A private (that is, not published) API Key sure sounds like a protection measure to me.
kenbellows
It doesn't sound like the published API key is the problem here. They can revoke the key, and other users of Snaphax can put their own in the code. I think the larger issue is the reverse engineering of their protocol.