search

Security Best Practices

hashtag
Protecting Your API Keys

  1. Trading permissions only — Never enable withdrawal permissions on Hyperliquid

  2. Unique keys per platform — Create a dedicated API key for HyperSync

  3. Rotate periodically — Regenerate keys every 30-90 days

  4. Monitor activity — Check your Hyperliquid trade history regularly

  5. Revoke unused keys — If you stop using HyperSync, revoke the key immediately

hashtag
Protecting Your Account

  1. Strong passwords — Use unique, complex passwords for your HyperSync account

  2. Secure connection — Always access HyperSync over HTTPS

  3. Don't share credentials — Never share your login, API keys, or webhook tokens

  4. Log out when done — Especially on shared or public computers

hashtag
Emergency Procedures

If you suspect your account or API keys are compromised:

  1. Immediately revoke the API key on Hyperliquid's website

  2. Use the Emergency Halt feature in HyperSync Settings to stop all trading

  3. Close all open positions from the Hyperliquid interface directly

  4. Delete the compromised wallet from HyperSync

  5. Generate a new API key with fresh credentials

  6. Review your trade history for any unauthorized activity

  7. Change your HyperSync password if using email login

hashtag
Why Your Funds Are Safe

  • No withdrawal access: HyperSync only has permission to trade, never to withdraw

  • Encrypted storage: Your API keys are encrypted before being stored

  • Account isolation: Your data is completely separate from other users

  • You control revocation: You can revoke API access from Hyperliquid at any time, instantly cutting off HyperSync's ability to trade

PreviousAPI Keys vs Agent WalletsNextWhat Is Copy Trading?

Last updated