Non‑custodial & security

GRIDer is built so that you keep your funds and your keys. This page explains exactly what that means, what GRIDer can and cannot do with your account, and the security measures in place.

The non‑custodial model

There are two wallets involved:

  1. Your main wallet. Proves you own the account and keeps custody of your funds. Its private key never touches GRIDer's server — you only ever sign messages with it in your own browser.
  2. The agent wallet. A separate trading key that GRIDer creates and you approve on the exchange. It is what places your grid's orders.

The crucial property of the agent wallet:

It can trade, but it can never withdraw. GRIDer can place and cancel orders on your behalf. It cannot move, send, or withdraw your funds — not to itself, not to anyone. Even in a total compromise of GRIDer's infrastructure, your money cannot leave your account.

The agent wallet's private key is stored encrypted (AES‑256‑GCM) on the server. Your main key isn't stored at all.

You stay in control

  • Revoke any time. You can revoke the agent wallet directly on the exchange; GRIDer immediately loses all ability to act on your account.
  • Approvals expire. Agent approvals have a lifetime. As yours nears expiry GRIDer prompts you to re‑approve so running grids keep trading; it guards that flow so it doesn't disrupt active grids. See Account setup.

What GRIDer can and can't do

GRIDer can GRIDer cannot
Place and cancel orders for your grids Withdraw or transfer your funds
Read your balances, positions and fills Access your main wallet's private key
Close a grid's position at market Move funds to any other account
Approve its builder fee (with your signature) Trade outside the permissions you approved

Security measures

  • No passwords, no custody of secrets you'd reuse. Login is a wallet signature; there's no password to leak.
  • Session cookies are HttpOnly. Your session can't be read by scripts in the browser.
  • Encrypted secrets. The agent wallet key is encrypted at rest; nothing sensitive is written to logs.
  • Rate limiting on sensitive endpoints.
  • Audit log. Sensitive actions — terms acceptance, agent‑wallet and builder‑fee changes, grid create/start/stop/delete, and exit edits — are recorded.
  • Other security measures. Content Security Policy and CORS allowlist are active, not report‑only, to reduce injection and cross‑origin risks.

Honest residual risk

No system is risk‑free, and we won't pretend otherwise:

  • The security of the encrypted agent keys depends on a server‑side encryption key. A full breach of the server with that key would be serious — but even then, the worst an attacker could do is trade your grids, not withdraw your funds, because the exchange itself enforces the agent's trade‑only permission.
  • The biggest practical risk to you is the market risk of the strategy itself — a breakout against your grid — not custody. That's what Risk and range breakouts is about.

Your part

  • Keep your main wallet secure (hardware wallet recommended for larger size).
  • Only ever approve the agent wallet and builder fee prompts you initiated in GRIDer.
  • Be suspicious of anything — ever — that asks for withdrawal permission or your seed phrase. GRIDer never will.

Next: the FAQ.

results matching ""

    No results matching ""