OpenZeppelin · Rate Limits

Rate Limits

Rate limiting details for OpenZeppelin Defender API and the open-source OpenZeppelin Relayer. Defender API enforces per-key rate limits on all authenticated requests. The self-hosted OpenZeppelin Relayer applies configurable rate limits via environment variables, defaulting to 100 requests/second with a burst of 300. Exceeding limits returns HTTP 429. Enterprise Defender customers could contact support to request elevated limits.

Rate Limits is the machine-readable rate-limit profile for OpenZeppelin on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 5 rate-limit definitions, across the Builder, Professional, All, and Open Source (Self-Hosted) tiers.

Tagged areas include Web3, Smart Contracts, Blockchain, Security, and Ethereum.

5 Limits
Web3Smart ContractsBlockchainSecurityEthereumDeFiSolidityRelayerMonitoringAuditing

Limits

Defender API - Standard Rate Limit per API key
100
Enterprise customers may request higher limits by contacting OpenZeppelin support.
Defender Relayer - Transaction Throughput per relayer
50
For very high throughput use cases, deploy multiple relayers and distribute transactions via load balancing. The Defender platform manages nonce ordering automatically across concurrent submissions.
Defender API - JWT Token Expiry per session
60
Optional refresh tokens can extend sessions. Expired tokens return an error response requiring re-authentication.
Relayer (Open Source) - Requests Per Second per server instance
100
Relayer (Open Source) - Concurrency Limit per server instance
100