Hit exposes public market data endpoints, authenticated trading endpoints and Socket.IO feeds for real-time updates.
Use the Developers section for task-based guides. Use the API Reference section for endpoint lists, request shapes and event names.
Base URLs
| Surface | URL |
|---|
| REST API | https://hit.com/api/v1 |
| WebSocket | wss://markets.hit.com |
What You Need
- A Hit account with a wallet and proxy wallet set up.
- A trading API key, secret and passphrase generated from your Hit account.
API secrets and passphrases are only returned when a key is created. Store them
immediately in a secrets manager or environment variables.
1. Fetch Markets
Market discovery is public. Start with active events, then pick a market token ID from the returned marketsView array.
curl 'https://hit.com/api/v1/events?eventStatus=ACTIVE&includeVolume=true&limit=5'
| Field | Use |
|---|
id | Market UUID for market-level requests and cancellations |
tokenId1, tokenId2 | Outcome token IDs for order book and order placement |
outcome1, outcome2 | Human-readable outcome labels |
tickSize | Valid price increment for limit orders |
orderFeeRateBps | Fee rate required for client-signed orders |
2. Read the Order Book
Use the token ID for the outcome you want to trade.
curl 'https://hit.com/api/v1/order-book/book?token_id=TOKEN_ID'
{
"market": "market-uuid",
"asset_id": "TOKEN_ID",
"timestamp": 1778748000000,
"bids": [{ "price": "0.62", "size": "25" }],
"asks": [{ "price": "0.64", "size": "10" }],
"tick_size": "0.01"
}
export HIT_API_KEY='API_KEY'
export HIT_API_SECRET='API_SECRET'
export HIT_API_PASSPHRASE='API_PASSPHRASE'
4. Place an Order
Authenticated REST requests require these headers:
hit-api-key: API_KEY
hit-signature: HMAC_SIGNATURE
hit-timestamp: UNIX_TIMESTAMP_MS
hit-passphrase: API_PASSPHRASE
timestamp + method + path + body
path includes /api/v1 and excludes the host and query string.
import { createHmac, randomBytes } from "node:crypto";
const apiUrl = "https://hit.com";
const apiPrefix = "/api/v1";
type JsonObject = Record<string, unknown>;
function sign(
secret: string,
timestamp: string,
method: string,
path: string,
body = "",
) {
return createHmac("sha256", secret)
.update(`${timestamp}${method.toUpperCase()}${path}${body}`)
.digest("hex");
}
function units(value: number) {
return Math.round(value * 1_000_000).toString();
}
async function authedRequest(
method: string,
path: string,
body?: JsonObject,
) {
const fullPath = `${apiPrefix}${path}`;
const timestamp = Date.now().toString();
const bodyText = body ? JSON.stringify(body) : "";
const response = await fetch(`${apiUrl}${fullPath}`, {
method,
headers: {
"Content-Type": "application/json",
"hit-api-key": process.env.HIT_API_KEY!,
"hit-signature": sign(process.env.HIT_API_SECRET!, timestamp, method, fullPath, bodyText),
"hit-timestamp": timestamp,
"hit-passphrase": process.env.HIT_API_PASSPHRASE!,
},
body: bodyText || undefined,
});
if (!response.ok) {
throw new Error(`${response.status}: ${await response.text()}`);
}
return response.json() as Promise<unknown>;
}
const order = await authedRequest("POST", "/orders", {
salt: BigInt(`0x${randomBytes(32).toString("hex")}`).toString(),
taker: "0x0000000000000000000000000000000000000000",
tokenId: process.env.HIT_TOKEN_ID!,
makerAmount: units(31), // USDC for a BUY
takerAmount: units(50), // shares for a BUY, price = 0.62
expiration: 0,
side: 0,
orderType: "GTC",
});
console.log(order);
5. Stream Updates
Public order book streams do not require authentication.
import { io } from "socket.io-client";
const socket = io("wss://markets.hit.com/", { transports: ["websocket"] });
socket.on("connect", () => {
socket.emit("orderbook-market-connect", [process.env.HIT_TOKEN_ID!]);
});
socket.on("orderbook", console.log);
socket.on("orderbook-price-change", console.log);
/user. See WebSockets. 
