kingfisher/crates/kingfisher-rules/data/rules/kucoin.yml

rules:
  - name: KuCoin API Key
    id: kingfisher.kucoin.1
    pattern: |
      (?xi)
      \b
      kucoin
      (?:.|[\n\r]){0,32}?
      (?:
        api[_-]?key |
        key
      )
      (?:.|[\n\r]){0,12}?
      (
        [a-f0-9]{24}
      )
      \b
    pattern_requirements:
      min_digits: 4
      min_lowercase: 8
      ignore_if_contains:
        - xxxxxx
        - your_api_key
    min_entropy: 3.0
    confidence: medium
    examples:
      - KUCOIN_API_KEY=4f4ecb6f11b1a70001c8e2ff
      - 'kucoin_api_key: a1b2c3d4e5f60718293a4b5c'
    references:
      - https://www.kucoin.com/docs-new/authentication
      - https://www.kucoin.com/docs-new/api-3470125

  - name: KuCoin API Secret
    id: kingfisher.kucoin.2
    pattern: |
      (?xi)
      \b
      kucoin
      (?:.|[\n\r]){0,32}?
      (?:
        api[_-]?secret |
        secret
      )
      (?:.|[\n\r]){0,12}?
      (
        [a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}
      )
      \b
    pattern_requirements:
      min_digits: 6
      min_lowercase: 8
      ignore_if_contains:
        - 00000000-0000-0000-0000-000000000000
        - xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    min_entropy: 3.3
    confidence: medium
    examples:
      - KUCOIN_API_SECRET=7d70f6c7-42e9-4261-8a8d-8ca2d5028d4f
      - 'kucoin_secret: a1b2c3d4-e5f6-7890-abcd-ef1234567890'
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://api.kucoin.com/api/v1/accounts
          headers:
            Accept: application/json
            Content-Type: application/json
            KC-API-KEY: "{{ KUCOIN_KEY }}"
            KC-API-TIMESTAMP: "{{ REQUEST_UNIX_MILLIS }}"
            KC-API-KEY-VERSION: "2"
            KC-API-PASSPHRASE: '{%- assign passphrase = KUCOIN_PASSPHRASE | hmac_sha256: TOKEN -%}{{ passphrase }}'
            KC-API-SIGN: '{%- assign prehash = REQUEST_UNIX_MILLIS | append: "GET" | append: "/api/v1/accounts" -%}{{ prehash | hmac_sha256: TOKEN }}'
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid
            - type: WordMatch
              match_all_words: false
              words:
                - '"data"'
                - '"code":"200000"'
    depends_on_rule:
      - rule_id: kingfisher.kucoin.1
        variable: KUCOIN_KEY
      - rule_id: kingfisher.kucoin.3
        variable: KUCOIN_PASSPHRASE
    references:
      - https://www.kucoin.com/docs-new/authentication

  - name: KuCoin API Passphrase
    id: kingfisher.kucoin.3
    pattern: |
      (?xi)
      \b
      kucoin
      (?:.|[\n\r]){0,32}?
      (?:
        api[_-]?passphrase |
        passphrase
      )
      (?:.|[\n\r]){0,12}?
      (
        [A-Za-z0-9!@\#$%^&*()_+=./:-]{6,64}
      )
      \b
    pattern_requirements:
      ignore_if_contains:
        - your_passphrase
        - xxxxxx
    min_entropy: 2.5
    confidence: medium
    visible: false
    examples:
      - KUCOIN_API_PASSPHRASE=my-strong-passphrase
      - 'kucoin_passphrase: S3cur3Passphrase123'
    references:
      - https://www.kucoin.com/docs-new/authentication