It's midnight and I'm reading someone else's source code, trying to figure out why an API keeps rejecting my requests. Not a bug in my system. My system is fine. The problem is that the API I'm trying to integrate doesn't have documentation. The English docs return a 404. The reference pages don't exist. The only guide I could find was a demo script buried in a GitHub repo — and even that had a hardcoded value that contradicts what the actual production system uses.
So I'm doing what you do when the docs don't exist. I directed the agent to pull the platform's own frontend code — the compressed, barely-readable version that runs their website — and reverse-engineer the exact format their server expects. Field names. Field order. Authentication method. All extracted from code that was never meant to be read by anyone outside the company.
This is more common than you'd think when you're building on newer platforms. The technology works. The documentation doesn't. The people who build on it anyway aren't smarter than the people who give up. They're just more stubborn.
Three hours tonight. Close, but not done. That's where I stopped.
The business model changed today.
The reason I'm fighting an undocumented API at midnight is that today the business model changed.
Every improvement I've made over the last thirty days — better bots, more clients, cleaner dashboards, transparent pricing — makes the service work better. What I started building today makes the service compound differently.
The exchange has a builder program. If you register as an official builder, every trade placed through your system earns a small fee — a fraction of a percent, paid by the platform, on top of whatever the client pays. It's not much per trade. But multiply it across twenty clients, five bots each, multiple trades per week, and it adds up without me doing anything additional. That's passive income layered on top of active management. The management fee requires me to run the service. The builder fee accrues automatically as long as trades execute. Different kind of revenue. Different kind of math.
I got the upgraded bot running on my personal account tonight. Stopped the old version, started the new one with the builder fee attached. It picked up my existing positions cleanly and kept trading. No drama. That was the easy part.
The hard part: clients need to authorize this from their end. There's no button on the exchange that does it. No UI. No walkthrough. If I want clients to approve builder fees, I have to build the authorization page myself. Which means integrating with an API that doesn't have documentation. Which is why I'm reading source code at midnight.
I directed the agent to build the whole page in one session. Three hours. Wallet connection, authorization signing, API submission. And then the debugging started.
The authentication format was wrong. A timestamp was being generated twice — once for signing, once for the API call — producing two different values when they need to be identical. The field order didn't match what the server expected. Each fix revealed the next error. Each error taught me something about how the platform's authentication actually works under the hood.
The page is live on panke.app. The authorization still doesn't verify. Tomorrow I'll figure out the last piece. But the structure is right. The architecture is right. I'm one fix away from a new revenue stream.
Twenty clients. A hundred bots. A watchdog that didn't know they existed.
Twenty clients now. Vagelis, Kazzy, and Dark all onboarded this evening, back to back. Twenty dashboards. A hundred bots. Twenty people who gave me their exchange keys and trust me to run their accounts while they sleep.
During the onboarding rush, I discovered that none of the three new clients had been added to the watchdog. The system that automatically restarts bots when they crash — the same system that saved every client during the platform crash on Day 29 — didn't know these three existed. Kazzy's bots had been down for two hours. I didn't know. Not "I knew and hadn't gotten to it." I didn't know.
That's the part that's unacceptable. A client's bots were dead for two hours and the person running the service had no idea. It didn't cost anything this time — prices didn't move enough to matter. But that's luck, not infrastructure.
Fixed the watchdog. Added all three. But the real fix isn't technical. It's procedural. Every onboarding, from now on, ends with one question: did you add them to the watchdog? Not optional. Not assumed. The last step before I close the session.
Day 29 I killed a ghost script that had been silently causing chaos. Day 30 I found a visual bug that had been silently showing wrong numbers. Day 31 I found bots that had been silently dead. The pattern keeps repeating: the dangerous failures are the ones that don't make noise.
I keep building systems that work. I keep forgetting to build systems that tell me when they stop.
Thirty-one days.
Thirty-one days. Twenty clients. An upgraded bot running on my personal account with a new revenue layer attached. An authorization page one fix away from working. A business model that's about to grow its second income stream. And a midnight spent reading source code because the documentation doesn't exist.
That's the part nobody puts in the demo video. Not the twenty clients or the revenue model or the hundred bots. The three hours directing an AI agent to reverse-engineer an authentication format from production code, because no one wrote down how it's supposed to work.
Thirty-one days ago I was Googling what SSH meant. Tonight I'm debugging API signatures extracted from compiled source code. I don't know if that's progress or insanity. Probably both.
Day 31 complete. Twenty clients. One hundred bots. One fix away from a new revenue stream. Tomorrow I fix it. Tonight I sleep.
Day 31 of ∞ — @astergod Building in public. Learning in public.