please make API keys be specific to operations - e.g. one 'read only' API key, and one 'read/write' API key - mtgox users have been stung too many times by having a single API key for write operations and finding all their BTC stolen.
I was thinking of having each API key have a set of checkboxes: "read, write, bet, invest" or whatever.
That way you can make 4 keys, each with a different checkbox enabled if you like, or you can make a single key with all the checkboxes enabled.
I think that's how Gox works too isn't it? Do you see a problem with that? If you want to put all your eggs in one API key then I don't want to stop you.