credentials

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Credentials - Complete API Reference

凭证管理 - 完整API参考

Securely store and manage API credentials for trading platforms with AES-256-GCM encryption.

通过AES-256-GCM加密，为交易平台安全存储和管理API凭证。

Chat Commands

聊天命令

Add Credentials

添加凭证

/creds add polymarket                       Interactive setup
/creds add kalshi --key abc --secret xyz    Direct setup
/creds add binance                          Add Binance API
/creds add hyperliquid                      Add wallet key

/creds add polymarket                       交互式设置
/creds add kalshi --key abc --secret xyz    直接设置
/creds add binance                          添加Binance API凭证
/creds add hyperliquid                      添加钱包密钥

View Credentials

查看凭证

/creds list                                 List configured platforms
/creds status                               Encryption system status
/creds test polymarket                      Test API connection
/creds check polymarket                     Verify credentials work

/creds list                                 列出已配置的平台
/creds status                               加密系统状态
/creds test polymarket                      测试API连接
/creds check polymarket                     验证凭证有效性

Remove Credentials

删除凭证

/creds remove polymarket                    Remove platform creds
/creds clear                                Clear all (careful!)

/creds remove polymarket                    删除指定平台的凭证
/creds clear                                清空所有凭证（请谨慎操作！）

Auth Status

认证状态

/auth status                                Overall auth status
/auth refresh kalshi                        Refresh tokens
/auth cooldown                              View cooldown status

/auth status                                整体认证状态
/auth refresh kalshi                        刷新令牌
/auth cooldown                              查看冷却状态

TypeScript API Reference

TypeScript API参考

Create Credentials Manager

创建凭证管理器

typescript

import { createCredentialsManager } from 'clodds/credentials';

const creds = createCredentialsManager({
  // Encryption key (required)
  encryptionKey: process.env.CREDENTIALS_KEY,

  // Storage backend
  storage: 'sqlite',  // 'sqlite' | 'postgres'
  dbPath: './credentials.db',

  // Cooldown settings
  cooldownMinutes: 15,
  maxFailures: 3,
});

typescript

import { createCredentialsManager } from 'clodds/credentials';

const creds = createCredentialsManager({
  // 加密密钥（必填）
  encryptionKey: process.env.CREDENTIALS_KEY,

  // 存储后端
  storage: 'sqlite',  // 'sqlite' | 'postgres'
  dbPath: './credentials.db',

  // 冷却设置
  cooldownMinutes: 15,
  maxFailures: 3,
});

Set Credentials

设置凭证

typescript

// Polymarket (API + signing key)
await creds.setCredentials({
  userId: 'user-123',
  platform: 'polymarket',
  credentials: {
    apiKey: 'pk_...',
    apiSecret: 'sk_...',
    privateKey: '0x...',  // For order signing
    funderAddress: '0x...',
  },
});

// Kalshi (API key)
await creds.setCredentials({
  userId: 'user-123',
  platform: 'kalshi',
  credentials: {
    email: 'user@example.com',
    apiKey: 'key_...',
  },
});

// Binance Futures
await creds.setCredentials({
  userId: 'user-123',
  platform: 'binance',
  credentials: {
    apiKey: 'abc...',
    apiSecret: 'xyz...',
  },
});

// Hyperliquid (wallet)
await creds.setCredentials({
  userId: 'user-123',
  platform: 'hyperliquid',
  credentials: {
    privateKey: '0x...',
    walletAddress: '0x...',
  },
});

typescript

// Polymarket（API密钥 + 签名密钥）
await creds.setCredentials({
  userId: 'user-123',
  platform: 'polymarket',
  credentials: {
    apiKey: 'pk_...',
    apiSecret: 'sk_...',
    privateKey: '0x...',  // 用于订单签名
    funderAddress: '0x...',
  },
});

// Kalshi（API密钥）
await creds.setCredentials({
  userId: 'user-123',
  platform: 'kalshi',
  credentials: {
    email: 'user@example.com',
    apiKey: 'key_...',
  },
});

// Binance期货
await creds.setCredentials({
  userId: 'user-123',
  platform: 'binance',
  credentials: {
    apiKey: 'abc...',
    apiSecret: 'xyz...',
  },
});

// Hyperliquid（钱包）
await creds.setCredentials({
  userId: 'user-123',
  platform: 'hyperliquid',
  credentials: {
    privateKey: '0x...',
    walletAddress: '0x...',
  },
});

Get Credentials

获取凭证

typescript

// Get for specific platform
const polymarketCreds = await creds.getCredentials({
  userId: 'user-123',
  platform: 'polymarket',
});

if (polymarketCreds) {
  console.log(`API Key: ${polymarketCreds.apiKey}`);
  // Credentials are decrypted on retrieval
}

// List user's configured platforms
const platforms = await creds.listUserPlatforms('user-123');
console.log(`Configured: ${platforms.join(', ')}`);

typescript

// 获取指定平台的凭证
const polymarketCreds = await creds.getCredentials({
  userId: 'user-123',
  platform: 'polymarket',
});

if (polymarketCreds) {
  console.log(`API密钥: ${polymarketCreds.apiKey}`);
  // 凭证在获取时自动解密
}

// 列出用户已配置的平台
const platforms = await creds.listUserPlatforms('user-123');
console.log(`已配置平台: ${platforms.join(', ')}`);

Delete Credentials

删除凭证

typescript

// Remove single platform
await creds.deleteCredentials({
  userId: 'user-123',
  platform: 'kalshi',
});

