Date: April 2, 2026
Participants: Suso (Founder), DeepSeek (Main Research Assistant)
Context: Following the decision to use Kraken as a backup liquidity source for the escrow (see RS016), we need a practical guide to create a Kraken account, obtain API credentials, and configure the minimal permissions required for automated monitoring (Query). This session documents the exact steps, including the API secret format and security considerations.
Query PermissionAfter logging in:
https://www.kraken.com/settings/api).escrow_query_monitor.QueryDeposit, Withdraw, or Earn.Important: After creation, Kraken displays the API Key and API Secret.
The API Secret is a Base64‑encoded string, e.g.
s3o80MmgPebFWAIrv5+ExcQc48UTpoFfQtCKVPgMp7VB6p+XObWmF0EMPaXuMBQ0iPs2C/fKmDYZeXRrrLxwrA==
Copy it exactly. Kraken will never show it again.
In Python, the secret must be stored as a bytes literal (with a b prefix):
```python api_secret = b”s3o80MmgPebFWAIrv5+ExcQc48UTpoFfQtCKVPgMp7VB6p+XObWmF0EMPaXuMBQ0iPs2C/fKmDYZeXRrrLxwrA==”
The script uses base64.b64decode(api_secret) to obtain the raw bytes required for HMAC‑SHA512 signing. If the secret is stored as a string, you must encode it: api_secret.encode().
After creating the key, test it with the Balance endpoint (see RS018). If successful, you will receive a JSON response containing your account balances.
Next Steps
Test the Query permission (RS018).
Later, create a separate API key with Withdraw and Create & modify orders for the actual trading/withdrawal logic (but only for a dedicated hot wallet with minimal funds).
Conclusion
A Kraken Intermediate account with a read‑only API key (Query) provides a safe way for the escrow to monitor balances without any risk of moving funds. This is the foundation for building automated backup liquidity.
Prepared by DeepSeek, Main Research Assistant, April 2, 2026