Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Meta
Re: [ROASTING] This forum has big problem with high rank spineless human beings
by
CryptoSparks
on 20/09/2019, 16:37:07 UTC
Quote from: suchmoon on September 20, 2019, 04:26:42 PM
Quote from: FruitsBasket on September 20, 2019, 03:45:39 PM
I understand the confusion here.

There is no confusion. The OP is lying and misrepresenting the risks. He claimed that the API key "can act" as a Bitcoin private key so many times that there is zero room for any confusion.

every reply of mine is baked by data and reputable sources. I will stand until death to my definition. I could even build a platform that simply creates a bridge between a previously linked bitcoin private key and the api key of your account on the platform.. the result would be an api key that can do every single thing you could directly do with the private key. why? because an api key is just a tool of authentication . what it can do it depends on the platform that generated it.

Quote from: CryptoSparks on September 19, 2019, 12:18:10 AM
Quote
An application programming interface key (API key) is a unique string of alphanumeric characters transmitted as part of an API request that authenticate the source of the API request. API keys can be of two types: Public API key and Private API key.
The API key often acts as both a unique identifier and a secret token for authentication, and will generally have a set of access rights on the API associated with it.
WIKIPEDIA



In very simple words, an API key identifies you on the service platform that generated the key. (instead of using email and password uses the key to log in)
An API key can be anything and do anything, simply because it depends on what kind of API generated it, but usually is used for remote access and data tracking.

Likewise crypto wallets, there are public and private API keys with the difference that API keys are more like tools that adapt based on your needs.
For example, if you want to give access at others to selected data/privileges, you simply need to create a Public API Key which authenticates them to access your account and do nothing more than what you allowed. On the contrary, if you want to give full privileges and access to all data , you would create a Private API Key, which of course should be for your use only.

Another important difference is that API KEYS can be disabled and enabled at will, which is something very handy.



API KEYS IN TRADING:

API Keys are very handy when trading, even if you are still trading in frontend, and know nothing about programming, you should always have a private key enabled and stored securely offline, just in case anything bad happens to the frontend of the exchange and you urgently need to entry/exit a trade or even worst you locked yourself out(2FA rekt)... having the API Key allows you to have a way back in the account via terminal.

Usually exchanges offer the following privileges settings for API Keys:
- Order ( you can create and cancel orders via key)
- Cancel (you can only cancel orders via key)
- ReadOnly ( you can only read unencrypted data, such as balance/trade history/orders/markets data via key but you can't interact with any)
- Withdraw ( you can send a withdrawal request which still needs to be confirmed via email)
- CIDR (useful for ip filtering , read more here)

API KEYS are also commonly used by big Brokers, Hedge Funds and Quant Shops to safely manage their clients' capitals without having direct access to the funds.