Security & custody

User cash is tracked in a double-entry ledger and never commingled with operator funds. Unit-accounting (NAV model) ensures every dollar is attributable.

Less than 5% of platform USDT is held hot for withdrawals. The rest sits in cold multi-sig storage with geographic key distribution.

A single admin click halts new trades, new deposits, or outbound withdrawals independently. Circuit-breaker (Sentinel) auto-halts trading after consecutive losses.

Per-strategy loss caps, auto-suspension after consecutive losses, daily drawdown limits, adaptive per-pair risk sizing, and portfolio-level Sentinel supervisor.

TOTP-based 2FA protects your account. Required for withdrawals when enabled. Secrets are encrypted at rest. Rate-limited to prevent brute-force attacks.

Bcrypt hashing with complexity enforcement (uppercase, lowercase, digit, special character). Account lockout with exponential backoff after failed attempts.

Short-lived JWT tokens (4-hour expiry). 2FA challenge tokens are IP-bound and expire in 5 minutes. Rate limiting on all authentication endpoints.

Every trade, deposit, withdrawal, refund, and admin action writes to an immutable event log with timestamps, IP addresses, and actor identification.

OFAC SDN list screening on every signup. Jurisdiction blocking for restricted territories. Ongoing compliance monitoring.