> For the complete documentation index, see [llms.txt](https://docs.tradestream.xyz/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.tradestream.xyz/misc/api-key-security.md). # API Key Security We employ similar methods to secure your API Keys as we use to secure your trading data but with a few changes to make it even more secure.\ \ Once again, in order to preserve the security of your API Keys we have avoided discussing certain methods that we use to ensure your API Keys safety in order to preserve their efficiency. *** ## Read-only Keys All API Keys submitted to TradeStream have to be read-only. This means that the API Keys are only authorized to read data from your exchange accounts. They cannot be used to submit orders, transfer funds or withdraw money. {% hint style="warning" %} TradeStream's systems will automatically reject any keys that are not read-only. This is done for your safety. {% endhint %} **In the worst case scenario:** Even if a hacker gets access to your API Keys through TradeStream they would not be able to steal your money or submit trades with them. The worst they would be able to do is download your trading history. *** ## Encryption Just as with your trading data all API Keys are encrypted multiple times using AES256 encryption. Although we use different encryption keys for API Keys and trading data. ### Rotating encryption keys Similarly to trading data we regularily change the encryption keys used for API Keys and with that re-encrypt API Keys with the fresh encryption keys. But for API Keys we switch the encryption keys on a more frequent schedule in order to ensure less of a chance that anyone can crack your API Keys encryption. *** ## Decryption Your API keys are only decrypted when they need to be used to sign requests to your exchange's API. This means that until the API Keys need to be used they are always encrypted. As soon as they've been used they are re-encrypted to ensure their safety. Additionally, only certain secured TradeStream servers possess the encryption keys used for API Keys. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.tradestream.xyz/misc/api-key-security.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.