Key Management

Exchange-Managed Keys

When you create an account on Hibachi using your email, the exchange securely stores your credentials and signs transactions on your behalf using ECDSA.

When using an API key, you sign using HMAC (shared secret key between you and the exchange) to sign requests quickly.

Self-Managed Keys

When using a wallet based account, your Hibachi account is derived from your wallet but is not your wallet itself. This allows you to generate multiple sub accounts from the same wallet.

The derived private key is stored on the user's end in a browser key vault based on the open source metamask key vault. Your wallet saves your credentials and encrypts them using open source code.

Every transaction needs to be signed.