v1.18.0 - 2026-03-15

WebSocket: Session Recovery

Two new WebSocket message types allow clients to recover sessions after disconnection without losing subscriptions or missing events:
- enable_session_recovery — activate recovery on an authenticated session; returns a recovery_token and ttl_seconds (default 30s)
- recover_session — restore a detached session on a new pristine connection using the token; replays missed messages and restores all subscriptions
See Session Recovery for full documentation.

Breaking: POST /limit — taker field restricted to zero address

The taker field on limit orders now only accepts the zero address (0x0000000000000000000000000000000000000000). Requests with a non-zero taker address are rejected with a validation error.
Breaking: POST /limit — empty array returns 400

Submitting an empty array [] now returns 400 PayloadValidationError instead of 200 { posted: [], rejected: [] }.
POST /limit — new rejection reason max orders per market exceeded

A per-pair open order cap is now enforced. Orders exceeding the limit are returned in the rejected array with reason max orders per market exceeded.
GET /orders — inflight orders now visible

Orders currently being matched (inflight) now appear in GET /orders results. These orders show filled_amount: 0 until the fill is confirmed on-chain.
filled_amount — semantic change

The filled_amount field on stored limit orders now reflects settlement-confirmed fills only. Previously, amounts reserved for pending (inflight) fills were included. During an active fill, filled_amount shows 0 until confirmation.
POST /limit — additionalProperties: false enforced

The request schema now rejects unknown properties. Requests containing extra fields not defined in the schema will fail AJV validation.