// Remove all for user
await creds.deleteAllCredentials('user-123');

typescript

// 删除单个平台的凭证
await creds.deleteCredentials({
  userId: 'user-123',
  platform: 'kalshi',
});

// 删除用户的所有凭证
await creds.deleteAllCredentials('user-123');

Test Credentials

测试凭证

typescript

// Test API connection
const result = await creds.testCredentials({
  userId: 'user-123',
  platform: 'polymarket',
});

if (result.success) {
  console.log(`✓ Connected to ${result.platform}`);
  console.log(`  Balance: $${result.balance}`);
} else {
  console.log(`✗ Failed: ${result.error}`);
}

typescript

// 测试API连接
const result = await creds.testCredentials({
  userId: 'user-123',
  platform: 'polymarket',
});

if (result.success) {
  console.log(`✓ 已连接到${result.platform}`);
  console.log(`  账户余额: $${result.balance}`);
} else {
  console.log(`✗ 连接失败: ${result.error}`);
}

Cooldown Management

冷却管理

typescript

// Mark failed auth attempt
await creds.markFailure({
  userId: 'user-123',
  platform: 'kalshi',
  error: 'Invalid API key',
});

// Check if in cooldown
const inCooldown = await creds.isInCooldown({
  userId: 'user-123',
  platform: 'kalshi',
});

if (inCooldown) {
  const remaining = await creds.getCooldownRemaining({
    userId: 'user-123',
    platform: 'kalshi',
  });
  console.log(`Cooldown: ${remaining} minutes remaining`);
}

// Mark successful auth (resets failures)
await creds.markSuccess({
  userId: 'user-123',
  platform: 'kalshi',
});

typescript

// 标记认证失败尝试
await creds.markFailure({
  userId: 'user-123',
  platform: 'kalshi',
  error: '无效API密钥',
});

// 检查是否处于冷却状态
const inCooldown = await creds.isInCooldown({
  userId: 'user-123',
  platform: 'kalshi',
});

if (inCooldown) {
  const remaining = await creds.getCooldownRemaining({
    userId: 'user-123',
    platform: 'kalshi',
  });
  console.log(`冷却中: 剩余${remaining}分钟`);
}

// 标记认证成功（重置失败计数）
await creds.markSuccess({
  userId: 'user-123',
  platform: 'kalshi',
});

Build Trading Context

构建交易上下文

typescript

// Get ready-to-use trading context
const context = await creds.buildTradingContext({
  userId: 'user-123',
  platform: 'polymarket',
});

// Context includes authenticated client
await context.client.getBalance();
await context.client.placeOrder({ ... });

typescript

// 获取可直接使用的交易上下文
const context = await creds.buildTradingContext({
  userId: 'user-123',
  platform: 'polymarket',
});

// 上下文包含已认证的客户端
await context.client.getBalance();
await context.client.placeOrder({ ... });

Supported Platforms

支持的平台

Platform	Credentials Required
Polymarket	API key, secret, private key, funder address
Kalshi	Email, API key
Betfair	App key, session token
Smarkets	API key
Binance	API key, secret
Bybit	API key, secret
Hyperliquid	Private key, wallet address
MEXC	API key, secret

平台	所需凭证
Polymarket	API密钥、密钥、私钥、出资方地址
Kalshi	邮箱、API密钥
Betfair	应用密钥、会话令牌
Smarkets	API密钥
Binance	API密钥、密钥
Bybit	API密钥、密钥
Hyperliquid	私钥、钱包地址
MEXC	API密钥、密钥

Security Features

安全特性

Feature	Description
AES-256-GCM	Military-grade encryption at rest
Per-user keys	Isolated credential storage
Cooldown	Rate limits on failed attempts
No logging	Secrets never logged
Memory wipe	Credentials cleared from memory after use

特性	说明
AES-256-GCM	军用级静态加密
按用户隔离密钥	凭证存储相互隔离
冷却机制	对失败尝试进行速率限制
无日志记录	敏感信息永不记录
内存清除	凭证使用后从内存中清除

Environment Variables

环境变量

bash

undefined

bash

undefined

Required encryption key (generate with: openssl rand -hex 32)

必填加密密钥（生成方式: openssl rand -hex 32）

CREDENTIALS_KEY=your-64-char-hex-key

// 可选：各平台独立密钥 POLYMARKET_API_KEY=pk_... POLYMARKET_API_SECRET=sk_... POLYMARKET_PRIVATE_KEY=0x... KALSHI_EMAIL=user@example.com KALSHI_API_KEY=key_...

---

Optional: per-platform keys

最佳实践

POLYMARKET_API_KEY=pk_... POLYMARKET_API_SECRET=sk_... POLYMARKET_PRIVATE_KEY=0x... KALSHI_EMAIL=user@example.com KALSHI_API_KEY=key_...

---

使用强加密密钥 — 使用
```
openssl rand -hex 32
```
生成
定期轮换密钥 — 定期更新API密钥
添加后测试 — 始终验证凭证有效性
最小权限原则 — 尽可能使用只读密钥
安全备份 — 离线保存加密备份

Best Practices

—

Strong encryption key — Use
```
openssl rand -hex 32
```
Rotate keys regularly — Update API keys periodically
Test after adding — Always verify credentials work
Minimal permissions — Use read-only keys when possible
Backup securely — Keep encrypted backups offline

—