Skip to main content

Sandbox environment

Your Development environment is your sandbox. It connects to testnets (Sepolia and Base Sepolia) instead of mainnet, so you can run full settlement flows without real assets or funds. All API behavior is identical between Development and Production environments. The only difference is the underlying blockchain network and smart contract deployment.

Test tokens

KeyStone provides two mintable ERC-20 tokens for testing: Both tokens have a public mint() function, so you can mint as many as you need for testing. See testnet addresses for contract addresses.

End-to-end test flow

Walk through a complete settlement to verify your integration:

1. Submit a seller instruction

Use the SDK or API to submit an instruction for the sell side. This returns a trade_reference that the buyer uses to match.

2. Submit a buyer instruction

Submit the counterparty instruction using the same trade_reference. This triggers the matching process.

3. Verify the settlement was created

After both instructions match, a settlement is created. Query it to confirm:

4. Check webhook delivery

Verify that your webhook endpoint received the settlement’s events - on the happy path that is settlement.state.awaiting_deposits followed by settlement.state.finalized. See the webhook event catalog for exactly which events fire.

5. Advance through states (optional)

If you have access to the integration testing endpoints, you can programmatically advance the settlement through its state machine (the dedicated integration testing guide was retired; ask your KeyStone contact for the current test-environment options).

CLI for local development

Use the KeyStone CLI to forward webhooks to your local development server:
This creates a temporary webhook endpoint that tunnels events to your local machine, so you can test webhook handling without deploying. See the CLI reference for installation and usage.

Postman collection

For manual API exploration, import the KeyStone Postman collection. It includes pre-configured requests for all endpoints with environment variables for authentication. See the Postman guide for setup instructions.

Checklist before going to production

Before switching from your Development environment to Production, verify:
This checklist covers the most common integration issues. Complete each item to avoid surprises in production.
  • Webhook handler processes all settlement states - Your handler should gracefully handle every state in the settlement state machine, including error and rollback states.
  • Signature verification is implemented - Validate the X-Keystone-Signature header on every webhook delivery. See webhooks for details.
  • Idempotency keys on all create/submit calls - Every POST to /v1/instructions should include a unique idempotency_key to prevent duplicates on retry.
  • Error handling covers all error codes - Handle 400, 401, 409, 422, and 5xx responses appropriately. See error handling.
  • Rate limits accounted for - Implement exponential backoff for retries and respect 429 responses.