HTTP Nonce

Introduction

Why need it?

All requests must contain a nonce, a number that will never be repeated and must increase between requests.

This is to prevent an attacker who has captured a previous request from simply replaying that request. We recommend using a timestamp at millisecond or higher precision. The nonce need only be increasing with respect to the session that the message is on.

A single account may have multiple API keys provisioned. In this document, we’ll refer to these as “sessions”. All orders will be recorded with the session that created them. The nonce associated with a request needs to be increasing with respect to the session that the nonce is used on.This allows multithreaded or distributed trading systems to place orders independently of each other, without needing to synchronize clocks to avoid race conditions.
In addition, some operations (such as Cancel All Session Orders) act on the orders associated with a specific session.
简单来说,每个session关联一个nonce,nonce必须递增。在应用程序里面,一个Thread对应一个Session,多Thread对应多个Session,进而确保nonce是递增不重复的。