API-Key Permissions: What Pilotbot Needs and What It Can't Do
Exactly which exchange API-key permissions Pilotbot uses, why it can never withdraw your money, and how your keys are protected.
Pilotbot Team
Author
On this page
An exchange API key is not a master password — it's a set of scoped permissions that you choose when you create it. The exchange enforces them on its own servers, so no application can do more than the permissions you granted. This article explains exactly what Pilotbot needs and what it can never do.
What Pilotbot Needs
To read the market and manage your P2P ads, Pilotbot uses:
- Read / view access — to see account info, ad prices, market data, and order status.
- Trading / ad-management access — to update and pause your ads. On Binance this means enabling Spot & Margin Trading (and Futures); on Bybit it means Spot, Contracts, and Assets/Wallet view.
That's the whole list. See the exact steps for Binance and Bybit.
What Pilotbot Can Never Do
- It cannot withdraw funds. Withdrawal is a separate permission that you never enable. Without it, no software — Pilotbot included — can move money out of your account.
- It cannot change your account security (password, 2FA, email).
- It cannot access anything the key isn't scoped for. The exchange blocks it at the server level.
Your money stays in your exchange account at all times. The key only tells the exchange to reprice ads and read data.
Extra Protection: IP Restriction
When you create the key, restrict it to trusted IPs only and paste the IP addresses Pilotbot provides. After that, the key works only from Pilotbot's servers — even if the key text leaked, it would be useless from anywhere else.
How Your Keys Are Stored
Pilotbot stores your API keys encrypted (AES-256). They are used only by the pricing engine to talk to the exchange — they are never exposed through the interface or shared.