# Risk & Security

### Your Keys, Your Crypto

* You control your private keys — platform cannot access your funds.
* Hot/Cold Wallet Architecture:
  * Cold Wallet → main funds, fully under your control
  * Hot Wallet → trading capital for AI agents, encrypted & limited
* Encryption: AES-256-GCM secures hot wallet keys.
* Web3 Authentication: Wallet login (MetaMask, WalletConnect), signature verification, no passwords.

***

### Risk Isolation

* Even if the hot wallet is compromised, your cold wallet remains safe.
* Only authorized trades are executed within your defined limits:
  * Max positions
  * Leverage limits
  * Position sizing
  * Cooldown periods

***

### Security Best Practices

* Hardware Wallet recommended (Ledger, Trezor).
* Keep software wallets secure (MetaMask, Rainbow).
* Never share your seed phrase or private keys.
* Fund hot wallet appropriately (e.g., 10% of total capital).
* Withdraw profits regularly from hot → cold wallet.

***

### Emergency Procedures

1. Hot Wallet Compromise: withdraw funds immediately, stop all agents.
2. Cold Wallet Compromise: transfer all funds to a new wallet, rotate keys, contact support.
3. Agents can never:
   * Withdraw from cold wallet
   * Trade beyond your configured limits
   * Access funds without your permission

***

### Why This Matters

* Full control over your crypto
* Minimized counterparty and operational risk
* Safe, non-custodial AI trading