HMAC-SHA256 with HMAC-signed passphrase (KuCoin-style).
Used by: KuCoin, KuCoin Futures, and ~3 other exchanges.
How it works
- Create millisecond timestamp
- Build payload:
timestamp + METHOD + endpoint + body - Sign payload with HMAC-SHA256, encode as Base64
- Also sign the passphrase with HMAC-SHA256 (v2 API keys)
- Send all in headers
Configuration
signing: %{
pattern: :hmac_sha256_passphrase_signed,
api_key_header: "KC-API-KEY",
timestamp_header: "KC-API-TIMESTAMP",
signature_header: "KC-API-SIGN",
passphrase_header: "KC-API-PASSPHRASE",
api_key_version_header: "KC-API-KEY-VERSION",
api_key_version: "2"
}