2018-01-12

PSA: DO NOT Give Your Kucoin API Private Key to Portfolio Tracking Apps (Yet)

PSA: DO NOT Give Your Kucoin API Private Key to Portfolio Tracking Apps (Yet)As of right now, the Kucoin API key allows FULL ACCESS of your account, which including 1) reading transactions, 2) TRADING (!), and 3) WITHDRAW (!!!)

That means anyone who gets a hold of your private key can potentially STEAL ALL YOUR COINS kept on Kucoin. 

Even if the app developers are honest there's still the risk of them hacked which would result in the hackers getting hold of your API keys.

Please remember to be safe and smart out there guys. Happy trading.

Reference: https://kucoinapidocs.docs.apiary.io/#introduction/api-key-permissions

If anyone has more information on this please share!

Edit: I confirmed this with a developer for a portfolio tracking app bituniverse

Edit 2: For people wondering why you'd ever give private API key. If you can set the API permission to read-only then services like portfolio tracking apps can only pull and import your trade history automatically. E.g. on Binance you can configure permissions for individual API keys. 

I said don't do it Yet because Kucoin doesn't currently let you configure permissions but I assume it's a feature that they will be adding in the near future. 

Edit 3: it applies to ALL EXCHANGES not just kucoin but I'm not on that many exchanges so please be smart and check yourselves.

Edit 4: im talking about API key on THE EXCHANGE which is completely different from your wallets secret key. API key is basically a access token needed for services like apps to retrieve information (READ) about a specific account on an EXCHANGE, or perform actions (trade or withdraw, if access given). And you only want apps to be able to read your transaction history on the exchange and not make any changes
PSA: DO NOT Give Your Kucoin API Private Key to Portfolio Tracking Apps (Yet)

As of right now, the Kucoin API key allows FULL ACCESS of your account, which including 1) reading transactions, 2) TRADING (!), and 3) WITHDRAW (!!!)

That means anyone who gets a hold of your private key can potentially STEAL ALL YOUR COINS kept on Kucoin.

Even if the app developers are honest there's still the risk of them hacked which would result in the hackers getting hold of your API keys.

Please remember to be safe and smart out there guys. Happy trading.

Reference: https://kucoinapidocs.docs.apiary.io/#introduction/api-key-permissions

If anyone has more information on this please share!

Edit:

Edit 2: For people wondering why you'd ever give private API key. If you can set the API permission to read-only then services like portfolio tracking apps can only pull and import your trade history automatically. E.g. on Binance you can configure permissions for individual API keys.

I said don't do it Yet because Kucoin doesn't currently let you configure permissions but I assume it's a feature that they will be adding in the near future.

Edit 3: it applies to ALL EXCHANGES not just kucoin but I'm not on that many exchanges so please be smart and check yourselves.

Edit 4: im talking about API key on THE EXCHANGE which is completely different from your wallets secret key. API key is basically a access token needed for services like apps to retrieve information (READ) about a specific account on an EXCHANGE, or perform actions (trade or withdraw, if access given). And you only want apps to be able to read your transaction history on the exchange and not make any changes

For anyone not familiar with API: solid white paper, 4th generation crypto, great team, major partnerships to be announced, rebranding detail releasing soon, limited supply still relatively low market cap much room for growth.

Predicting a 10000% gain in 3 weeks.

I'm 100% in on 2FA already, should I sell to buy API?

Good post.

!tipxrb $0.25

Edit: goddamn tip bot isn’t working

What about FUD? Everytime I see someone say something bad about a coin there's aways someone who recommends Fudcoin. It's not even on etherdelta though..

Muh Legacy

Muh Legacy

TOP KEK.

This captures the essence of leftists; everything they touch turns to shit.

Marie claps for you.

Marie claps for you.

w00t! Great work! Vive la France!

clap for the kween mai bruddas

Cute. Now I'm imagining her clapping because I finally got her PoL skill to rank 10.

These are my all time Favourite colour pop liquid lipstick shades

These are my all time Favourite colour pop liquid lipstick shades

The purple lipstick + your application is so gorgeous on you

I see why you like them they look great on you!

How do you successfully pull off such a wide shade range?? That hot pink one though, it looks so juicy and vibrant on you!

These are so gorgeous on you!! And your skin is glowing!!!!

[Letourneau] Casspi is dealing with a virus that caused his back to tighten up. Said he had a tough time walking this morning, but is hopeful he’ll get better soon.

[Letourneau] Casspi is dealing with a virus that caused his back to tighten up. Said he had a tou...

dude what the fuck kind of virus does that

What the hell kinda virus does that? Meningitis?

His role on offense showed me the genius of the Warriors coaching staff. Instead of spotting him up to shoot threes, they actually found a place in their system that highlights even better parts of his game. He’s a phenomenal baseline cutter and has nice touch around the rim.

Casspi discussion: I love his role on the Warriors. People thought he would bring another 3pt weapon to the team, but he is actually a more efficient version of Igoudala. He cuts everywhere, gets steals, double digit rebounds, and I think I have not seen him attempt a 3 at all.

30-11

30-11

The cheese is cold, Ernie.

This might be the best one.

I believe it's a reference to Charles Barkley complaining about the nachos at Sun's arena

https://www.youtube.com/watch?v=YTHWo-xLwx8

Official: Landon Donovan signs for Club Leon

Official: Landon Donovan signs for Club Leon

He really wants to go to the World Cup

what

How many times can you un-retire before they don’t let you retire anymore? Asking for a friend

People forget he's 35 only. Still young for being retired.

When you wide awake so you cancel your amazon pre order to and pre order digital so you can Fighterz at 3am

When you wide awake so you cancel your amazon pre order to and pre order digital so you can Fighterz at 3am

3am eastern?

Damn I might do the same, it sucks tho cause amazon had it discounted

lool sir you are impatient haha

its funny cause im usually a really patient person

Ex-Mormons can't leave the church alone. Yeah, well Mormons can't leave normal people alone, so there's that

Ex-Mormons can't leave the church alone. Yeah, well Mormons can't leave normal people alone, so there's that

Yep. Don't tell me to leave the church alone when you have 65,000 people working full time not leaving normal people alone.

They can't even leave dead people alone!

As I told my wife's home teachers... "I'm not the one sitting in your living room, teaching your wife and kids things that you find objectionable."

Touché, Apostate, touché.

ACLU Condemns House Vote on Surveillance Bill

ACLU Condemns House Vote on Surveillance Bill

Codifying warrantless wiretapping of the private communications of American citizens. It would serve to possibly violate the 1st and most certainly violate the 4th amendment. Corruption at the level to which you refer does not justify everyone giving up their freedoms. No.

This doesn't really surprise anyone.

But so glad at least the ACLU is doing something about it.

Privacy vs. national security and all that. Much of the noise surrounding fake news and the election may be true, but it's political in nature and doesn't enter the same realm as violating your constitutional rights. Mass surveillance and openness are inherently at odds.

Try one of these subthreads