Please report security issues privately. Do not open a public issue for a vulnerability.
- Use GitHub's private vulnerability reporting ("Report a vulnerability" under the Security tab), or
- email the maintainer.
Please include steps to reproduce and the potential impact. We aim to acknowledge reports within a few days.
This is a trading bot that can move real money. Treat its deployment as security-sensitive.
- Never commit
.env. It is gitignored — keep it that way. - If a key is ever exposed, rotate it immediately on the exchange / LLM provider.
- Create exchange API keys with trade-only permissions and no withdrawal access, and restrict them to your server's IP address.
- The API binds to
127.0.0.1only. This loopback bind is its primary security boundary. - By default the state-changing HTTP routes (
PUT /bot/paused,PUT /settings,PATCH /decisions/:id,POST /backtest/runs) are unauthenticated — acceptable only because they are loopback-only. - If you expose the API beyond loopback (reverse proxy, container port
mapping, LAN), you must set
API_AUTH_TOKENin.env. When set, every mutating request must carryAuthorization: Bearer <token>. Configure the dashboard with the matchingNEXT_PUBLIC_API_TOKEN. - CORS is restricted to
WEB_ORIGIN(defaulthttp://localhost:3000). Do not widen it to*.
- The bot only accepts commands and trade approvals from the chat configured
via
TELEGRAM_CHAT_ID. Messages from any other chat are ignored. - Do not add the bot to shared/group chats.
- Run with
PAPER=trueuntil you trust the system. - Keep dependencies patched: run
pnpm auditperiodically.