Understand multi-layered security architecture, financial risk controls, and best practices for safe trading.
Security and risk management form the foundation of responsible automated trading. While Agentical provides powerful tools for capturing opportunities, protecting your capital and maintaining operational security remain paramount. This page covers the multi-layered security architecture, risk control mechanisms, and best practices that keep your assets safe while trading autonomously.
Security Architecture
Wallet Security Model
Agentical operates on a non-custodial model where you maintain complete control of your assets.
Non-Custodial Architecture:
Connection Security:
Platform Security Measures
Multiple security layers protect the Agentical platform and your interactions.
Infrastructure Security:
Authentication & Access Control:
Financial Risk Controls
Budget & Spending Limits
Multiple financial guardrails prevent overexposure and capital depletion.
Budget Control Hierarchy:
Limit Enforcement Example:
Position Risk Management
Controls that limit exposure per position and across portfolio.
Every token undergoes security screening before trading approval.
Security Screening Process:
Security Red Flags:
User Security Best Practices
Account Protection
Steps you should take to maintain account security.
Security Checklist:
Recognizing Threats
Common security threats and how to avoid them.
Threat Awareness:
Risk Mitigation Strategies
Conservative Risk Approach
Recommendations for risk-averse users.
Conservative Configuration:
Balanced Risk Approach
Moderate risk tolerance with growth focus.
Balanced Configuration:
Emergency Procedures
Account Compromise Response
Steps to take if you suspect account security breach.
Immediate Actions:
The Security Foundation
Security and risk control aren't features you enable—they're the foundation upon which Agentical operates. Every transaction requires your explicit approval through wallet signing. Every position carries automatic stop-loss protection. Every token undergoes security screening before trading consideration. Every operational parameter respects configured limits.
The multi-layered approach ensures that even if one control fails, multiple backups provide redundancy. From wallet custody you never relinquish, to budget limits that prevent overexposure, to security screening that blocks obvious scams, to monitoring systems that detect anomalies—each layer adds protection while preserving the autonomous efficiency that makes automated trading valuable.
Safe trading isn't about avoiding all risk—it's about understanding, measuring, and controlling risk within acceptable boundaries while maintaining operational security that protects your assets and account integrity.
WALLET SECURITY PRINCIPLES
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Your Wallet (You Control):
├─ Private keys: NEVER shared with Agentical
├─ Seed phrase: NEVER requested or stored
├─ Asset custody: Always in your wallet
├─ Withdrawal control: Only you can withdraw
└─ Full sovereignty: Complete ownership
Agentical Access (Limited):
├─ Transaction approval: Required for each trade
├─ Read permissions: View balance & history
├─ Execute trades: Submit signed transactions
├─ NO direct control: Cannot move funds without approval
└─ Revocable: Disconnect wallet anytime
Security Flow:
┌────────────────────────────────────────┐
│ 1. Agent identifies opportunity │
│ 2. Constructs transaction │
│ 3. Requests wallet signature │
│ 4. YOU control: Approve or reject │
│ 5. Only approved transactions execute │
└────────────────────────────────────────┘
What This Means:
✓ Your keys never leave your wallet
✓ Agentical cannot access funds directly
✓ Each transaction requires authorization
✓ You can revoke access instantly
✓ No custodial risk
WALLET CONNECTION PROTOCOL
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Authentication Flow:
1. User initiates connection
2. Wallet presents authorization request
3. User approves connection
4. Encrypted session established
5. Permission scope defined
Permissions Granted:
✓ View public address
✓ View token balances
✓ View transaction history
✓ Request transaction signatures
✗ Access private keys (NEVER)
✗ Execute without approval (NEVER)
✗ Withdraw to other addresses (NEVER)
Session Security:
├─ Encrypted communication (TLS 1.3)
