Introducing Hummingbot’s new key encryption feature

hummingbot
Dec 23, 2019 · 2 min read
Image for post
Image for post

In an effort to make our users’ sensitive configuration settings such as private keys, exchange API keys and secrets more secure, we have added a new feature that allows you to encrypt and decrypt your sensitive information since the version 0.20.0.

Previously, your exchange API keys were saved in plain-text in the conf_global.yml global configuration file. Even though Hummingbot is local client software, this was a potential security risk because if someone was able to access your computer or cloud virtual machine, they could see your API keys and execute malicious trades with it.

The new Hummingbot client will prompt Enter your new password when you start the configuration process for the first time.

Image for post
Image for post

This password you set will be used to encrypt both your Ethereum walley private key and your exchange API keys. Now, every time you start the Hummingbot client, you have to enter this password in the client. Please note that for security reasons, the system does not store this password anywhere. That means in case of forgotten or lost password, there is no way to recover it.

Now once you set the password, you’ll be able to see a few encrypted files in your conf folder, and the global config file will not contain your private key and exchange API information anymore.

Image for post
Image for post

For users who are upgrading from prior versions of Hummingbot, v0.20.0 and later versions automatically transfers existing API keys out of conf_global.yml and into this new encrypted format. This also replaces the password you used before to encrypt your Ethereum wallet private key.

When you reopen the Hummingbot client, you have to re-enter the password you set before to proceed. Once you enter the password correctly, you can also change or edit your sensitive information.

We hope this new encryption feature will help all of our users run high-frequency trading bots a bit more safely and securely!

Hummingbot Blog

Bite-size stories about crypto trading, decentralized…

hummingbot

Written by

hummingbot, an #opensource #crypto #marketmakingbot. Decentralize #marketmaking: hummingbot.io

Hummingbot Blog

Bite-size stories about crypto trading, decentralized finance and hummingbot. For full articles, check out https://www.hummingbot.io/blog

hummingbot

Written by

hummingbot, an #opensource #crypto #marketmakingbot. Decentralize #marketmaking: hummingbot.io

Hummingbot Blog

Bite-size stories about crypto trading, decentralized finance and hummingbot. For full articles, check out https://www.hummingbot.io/blog

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store