What does it mean to own your own API keys?
After the 3Commas hack, we made the conscious decision to ensure that we never store any users’ API keys and remain non-custodial.
Here’s what that means:
- Caddi never has your API keys, these keys are kept only on your browser extension
- This prevents hacks which target company databases. This can’t happen to us, if the hacker hacks us gets access to our databases they won’t find any of your data. Ever.
- We also encrypt these API keys in your browser extension with a password that you set
- This way no-one has access to your API keys but you
- You can also IP whitelist your API keys from your IP address of choice (this adds a layer of protection if you have a static IP address at home).