HTTP status codes
Error response format
All errors return a consistent structure:Idempotency
Instruction submission is idempotent viaidempotency_key. If you send the same key:
- First call: creates the instruction (201)
- Subsequent calls: returns the existing instruction (200)
Retrying failed requests
Settlement-specific errors
Compliance decision on wrong state
Instruction not cancellable
status: pending_match can be cancelled. Instructions that have already been matched, expired, or cancelled cannot be changed.
Template validation failures
required_roles or required_leg_types.
On-chain error handling
When the KeystoneSettlement contract rejects an operation (e.g. the compliance gate is closed at execution time, or a deposit fails the commitment check), the transaction reverts and the settlement remains in its current state. A closed gate never blocks deposits - the settlement simply stays registered until attestation lands. If the settlement reaches itstimeout_at deadline, any depositor (or the operator) can call claimTimeout() on the KeystoneSettlement contract, then reclaim deposits per leg via claimRefund(). Neither path can be paused or depends on KeyStone being up - every party with funds at stake can recover them itself.
Webhook error handling
If your webhook endpoint returns a non-2xx response:- KeyStone retries with exponential backoff
- Failed deliveries are logged in the delivery log
- The settlement continues regardless (webhooks are notifications, not blocking)