Skip to main content
POST
/
api
/
v4
/
travel-rule
/
deposit
/
verification
curl --request POST \ --url https://whitebit.com/api/v4/travel-rule/deposit/verification \ --header 'Content-Type: application/json' \ --header 'X-TXC-APIKEY: <api-key>' \ --header 'X-TXC-PAYLOAD: <api-key>' \ --header 'X-TXC-SIGNATURE: <api-key>' \ --data ' { "uniqueId": "550e8400-e29b-41d4-a716-446655440000", "walletType": "hosted", "originator": { "type": "individual", "firstName": "Alice", "lastName": "Johnson", "residenceCountry": "NLD", "walletAddress": "0x9876543210fedcba9876543210fedcba98765432", "address": { "country": "NLD", "city": "Amsterdam", "addressLine1": "Damrak 1" } }, "vaspData": { "vaspId": "vasp-002" }, "request": "{{request}}", "nonce": 1594297865000 } '
{ "data": { "uniqueId": "550e8400-e29b-41d4-a716-446655440000", "status": "submitted" } }

Overview

When a deposit is detected as Travel Rule-eligible, it enters a “ready for verification” state. Use this endpoint to submit the required originator data. For detailed information about wallet types, party types, and field requirements, see Travel Rule.

Required fields by scenario

ScenariowalletTypeoriginator.typeVASPName fields
Individual from exchangehostedindividualvaspId or vaspNamefirstName, lastName
Entity from exchangehostedentityvaspId or vaspNamefullName
Individual from self-custodyunhostedindividualNot requiredfirstName, lastName
Entity from self-custodyunhostedentityNot requiredfullName
Get the list of available VASPs via the Get VASPs endpoint. Use vaspId if the originating VASP is in the list, otherwise use vaspName.

Verification status

After successful submission, the response contains a status field:
StatusDescription
submittedData submitted, awaiting compliance review
approvedImmediately approved (rare)
Monitor deposit status via deposit/withdraw history.

Common errors

Transaction Not Found: Ensure the uniqueId matches a transaction in the deposit history. The transaction must exist and belong to the authenticated account.
Missing VASP for hosted wallet: When walletType is "hosted", provide either vaspId or vaspName.

Authorizations

X-TXC-APIKEY
string
header
required

The public WhiteBIT API key.

X-TXC-PAYLOAD
string
header
required

Base64-encoded JSON request body.

X-TXC-SIGNATURE
string
header
required

HMAC-SHA512 signature of the payload, hex-encoded. Computed as hex(HMAC-SHA512(payload, api_secret)).

Body

application/json
uniqueId
string
required

Transaction external ID (from deposit/withdraw history)

Maximum string length: 100
Example:

"550e8400-e29b-41d4-a716-446655440000"

walletType
enum<string>
required

Wallet type:

  • hosted - VASP-hosted wallet (exchange, custodian). Requires vaspData object.
  • unhosted - Self-custody wallet (hardware wallet, software wallet).
Available options:
hosted,
unhosted
Example:

"hosted"

originator
object
required

Originator information for travel rule compliance

request
string
required

Request signature

Example:

"{{request}}"

nonce
integer
required

Unique request identifier

Example:

1594297865000

vaspData
object

VASP (Virtual Asset Service Provider) information. Required when walletType is hosted. Provide either vaspId (if VASP is in the list from /travel-rule/vasps) or vaspName (if not in list).

Response

Successful submission

data
object