Skip to content

Bug Report: JavaScript SDK DELETE Endpoints Return HTTP 500 Error #121

New issue
New issue
Open
Open
Bug Report: JavaScript SDK DELETE Endpoints Return HTTP 500 Error#121
@romainlnm

Description

@romainlnm
romainlnm
opened on Jul 17, 2025

Summary

All DELETE endpoints in the LN Markets JavaScript SDK (@ln-markets/api v2.0.0) are returning HTTP 500 "Internal Server Error" while the same functionality works correctly in the Python SDK.

Environment

  • Package: @ln-markets/api v2.0.0
  • Node.js: v18+
  • Network: Mainnet
  • Platform: macOS (tested)

Affected Methods

  • futuresCloseTrade(id) - DELETE /futures
  • futuresCloseAllTrades() - DELETE /futures/all/close
  • futuresCancelAllTrades() - DELETE /futures/all/cancel
  • futuresCancelTrade(id) - POST /futures/cancel (works fine!)

Working Methods (for comparison)

  • futuresGetTrades() - GET /futures
  • futuresNewTrade() - POST /futures
  • futuresUpdateTrade() - PUT /futures
  • futuresCancelTrade() - POST /futures/cancel

Steps to Reproduce

1. Install and setup

npm install @ln-markets/api

2. Test DELETE endpoint

import { createRestClient } from '@ln-markets/api';

const client = createRestClient({
  key: 'your_key',
  secret: 'your_secret', 
  passphrase: 'your_passphrase'
});

// This fails with HTTP 500
try {
  await client.futuresCloseAllTrades();
} catch (error) {
  console.error(error); // HttpError: {"message":"Internal error","code":"INTERNAL_SERVER_ERROR"}
}

3. Test working POST endpoint

// This works fine
try {
  await client.futuresCancelTrade('trade-id');
  console.log('Success!');
} catch (error) {
  console.error(error); // No error - works correctly
}

Expected Behavior

DELETE endpoints should work the same as in the Python SDK:

  • futuresCloseTrade(id) should close a specific trade
  • futuresCloseAllTrades() should close all open trades

Actual Behavior

All DELETE endpoints return:

{
  "message": "Internal error",
  "code": "INTERNAL_SERVER_ERROR"
}

HTTP Status: 500

Analysis

JavaScript SDK Implementation

// From node_modules/@ln-markets/api/dist/rest.js
const futuresCloseTrade = (id) => {
    return request({
        method: 'DELETE',
        path: '/futures',
        data: { id },
        requireAuth: true,
    });
};

const futuresCloseAllTrades = () => {
    return request({
        method: 'DELETE',
        path: '/futures/all/close',
        requireAuth: true,
    });
};

Python SDK Implementation (Working)

# From Python SDK
def futures_close(self, params):
    method = 'DELETE'
    path = '/futures'
    credentials = True
    return self.before_request_api(method, path, params, credentials)

def futures_close_all(self):
    method = 'DELETE'
    path = '/futures/all/close'
    credentials = True
    params = {}
    return self.before_request_api(method, path, params, credentials)

Request Signature Analysis

Both SDKs generate identical signatures for the same requests, so the issue is not with authentication.

JavaScript SDK signature generation:

const payload = method.match(/^(GET|DELETE)$/)
    ? new URLSearchParams(data).toString()
    : JSON.stringify(data);
    
const signature = createHmac('sha256', secret)
    .update(`${timestamp}${method}/${version}${path}${payload}`)
    .digest('base64');

Python SDK signature generation:

if method in ['GET', 'DELETE']:
    data = urlencode(params)
elif method in ['POST', 'PUT']:
    data = json.dumps(params, separators=(',', ':'))
    
payload = ts + method + '/' + self.version + path + data
signature = b64encode(hmac.new(bytes(self.secret, 'utf-8'), bytes(payload, 'utf-8'), hashlib.sha256).digest())

Comparison with Working Endpoints

✅ Working: futuresCancelTrade (POST)

const futuresCancelTrade = (id) => {
    return request({
        method: 'POST',           // POST works!
        path: '/futures/cancel',
        data: { id },
        requireAuth: true,
    });
};

❌ Broken: futuresCloseTrade (DELETE)

const futuresCloseTrade = (id) => {
    return request({
        method: 'DELETE',         // DELETE fails!
        path: '/futures',
        data: { id },
        requireAuth: true,
    });
};

Hypothesis

The issue appears to be server-side handling of DELETE requests from the JavaScript SDK. The requests are properly formatted and authenticated, but the server returns HTTP 500 for all DELETE operations.

Workaround

Currently, there's no workaround for closing trades via the JavaScript SDK. Users must:

  1. Use the Python SDK instead
  2. Use the LN Markets web interface
  3. Wait for this bug to be fixed

Additional Information

  • All other HTTP methods (GET, POST, PUT) work correctly
  • Authentication is working properly (verified with working endpoints)
  • The same credentials work fine with the Python SDK
  • The issue affects both parameterized and non-parameterized DELETE requests

Requested Fix

Please investigate the server-side handling of DELETE requests from the JavaScript SDK and fix the HTTP 500 error that's preventing trade closure functionality.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions