6月 082018
 

https://developers.ripple.com/become-an-xrp-ledger-gateway.html

Tool Security
2)工具安全

Any time you submit an XRP Ledger transaction, it must be signed using your secret key. The secret key gives full control over your XRP Ledger address. Never send your secret key to a server operated by someone else. Either use your own rippled server, or sign the transactions locally before sending them to a rippled server.

在XRP总账网络中提交任何交易,都需要使用密钥进行签名。密钥完全控制XRP总账网络地址。
切勿将密钥发送至他人控制的服务器中,必要时在发送到rippled服务器前在本地进行交易签名。

The examples in this document show API methods that include a secret key. This is only safe if you control rippled server yourself, and you connect to it over a connection that is secure from outside listeners. (For example, you could connect over a loopback (localhost) network, a private subnet, or an encrypted VPN.) Alternatively, you could use RippleAPI to sign transactions locally before submitting them to a third-party server.

建议通过监听本地回环地址,使用专用子网或VPN来控制访问API服务。或者在提交请求至第三方服务器前使用RippleAPI先在本地进行交易签名。