Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Meta
Re: BAN REQUEST for TMAN cause RACISM and excessive vulgar speaking
by
CryptoSparks
on 26/11/2019, 15:14:10 UTC
Quote from: yogg on November 26, 2019, 01:07:11 PM
Quote from: CryptoSparks on November 26, 2019, 12:28:57 PM
API KEY CAN THEORETICALLY ACT AS PRIVATE KEY

Please can you submit the cryptographic standard specifying the use of api keys delivered by privately owned third-party services as a cryptographic private key ?
Yet, theoretically means there is no scientific proof, so your claims are nonsensical.

Otherwise .. maybe you're onto something that we all missed out in some way ? Huh

Thank you in advance for enlightening us


I doubt your ban request will succeed. You're not the first one to strongly disagree with TMAN yet he's still here.
You should consider joining his princess fan club. Tongue

You are missing the effort to read the full quote your buddy is spamming out of context and that i will stand until death to my API KEY Definition:


Quote from: CryptoSparks on September 19, 2019, 12:18:10 AM
Quote
An application programming interface key (API key) is a unique string of alphanumeric characters transmitted as part of an API request that authenticate the source of the API request. API keys can be of two types: Public API key and Private API key.
The API key often acts as both a unique identifier and a secret token for authentication, and will generally have a set of access rights on the API associated with it.
WIKIPEDIA



In very simple words, an API key identifies you on the service platform that generated the key. (instead of using email and password uses the key to log in)
An API key can be anything and do anything, simply because it depends on what kind of API generated it, but usually is used for remote access and data tracking.

Likewise crypto wallets, there are public and private API keys with the difference that API keys are more like tools that adapt based on your needs.
For example, if you want to give access at others to selected data/privileges, you simply need to create a Public API Key which authenticates them to access your account and do nothing more than what you allowed. On the contrary, if you want to give full privileges and access to all data , you would create a Private API Key, which of course should be for your use only.

Another important difference is that API KEYS can be disabled and enabled at will, which is something very handy.



API KEYS IN TRADING:

API Keys are very handy when trading, even if you are still trading in frontend, and know nothing about programming, you should always have a private key enabled and stored securely offline, just in case anything bad happens to the frontend of the exchange and you urgently need to entry/exit a trade or even worst you locked yourself out(2FA rekt)... having the API Key allows you to have a way back in the account via terminal.

Usually exchanges offer the following privileges settings for API Keys:
- Order ( you can create and cancel orders via key)
- Cancel (you can only cancel orders via key)
- ReadOnly ( you can only read unencrypted data, such as balance/trade history/orders/markets data via key but you can't interact with any)
- Withdraw ( you can send a withdrawal request which still needs to be confirmed via email)
- CIDR (useful for ip filtering , read more here)

API KEYS are also commonly used by big Brokers, Hedge Funds and Quant Shops to safely manage their clients' capitals without having direct access to the funds.



The all debate about api keys started because trolls that spam gambling signatures while faking interest in protecting other users, cannot attack the bot as a scam or ponzi anymore because of the trading journey with public api key available that anyone can use to access the account.

But to reply how an api key can act as bitcoin private key ( which is still not related to my business since ALL I REQUIRE IS A PUBLIC API KEY ENABLED FOR ORDER CREATION AND CANCELLATION ON BITMEX):

If you import your bitcoin private key on an hypothetical platform that gives you access to all functionality of that private key via a self generated api key to your account on the platform, would in that case the api key act like a private key ?

YES or NO ?