# Error codes

Every error response has the shape
`{code, message, remediation, docs_url, request_id}`. Include the
`request_id` when reporting problems.

## INVALID_REQUEST

The request body or parameters failed validation. The message lists the offending fields.

## UNAUTHORIZED

Missing, malformed, expired, or revoked credential.

## FORBIDDEN

The credential is valid but lacks the required scope.

## AUTH_CHALLENGE_EXPIRED

The SIWE nonce is unknown, already used, or expired. Nonces are single-use.

## AUTH_SIGNATURE_INVALID

Signature verification failed, or the SIWE message fields do not match this environment.

## IDEMPOTENCY_CONFLICT

The Idempotency-Key was already used with a different payload.

## NOT_FOUND

The resource does not exist or does not belong to this account.

## RATE_LIMITED

Too many requests. Respect Retry-After; unauthenticated endpoints are limited per IP at the edge.

## VENUE_UNAVAILABLE

No execution venue answered. Transient; retry shortly.

## POLICY_VIOLATION

The request exceeds what the wallet's active policy authorizes. The message names the violated rule.

## BUDGET_EXCEEDED

The spend would exceed a policy budget or velocity limit (see pre-flight POST /v1/checks).

## COUNTERPARTY_BLOCKED

The counterparty is on a screening list (e.g. OFAC SDN) and the policy requires screening.
