EAPI:Invalid key

[yanone]

Hi,

I'm implementing a Kraken adapter for my trading software using kraky. I'm new to Kraken.

So I'm getting a EAPI:Invalid key response when I want to trade. I'm aware what that error message means from Kraken's side, and think that you probably implemented the signing correctly, but I'm not aware that I made any mistakes in handing the API key and secret over to KrakyApiClient().

So I wanted to ask if you can remember any pitfalls when setting up a new Kraken account that could lead to this error, maybe in combination with kraky, before I ask at the Kraken support.

Thank you.

[Atem18]

Hi,

As for this part, it should work as this is the basic part.

Can you share any code ?

Thanks a lot in advance.

[yanone]

I don't know what code to share. I've assembled a totally incomplete set of lines that cover the execution of a buy order. Never mind the "BTC" and "EUR" symbols; my app translates those to the actual symbols used on Kraken. Also I've tried both validate=True and False.

But actually I think that the problem can't be with kraky, because other calls do work, such as get_account_balance(), which correctly reports my balances. I didn't read through all your code but I'd be very surprised if the signing for the balances call would be any different from the order call.

What is set_otp()? Looks like it's for 2FA, which I don't plan on unsing, isn't it?
Did I overlook anything else?

keys_kraken_testaccount.json:

{
    "api_key": "...",
    "api_secret": "..."
}

Trading:

class Kraken(BaseExchange):
    def __init__(self, keys=None):
        self.kraky = KrakyApiClient(api_key=keys["api_key"], secret=keys["api_secret"])

    def buy(self, base, quote, base_amount=True):
        pair = base + quote
        assert pair in self._pairs, f"pair {pair} not found"
        print(f"buy {base}->{quote} ({pair})")
        if base_amount == True:
            base_amount = self.balance(base + ".HOLD") or self.balance(base)
        # remote call here
        self.kraky.add_standard_order(
            pair=pair, type="buy", ordertype="market", volume=base_amount, validate=True
        )
        self.update_balances()
        return True, {}

with open("keys_kraken_testaccount.json", "r") as f:
    keys = json.load(f)

exchange = Kraken(keys)
trading = Trading(exchange)
trading.swap("BTC", "EUR")

Because the question will come up, here are the permissions I've given the API key. I've even created a new key just to make sure.

[Atem18]

@yanone I've tested with that minimal amount of code:

import json

from kraky import KrakyApiClient


with open("keys_kraken_testaccount.json", "r") as f:
    keys = json.load(f)
    kraky = KrakyApiClient(api_key=keys["api_key"], secret=keys["api_secret"])
    print(kraky.get_web_sockets_token())

It works, I can get my websockets token which means that my apikey.secret are working.

As for the permissions, it's maybe the "Export data" that needs to be checked.

Finally, yes set_otp() is for 2FA which I don't use as well so I did not tested it but if you don't use it, it will not be activated.

[yanone]

Thank you. Will report to Kraken and see what they say. I'll keep this issue open for now and close it once I have a response. Feel free to close it yourself any time.

[Atem18]

No problem, I will keep the issue open.

[yanone]

The Kraken support replied:

This errror "EAPI:Invalid key" is probably a malformed request issue. The header of request should include the public part of a valid key:
https://docs.kraken.com/rest/#section/Authentication
Authenticated requests must include both API-Key and API-Sign HTTP headers

They suggested I try their base implementation at https://github.com/veox/python3-krakenex, and lo and behold, it actually worked placing orders, using the exact same key that I was using for kraky.

I know you said it worked on your side, but the evidence at hand suggests that there is indeed a problem with the signing procedure in kraky. I'll be happy to debug anything if you let me know what.

[Atem18]

@yanone It's strange indeed.

I will send some funds to Kraken tonight and try to place an order.

[Atem18]

@yanone Indeed, some endpoints are working as intended like getting the balance or getting a websocket token but not the order. I need to investigate and push a fix.

[Atem18]

@yanone Can you see this issue ? veox/python3-krakenex#134

[yanone]

I read the issue, but I don't understand the proposed solution in veox/python3-krakenex#134 (comment), as I don't understand what he means by "can't have them as strings".

A string, but not a string? Anyway, thanks for looking into this.

[Atem18]

As I understand, Kraken made some changes in the add_order function and it was working as well before for krakenex.

[Atem18]

@yanone I think this has to do with my functions allowing *args/**kwargs.

I am working on fixing this as well as aligning the REST API/WS to the latest versions.

It will be fixed today or tomorrow.

[Atem18]

@yanone I found the issue.

You were indeed right about the signing issue.
It was because it was encoding the Python primitive as direct strings like False becomes 'False' and not 'false'.

I took the encoding from Httpx and it's now working.

You can test it in the version 2023.02.22

[Atem18]

@yanone Kraken was in maintenance last night but now that it's online, I can confirm that it's working:
.venv ❯ kraky add_standard_order pair=XXRPZUSD type=sell ordertype=limit volume=100 price=1000
{'txid': ['OLKLT6-HEUTK-PKXUZX'], 'descr': {'order': 'sell 100.00000000 XRPUSD @ limit 1000.00000'}}

I will therefore close this issue. Feel free to reopen if you encounter any issue on your side.

[yanone]

Thank you so much. Excellent work!

[Atem18]

No problem, please let me know if you find others issues as I plan to push more things to align with Kraken's latest API and WS versions.