Revoke an existing trading key

You suspect the API private key leaked (e.g., a compromised bot host, a stolen laptop, an exposed .env file in a public repo).

You lost the .env block and need to generate a new key to put on the bot host.

You're rotating keys as a hygiene measure (good practice every few months).

Go to /app/settings → "Active trading key" card → Revoke button. Confirm in the dialog. This sets the DB row to active=false + revokedAt=now, and Botely will no longer recognize this key as authoritative.

Importantly, this does NOT yet remove the on-chain authenticator. The bot will still be able to use the key to sign trades on dYdX — the .env file on the bot host is the real source of truth for what gets used.

SSH into the bot host. Edit the .env (typically /etc/botely-saas.env or ~/crypto-bot/.env) and either remove or comment out the three DYDX_* lines (DYDX_OWNER_ADDRESS, DYDX_API_PRIVATE_KEY, DYDX_AUTHENTICATOR_ID).

Restart the bot: `pm2 restart crypto-bot`. The bot's dydxClient now has no permissioned credentials. If DYDX_MNEMONIC is still in the .env, it falls back to mnemonic signing; otherwise it refuses to start with a clear error.

Broadcast MsgRemoveAuthenticator from your owner wallet to actually delete the on-chain authenticator. Until you do this, the trading key technically still has on-chain authority — just no software using it.

Phase 0 doesn't have a UI for this yet. Use the dydxprotocold CLI: `dydxprotocold tx accountplus remove-authenticator <id> --from <owner-keyname>`. Or wait for Phase 1.5 when the revoke button on /app/settings will also broadcast this.

Run the trading-key wizard again to generate a new permissioned key. Paste the new .env block onto the bot host. Restart. Bot resumes trading under the new key.

Old authenticator id sticks around on-chain (harmless) until you complete step 3.