MtGox/API/Pubnub
Introduction
MtGox is now using the services of PubNub to stream real-time data due to the difficulty to cope with the kind of volumes of data we need to broadcast real-time while keeping a reliable service.
PubNub provides SDKs in various languages: https://www.pubnub.com/developers
If you already use Socket.IO, you may want to check https://github.com/pubnub/javascript/tree/master/socket.io
Access to public channels
It is possible to subscribe directly to any public channel listed on https://mtgox.com/api/2/stream/list_public?pretty through that interface.
Subscribe key for MtGox: sub-c-50d56e1e-2fd9-11e3-a041-02ee2ddab7fe
(it's the same for everyone who want to use MtGox)
Some sample feeds on the PubNub console:
- https://www.pubnub.com/console?sub=sub-c-50d56e1e-2fd9-11e3-a041-02ee2ddab7fe&pub=demo&channel=d5f06780-30a8-4a48-a2f8-7ed181b4a13f&origin=pubsub.pubnub.com&ssl=true <- to access BTCUSD ticker
- https://www.pubnub.com/console?sub=sub-c-50d56e1e-2fd9-11e3-a041-02ee2ddab7fe&pub=demo&channel=dbf1dee9-4f2e-4a08-8cb7-748919a71b21&origin=pubsub.pubnub.com&ssl=true <- BTC trades
A very simple sample implementation: https://www.mtgox.com/lag.html (shows trade engine lag in realtime)
Access to private channels
Private channels can be accessed by first calling the https://www.mtgox.com/api/2/stream/private_get api. This API will return details to access the private API (subscribe key, auth key, encryption key, etc).
Private messages are encrypted using PubNub's standard encryption method (AES128 CBC w/ 14 cycles of repetition for 256-bit keys) and a shared secret obtained through the API. This guarantees that PubNub has no knowledge of the private key and as such can't possibly read the private messages unless you access the console (as it's passed as parameter). As long as you don't call the stream/private_get api, no data for your user will be sent to PubNub.
Once the number of seconds specified in "renew" has passed, you should call the API again to renew the auth key and password. If the auth key has changed, you will need to subscribe again to continue getting updates. Once the number of seconds specified in "expires" has passed, no data will be sent anymore unless the API was called again.
If you call that API once every renew
, the access data should not change, and you should continue getting updates as long as you're connected. Note that you can pass an extra parameter to this API (renew=1
) to force the private key and auth key to change. Change in private key will be handled for all new messages (the old auth key will continue working until its expiration).