What they were doing is using a server in the middle for auth. But oh god the server started handing out the wrong keys so you might end up having total control of another acd_cli users account.
And when acd_cli got banned they (not acd_cli themself but users that modified the source) just used rclones app ID and keys to trick Amazon into thinking acd_cli was rclone. Then rclone got banned.
They (amazon) did say the problem with rclone was the keys were public since it is open source.
What they were doing is using a server in the middle for auth. But oh god the server started handing out the wrong keys so you might end up having total control of another acd_cli users account.
And when acd_cli got banned they (not acd_cli themself but users that modified the source) just used rclones app ID and keys to trick Amazon into thinking acd_cli was rclone. Then rclone got banned.
They (amazon) did say the problem with rclone was the keys were public since it is open source.