Prerequisites
- A
DEPLOYEDtoken (see Create a QRC-20 token). - An API key with
tokens:mintandtokens:burn. - The on-chain
MINTERand/orBURNERrole granted to the vault account performing the operation. - An approval policy attached to the token.
Mint flow
token.minted webhook, which carries the on-chain transactionHash.
Burn flow
token.burned.
Required permissions
| Operation | API permission | On-chain role |
|---|---|---|
| Mint | tokens:mint | MINTER |
| Burn | tokens:burn | BURNER |
TOKEN_MINT_NOT_ALLOWED (1706) or TOKEN_BURN_NOT_ALLOWED (1707).
Approval policy
Configure stringent rules for supply changes:REQUIRE_APPROVALwith multi-approver quorum.MAX_AMOUNTper single mint or burn.DAILY_LIMITaggregated per token.TIME_WINDOWto prevent off-hours operations.
Idempotency
Idempotency-Key is required on every mint and burn request. Reuse the same key on retry; never vary the key for the same logical request.
Webhooks
| Event | When |
|---|---|
token.mint_requested | Mint operation accepted by Qustody. |
token.minted | On-chain mint confirmed. |
token.burn_requested | Burn operation accepted. |
token.burned | On-chain burn confirmed. |
token.operation_rejected | Approver rejected the operation. |
token.operation_failed | Operation failed during signing or chain. |
Common errors
| Error | Cause | Retry safe? |
|---|---|---|
TOKEN_NOT_DEPLOYED | Token has no contractAddress yet. | After deploy completes |
TOKEN_OPERATION_NOT_ALLOWED | Standard or template doesn’t support the action. | No |
TOKEN_SUPPLY_EXCEEDED | Mint would exceed maxSupply. | After reducing amount |
TOKEN_MINT_NOT_ALLOWED | Caller lacks MINTER. | After granting role |
TOKEN_BURN_NOT_ALLOWED | Caller lacks BURNER. | After granting role |
TOKEN_INVALID_AMOUNT | Zero, negative, or above source balance. | After fixing amount |
POLICY_DENIED | Approval policy rejected the operation. | No |
IDEMPOTENCY_CONFLICT | Key reused with a different body. | No |