01
Non-custodial by design
Blackridge never holds a single dollar of your capital. All funds stay in your exchange account; we connect via read-and-trade API keys with withdrawals disabled.
Security modelNon-custodial
Your keys, your funds, your audit trail.
Blackridge never custodies a dollar. We connect to your exchange via a read-and-trade API key, refuse keys with withdrawal scope, and log every action we take on your behalf to an append-only ledger.
0Funds we custody
< 60 sBalance reconcile
OffWithdrawal scope
KMSKey encryption
The control set
Six controls, no exceptions.
The decisions baked into the codebase — not the marketing copy.
02
Keys sealed at the boundary
API keys are encrypted with a KMS-backed envelope in your browser before they hit our servers. Only the trading workers can decrypt — at order-placement time, never at rest.
03
Withdrawals always disabled
We validate the connected key’s permissions at registration. If the key has withdrawal scope, the connection is rejected with a clear remediation step.
04
Read-only secondary keys
For analytics and accounting integrations, you can attach a separate read-only key per exchange. The trading key never leaks into the dashboard’s viewer scope.
05
Immutable audit trail
Every order, fill, parameter change, and rebalance is logged with a timestamp and signed by the writer. Export to CSV in two clicks.
06
Infrastructure hygiene
No third-party trackers, no advertising pixels. We only collect what we need to run trading. Postgres rows are at-rest encrypted; backups are encrypted in transit.
Compliance roadmap
Stated plainly, not implied.
None of these are certified yet — this is the roadmap. We'd rather under-promise here than imply a badge we haven't earned.
| Framework | Status | Detail |
|---|---|---|
| SOC 2 Type II | Planned | On the roadmap — not yet under audit. |
| GDPR data rights | In progress | In-app export + delete being built out. |
| KYC / AML | Planned | Required before any paid billing goes live. |
| ISO 27001 | Planned | Roadmapped after SOC 2 Type II. |
Our commitments
What you can hold us to.
If we break one of these, write to security@blackridge.com — we'll make it right.
I.
Disclosure within 72 hours.
If we discover a security incident affecting your account or data, you’ll hear from us within 72 hours of confirmation — by email and in-app.
II.
No silent permission expansion.
If a new feature needs a permission scope we don’t already have on your API key, we ask before turning it on. No retroactive scope creep.
III.
Auditable code paths.
Order placement and risk-cap enforcement live in a versioned, signed service. Every release is hash-pinned in the audit log next to the trade it produced.
Responsible disclosure
Found a vulnerability?
We welcome responsible disclosure of vulnerabilities in the production stack. Email a reproducible proof-of-concept and we'll get back to you.
Read the documentationInclude reproduction steps and affected endpoints; we confirm receipt within one business day.
Run your first strategy on paper.
Open an account, validate a strategy against live market data without risking capital, and connect your exchange when the numbers convince you.
Open accountNo card · No custody · No performance fee