├─ Session tokens expire regularly
├─ Auto-disconnect on inactivity
├─ Re-authentication for sensitive actions
└─ Disconnect option always available
Red Flags to Watch:
⚠ Any request for seed phrase
⚠ Any request for private keys
⚠ Requests to approve suspicious contracts
⚠ Unexpected transaction requests
⚠ Withdrawal to unknown addresses
PLATFORM SECURITY LAYERS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Layer 1: Network Security
├─ TLS 1.3 encryption for all connections
├─ DDoS protection and rate limiting
├─ Geographic redundancy
├─ Firewall and intrusion detection
└─ Regular security audits
Layer 2: Application Security
├─ Input validation and sanitization
├─ SQL injection prevention
├─ XSS protection
├─ CSRF token implementation
└─ Secure session management
Layer 3: API Security
├─ Authentication required for all endpoints
├─ Rate limiting per user
├─ Request signing and verification
├─ IP allowlisting (optional)
└─ Anomaly detection
Layer 4: Data Security
├─ Encryption at rest (AES-256)
├─ Encryption in transit (TLS 1.3)
├─ No storage of sensitive wallet data
├─ Regular security backups
└─ Access logging and monitoring
Layer 5: User Isolation
├─ Separate execution environments
├─ No cross-user data access
├─ Resource quotas enforced
├─ Activity sandboxing
└─ Independent security contexts
FINANCIAL LIMIT STRUCTURE
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Level 1: Per-Trade Limit
├─ Maximum: 1.0 SOL (example)
├─ Applies to: Each individual trade
├─ Cannot exceed: This amount per entry
├─ Purpose: Control position sizing
└─ Override: Requires manual approval
Level 2: Daily Spending Limit
├─ Maximum: 5.0 SOL (example)
├─ Applies to: 24-hour rolling period
├─ Resets: Every 24 hours from start
├─ Includes: All executed trades
└─ Behavior: Agent pauses when reached
Level 3: Weekly Limit (Optional)
├─ Maximum: 20.0 SOL (example)
├─ Applies to: 7-day rolling period
├─ Purpose: Extended timeframe control
└─ Useful for: Conservative strategies
Level 4: Reserve Balance
├─ Minimum: 2.0 SOL (always untouched)
├─ Purpose: Emergency fund, network fees
├─ Protected: Agent cannot use
└─ Safety net: Always available
Level 5: Maximum Portfolio Exposure
├─ Maximum: 60% of total balance
├─ Remaining: 40% stays liquid
├─ Purpose: Prevent full capital deployment
└─ Flexibility: Maintain trading ability
Hierarchy Enforcement:
All limits must be respected simultaneously.
Most restrictive limit takes precedence.
BUDGET LIMIT SCENARIO
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Wallet Balance: 10.0 SOL
Configured Limits:
├─ Per-Trade: 0.5 SOL
├─ Daily: 3.0 SOL
├─ Reserve: 2.0 SOL
└─ Max Exposure: 60% (6.0 SOL)
Available for Trading: 8.0 SOL
(10.0 total - 2.0 reserve)
Trade Execution Log:
09:00 - Trade 1: 0.5 SOL ✓
Daily used: 0.5/3.0 (17%)
10:30 - Trade 2: 0.5 SOL ✓
Daily used: 1.0/3.0 (33%)
12:15 - Trade 3: 0.5 SOL ✓
Daily used: 1.5/3.0 (50%)
14:45 - Trade 4: 0.5 SOL ✓
Daily used: 2.0/3.0 (67%)
16:20 - Trade 5: 0.5 SOL ✓
Daily used: 2.5/3.0 (83%)
18:00 - Trade 6: 0.5 SOL ✓
Daily used: 3.0/3.0 (100%)
18:30 - Trade 7: BLOCKED
Reason: Daily limit reached
Status: Agent paused until tomorrow
Next Trade Available: 09:00 tomorrow
POSITION RISK PARAMETERS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Stop-Loss Protection:
├─ Type: Fixed percentage or price
├─ Default: -15% from entry
├─ Adjustable: Yes (per position)
├─ Enforcement: Automatic execution
└─ Override: Manual close only
Take-Profit Targets:
├─ Type: Fixed or scaled exits
├─ Default: +40% from entry
├─ Strategy: Single or multiple targets
├─ Execution: Automatic when hit
└─ Adjustment: Allowed during hold
Time-Based Exits:
├─ Maximum hold: 48-72 hours (typical)
├─ Purpose: Prevent indefinite holds
├─ Action: Force exit if not profitable
├─ Override: Manual extension possible
└─ Reasoning: Capital efficiency
Position Sizing Limits:
├─ Per position: 0.5 SOL (example)
├─ Vs liquidity: Max 5% of pool
├─ Risk-adjusted: Varies by risk score
├─ Dynamic: Adapts to conditions
└─ Purpose: Prevent overconcentration
PORTFOLIO RISK MANAGEMENT
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Maximum Simultaneous Positions:
├─ Limit: 3 positions (example)
├─ Purpose: Manageable diversification
├─ Risk: Prevents over-diversification
├─ Focus: Quality over quantity
└─ Benefit: Better position monitoring
Correlation Limits:
