# System Limits

## Overview

Ethereal uses a time-weighted point system tracking both IP addresses and wallet addresses. Each API call consumes points from your available quota within a rolling time window. Point consumption varies by endpoint.

### Rate Limit Types

There are two distinct rate limit categories:

1. **HTTP Rate Limits** apply to all endpoints regardless of authentication status. Every request consumes from a shared HTTP point pool tracked by IP address.
2. **WebSocket Rate Limits** apply to all WebSocket connections and subscriptions. WebSocket streams consume points only upon connection establishment and subscription, tracked by IP address.
3. **Account Rate Limits** apply exclusively to authenticated endpoints (i.e. those that require a signature to verify account ownership). Points are tracked by account address. All subaccounts sharing the same address will also share the same account rate limit quota.

{% hint style="info" %}
A request is rate limited (HTTP 429) if either limits are exhausted. For example, if you have 15,000 HTTP points remaining but only 10 account points remaining, placing and canceling 10 orders (at 1 point each) will exhaust your account quota. Subsequent authenticated requests will be rejected, while unauthenticated endpoints remain accessible.
{% endhint %}

### Current Limits and Shared Quotas

| Connection Type | Quota         | Window    |
| --------------- | ------------- | --------- |
| HTTP            | 20,000 points | 1 minute  |
| WebSocket       | 3,500 points  | 5 minutes |
| Account         | 220 points    | 1 minute  |

{% hint style="warning" %}
Additionally, WebSocket connections automatically disconnect after **12 hours**. Your client must handle reconnections. 
{% endhint %}

### RateLimit-\*, Retry-After Headers

All rate-limited HTTP API endpoints return the following headers to provide insight into your remaining points:

```
RateLimit-Limit: <total points allowed in the time window>
RateLimit-Remaining: <points remaining in the current time window>
RateLimit-Reset: <seconds until rate limit resets>
Retry-After: <seconds until rate limit resets (only when rate limited)>
```

* **Retry-After/RateLimit-Reset**: Indicates the number of seconds until the rate limit window resets. If you've exceeded your rate limit, this header tells you how long to wait before making additional requests.
* **RateLimit-Limit**: Shows the total number of points available in your current time window (1 million points by default).
* **RateLimit-Remaining**: Displays the number of points you have remaining in the current time window. This decreases with each API call according to the point cost of the specific endpoint.

#### RateLimit Response Body

When rate limited, the response body will include a  `type` attribute indicating the cause:

* `RATE_LIMIT_IP` - IP address exceeded rate limit
* `RATE_LIMIT_ACCOUNT` - Account exceeded rate limit
* `RATE_LIMIT_WITHDRAW` - Withdrawal rate limit exceeded
* `RATE_LIMIT_LINKED_SIGNER` - Linked signer exceeded rate limit

{% hint style="info" %}
If you exceed the *maximum number of linked signers,* rather than receiving a 429 rate limit, a 403 forbidden error and you must revoke your linked signer before linking a new signer.
{% endhint %}

### Points

Each operation consumes rate limit units proportional to its computational cost: 1, 5, or 10.

* **1**: Minimal impact endpoints (simple reads, submit/cancels)
* **5**: Moderate impact endpoints (moderately complex reads)
* **10:** Elevated average impactful endpoints (moderately complex pagination)

All endpoints are classified into one of these categories to provide a straightforward understanding of their relative impact on your rate limit quota.

{% hint style="warning" %}
Rate limits will change over time based on exchange traffic.
{% endhint %}

All websocket connections consume **10 points** per connection and **5** point to subscribe to a message stream.

You can view the cost per endpoint by querying the API:

```bash
curl -X 'GET' \
  'https://api.ethereal.trade/v1/rate-limit/config' \
  -H 'accept: application/json'
```

*See* [*https://api.ethereal.trade/docs*](https://api.ethereal.trade/docs) *for the full schema and specification.*

### Account Limits

* Maximum 50 open positions per subaccount (for efficient onchain verification)
* No limit on number of subaccounts per trader
* 10 withdrawals per day
* 23 linked signers per 7 day window up to 101 maximum linked signers

### Order Limits

* A maximum of 200 orders per market, per subaccount

### WebSockets

* A connection's maximum lifetime is 4 hours. Your ws client must handle disconnections