Re: Flag - "CryptoSparks"

Quote from: CryptoSparks on September 19, 2019, 06:14:33 AM

An api key can be anything, if you generate a "private api key" of an online wallet service that can act as private key as long it's enabled. A bitcoin private key is nothing else than a way to authenticate you as the owner of that wallet. An api key with full privileges (aka private api key) authenticates you as the owner of the account controlling the funds. Now why should be wrong to say that an api key can act a private key? it seems that you don't get the fact tha api keys are modular tools and can be shaped at will.

Quote from: CryptoSparks on September 19, 2019, 03:55:55 PM

And yet again i repeat, an API key is an authentication tool that based on the service can do basically anything.... even ACT AS A PRIVATE KEY.

Those looks like technically correct statements to me with analogies in red.. Analogies that you may not agree with but not vastly incorrect..
API keys do pretty much work like private keys but for your account at a service and not on the actual blockchain, only on their internal centralized ledger..

Quote from: suchmoon on September 20, 2019, 06:01:13 PM

I think it was when I gave him my API keys and told him to help himself to my bitcoins since the API key "can act" as a Bitcoin private key...

Quote from: CryptoSparks on September 19, 2019, 06:14:33 AM

An api key with full privileges (aka private api key) authenticates you as the owner of the account controlling the funds.

Did you give him an API key with full privilege of a funded account? If so he should have been able to WD your coins no?

Don't hate me for being the devils advocate here, maybe I am wrong and will learn something..