Security
Security First
Your strategies and assets are protected by multiple layers of security.
Sandboxed Execution
All AI strategies run in isolated sandbox environments. No access to external systems or sensitive data.
Wallet Safety
Strategies never have direct wallet access. All trades are executed through our secure proxy system.
Code Review
All custom code strategies undergo automated security scanning before deployment.
Infrastructure Security
Enterprise-grade infrastructure with SOC 2 compliance, encrypted data at rest and in transit.
API Key Management
Granular API key permissions with rotation support. Keys never exposed in client applications.
Resource Limits
Strict compute and memory limits prevent resource exhaustion attacks.
Sandbox Execution Environment
Every AI strategy runs in a completely isolated environment with:
- No network access except approved APIs
- No filesystem access
- Memory and CPU limits enforced
- Execution time limits
- No access to other strategies
- Secure IPC for trade execution only
Architecture Overview
Your Strategy
Isolated Container
Security Layer
Validation & Limits
Trade Executor
Secure DEX Connection
Risk Mitigation
| Risk | Mitigation | Status |
|---|---|---|
| Strategy Code Injection | Sandboxed execution environment with restricted API surface | Protected |
| Wallet Drain Attacks | No direct wallet access; proxy-based trade execution | Protected |
| Data Leakage | Encrypted storage, isolated environments, no cross-strategy access | Protected |
| DDoS Attacks | CDN protection, rate limiting, auto-scaling infrastructure | Protected |
| API Key Compromise | Key rotation, IP whitelisting, permission scoping | Protected |