├─ Check: Similar token exposure
├─ Action: Reject correlated positions
├─ Purpose: True diversification
├─ Example: Limit dog-themed meme coins
└─ Flexibility: Configurable strictness
Maximum Drawdown Trigger:
├─ Threshold: -20% from peak (example)
├─ Action: Pause agent automatically
├─ Purpose: Limit losing streaks
├─ Recovery: Manual review required
└─ Reset: After analysis and adjustment
Daily Loss Limit:
├─ Maximum: -1.0 SOL per day (example)
├─ Action: Stop trading for remainder
├─ Purpose: Prevent cascade losses
├─ Reset: Next trading day
└─ Override: Requires manual approval
Portfolio Heat:
├─ Calculation: Sum of all position risks
├─ Maximum: 100% (all risk deployed)
├─ Typical: 30-60% utilization
├─ Action: New trades blocked if exceeded
└─ Purpose: Reserve capacity for opportunities
EXECUTION SAFETY CHECKS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Pre-Trade Validation Checklist:
✓ Wallet Connection Active
✓ Sufficient SOL Balance
✓ Budget Limits Not Exceeded
✓ Position Slots Available
✓ Token Liquidity Sufficient
✓ Criteria Met Completely
✓ Risk Score Acceptable
✓ No Conflicting Positions
✓ Network Conditions Normal
✓ RPC Nodes Responsive
Any Failed Check = Trade Blocked
Real-Time Checks:
├─ Liquidity depth verification
│ └─ Reject if pool <2x position size
├─ Price impact estimation
│ └─ Reject if impact >5%
├─ Token contract validation
│ └─ Reject if honeypot detected
├─ Slippage tolerance check
│ └─ Retry if exceeded, fail after 3x
└─ Network fee affordability
└─ Reject if fees >2% of trade
Post-Execution Verification:
├─ Transaction confirmation received
├─ Tokens received correctly
├─ Entry price within tolerance
├─ Position recorded accurately
└─ Monitoring activated successfully
TOKEN SECURITY EVALUATION
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Contract Security Checks:
Ownership Analysis:
├─ Owner wallet status
│ ├─ Renounced: ✓ Best (no owner)
│ ├─ Locked: ✓ Good (timelocked)
│ └─ Active: ⚠ Requires scrutiny
├─ Mint authority
│ ├─ Disabled: ✓ Safe
│ ├─ Locked: ⚠ Acceptable
│ └─ Active: ✗ High risk
└─ Update authority
├─ Revoked: ✓ Safe
└─ Active: ⚠ Risk present
Liquidity Security:
├─ LP tokens locked: Required ✓
├─ Lock duration: Minimum 30 days
├─ Lock provider: Verified service
├─ Lock percentage: 100% preferred
└─ Verification: On-chain confirmed
Function Analysis:
├─ Hidden functions: Detected & flagged
├─ Backdoors: Pattern matching
├─ Honeypot detection: Automated test
├─ Transfer restrictions: Identified
└─ Fee mechanisms: Analyzed for abuse
Blacklist Checking:
├─ Known scam contracts: Database check
├─ Developer history: Track record
├─ Similar scam patterns: ML detection
├─ Community reports: Aggregated
└─ Real-time updates: Continuous feed
AUTOMATIC REJECTION TRIGGERS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Critical Red Flags (Auto-Reject):
✗ Known scam contract address
✗ Honeypot detection confirmed
✗ Unlimited mint authority active
✗ Hidden malicious functions detected
✗ Developer blacklisted
✗ No liquidity lock (>1 SOL pool)
✗ Contract ownership not renounced (high cap)
Warning Flags (Requires High Score):
⚠ Liquidity lock <30 days
⚠ Low holder count for age
⚠ Top holder >8% concentration
⚠ Recent similar token rug pulled
⚠ Copy of existing token
⚠ Suspicious wallet patterns
Example Security Scan:
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Token: EXAMPLE
Contract Analysis:
✓ Owner: Renounced
✓ Mint: Disabled
✓ Update: Revoked
✓ No hidden functions
✓ Standard transfer logic
✓ No honeypot patterns
Liquidity Analysis:
✓ 47 SOL locked
✓ Duration: 90 days
✓ Provider: Team Finance (verified)
✓ 100% locked
Blacklist Check:
✓ Not in scam database
✓ Developer: Clean history
✓ No similar scam patterns
Security Score: 95/100 (Excellent)
Approval: SAFE TO TRADE
USER SECURITY GUIDELINES
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Wallet Security:
☑ Use hardware wallet (Ledger/Trezor)
☑ Never share seed phrase with anyone
☑ Store seed phrase offline, securely
☑ Use strong wallet password
☑ Enable wallet 2FA if available
☑ Verify transaction details before signing
☑ Disconnect wallet when not in use
Platform Security:
☑ Verify official Agentical URL
☑ Bookmark authentic site
☑ Watch for phishing attempts
☑ Enable email notifications
☑ Review permissions granted
☑ Monitor account activity regularly
