Cobo employs the ECDSA algorithm for signature verification. We strongly recommend that you generate your public and private API keys locally to ensure that Cobo neither has access to nor stores your private keys. After generating your keys locally, you can manage the public keys by heading to Cobo Custody Web-Wallet-API. For more information on private key generation, signing and verification, please refer to https://github.com/CoboGlobal/. For API references, please go to /v1/api-references/overview/authentication.
Your API signature verification may have failed due to the following reasons:The public keys are not associated with the correct environments (i.e., production, development) on Cobo Custody Web.Incorrect API key types. Please make sure that you are using the correct key type (i.e., “querying”, “withdraw and querying”, “operation and querying”).The incorrect HOST has been used.
Do all API keys have a validity period of 90 days?
Show Answer
If an API key is not associated with an IP whitelist, its validity period is limited to 90 days. However, once an IP address is added to the API key, it becomes permanently valid.
