - `GET /admin/users` - `PATCH /admin/users/:id` - `GET /admin/signals` - `GET /admin/health` - `GET /admin/audit-log` ## Implementation Note The first backend step is active through `server/app-services-api.mjs`. It exposes public market/funding snapshots and normalized exchange announcements without sending requests through token-protected third-party products. `packages/mock-data` is the first local adapter. It should be used as the source of truth when the static HTML is migrated into framework routes. `packages/access-control` models plan gates, upgrade targets, RBAC checks and usage states that backend middleware should eventually enforce. `packages/notifications` models alert payload construction and delivery fan-out for Telegram, email and webhook channels without sending data externally. `src/i18n` models the current static i18n contract. A future backend or middleware layer should own `/i18n/geo-language` so language detection does not depend on client-side geo calls. ## Engine Layer The current local engine layer includes: - `packages/arbitrage-engine` - `packages/risk-engine` - `packages/mock-data` - `packages/access-control` - `packages/notifications` These are framework-free ESM modules and are covered by `node:test`.