☑ Report suspicious behavior immediately
Computer Security:
☑ Keep OS and browser updated
☑ Use antivirus/antimalware software
☑ Avoid public WiFi for trading
☑ Use VPN for enhanced privacy
☑ Clear browser cache regularly
☑ Don't save passwords in browser
Operational Security:
☑ Start with small budgets initially
☑ Test strategies thoroughly
☑ Monitor agent activity regularly
☑ Don't share account details
☑ Be skeptical of "support" messages
☑ Verify any Agentical communications
COMMON THREATS & DEFENSES
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Phishing Attempts:
Threat: Fake Agentical sites, emails, messages
Signs:
├─ Misspelled URLs (agentical.io vs agentlcal.io)
├─ Requests for seed phrases
├─ Urgent security warnings
├─ Unsolicited "support" contacts
└─ Links to unofficial sites
Defense:
✓ Bookmark official site
✓ Verify URL before connecting wallet
✓ Never share seed phrase
✓ Contact official support only
✓ Be skeptical of urgent messages
Smart Contract Exploits:
Threat: Malicious token approvals
Signs:
├─ Requests to approve unknown contracts
├─ Unlimited spending approvals
├─ Transactions to unfamiliar addresses
└─ Unexpected token transfer requests
Defense:
✓ Review all transaction details
✓ Only approve Agentical transactions
✓ Use limited approvals when possible
✓ Revoke unused approvals regularly
✓ Maintain hardware wallet verification
Social Engineering:
Threat: Impersonators seeking access
Signs:
├─ "Support" asking for credentials
├─ Offers too good to be true
├─ Pressure to act immediately
├─ Requests for remote access
└─ Fake team members
Defense:
✓ Never share account details
✓ Verify through official channels
✓ Ignore unsolicited messages
✓ No legitimate support needs your keys
✓ Report impersonators immediately
Malware & Keyloggers:
Threat: Software stealing credentials
Signs:
├─ Unexpected system slowness
├─ Unknown programs running
├─ Unauthorized transactions
├─ Wallet access from unknown devices
└─ Suspicious browser behavior
Defense:
✓ Use hardware wallet (immune to keyloggers)
✓ Keep antivirus updated
✓ Don't download unknown software
✓ Verify all software sources
✓ Regular security scans
LOW-RISK SETUP
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Strategy: Conservative Template
Capital Allocation:
├─ Maximum Portfolio: 30% of total holdings
├─ Per-Trade: 0.1-0.3 SOL
├─ Daily Limit: 1.0-2.0 SOL
├─ Reserve: 50% of wallet (untouchable)
└─ Emergency fund: Always maintained
Risk Parameters:
├─ Minimum risk score: 75/100
├─ Stop-loss: -10% (tight)
├─ Take-profit: +25-35% (realistic)
├─ Max positions: 2 simultaneous
└─ Max hold time: 24 hours
Token Criteria:
├─ Minimum holders: 1,500+
├─ Maximum top holder: 3%
├─ Liquidity lock: Required (90+ days)
├─ DEX listing: Required
├─ Twitter verified: Required
├─ Token age: 12-72 hours (established)
└─ Contract: Must be renounced
Monitoring:
├─ Check dashboard: 2-3 times daily
├─ Review trades: Daily
├─ Strategy adjustment: Weekly
├─ Performance evaluation: Monthly
└─ Risk tolerance review: Quarterly
Expected Profile:
├─ Trade frequency: 2-4 per week
├─ Win rate target: 65-75%
├─ Average profit: +20-30%
├─ Maximum drawdown: <10%
└─ Monthly return: +10-20%
MODERATE-RISK SETUP
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Strategy: Balanced Template
Capital Allocation:
├─ Maximum Portfolio: 50% of total holdings
├─ Per-Trade: 0.3-0.7 SOL
├─ Daily Limit: 3.0-5.0 SOL
├─ Reserve: 25% of wallet
└─ Active trading capital: 50%
Risk Parameters:
├─ Minimum risk score: 65/100
├─ Stop-loss: -15% (standard)
├─ Take-profit: +40-60%
├─ Max positions: 3 simultaneous
└─ Max hold time: 48 hours
Token Criteria:
├─ Minimum holders: 1,000+
├─ Maximum top holder: 5%
├─ Liquidity lock: Preferred
├─ DEX listing: Preferred
├─ Social presence: Required
├─ Token age: 4-48 hours
└─ Contract: Reviewed for safety
Monitoring:
├─ Check dashboard: Daily
├─ Review trades: 2-3 times weekly
├─ Strategy adjustment: Bi-weekly
├─ Performance evaluation: Monthly
└─ Risk adjustment: As needed
Expected Profile:
├─ Trade frequency: 5-10 per week
├─ Win rate target: 55-65%
├─ Average profit: +30-50%
├─ Maximum drawdown: <15%
└─ Monthly return: +20-40%
SECURITY BREACH PROTOCOL
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
IMMEDIATE (Within Minutes):
1. Disconnect wallet from Agentical
2. Emergency stop all agents
3. Close all open positions
4. