Welcome to Crypto Diary! Below, we’ve answered some common questions about how we handle your exchange API keys and keep your data secure. Our goal is to make this simple and transparent—let us know if you need more info!
When you connect to exchanges like Binance, Bybit, or Coinbase, Crypto Diary processes your API requests entirely within your browser. This means your public API key, request arguments, and signature are prepared locally on your device before being sent to our servers. We use this data to communicate with the exchange on your behalf, but we never see or handle your secret key.
No, we don’t store your secret key—or even see it! Your secret key stays on your device and is used only in your browser to calculate the signature for exchange requests. Since it never reaches our servers or database, it remains fully under your control.
We only receive non-sensitive information needed to facilitate your exchange requests. This includes your public API key (which can’t access your account alone), the request arguments (e.g., what data you’re asking for), and the signature (a secure hash proving the request is valid). None of this reveals your secret key or gives us access to your exchange account.
By keeping your secret key in your browser and off our servers, we reduce the risk of it being exposed due to a server breach or mishandling. It’s like keeping your house key in your pocket instead of handing it over—we can still help you unlock the door without ever holding the key ourselves.
You’re in charge of keeping your device secure. Since your secret key stays with you, make sure your computer or phone is protected from malware, phishing, or unsecured networks. You’re also responsible for following the terms of service of the exchanges you connect to (e.g., Binance, Bybit, Coinbase).
No, we can’t access your account. Without your secret key, the data we receive (public API key, arguments, signature) isn’t enough to log in or make changes on your behalf. We simply pass along your request to the exchange and deliver the response back to you.
If your API key or secret key is compromised (e.g., due to a device hack), it’s not because of us—since we don’t store or see them. You should immediately revoke the compromised key through your exchange account and generate a new one. We’re not liable for issues caused by local security breaches on your end.
We could, but we won’t—because your privacy and security matter more. Storing keys on our servers would make them a target for hackers and put you at risk. By keeping everything client-side, you stay in control, and we stay out of the sensitive stuff.
We offer coin price data from 01.01.2018 to the present.
Here is the list of currently supported coins. If your preferred coin isn’t listed, let us know at crypto.diary.contact@gmail.com
We’re here to help! If something’s unclear or you want to know more, feel free to contact us at crypto.diary.contact@gmail.com or check out our Privacy Policy and Terms of Service for the full details.
© 2025 Marcin Zagórski. All rights reserved.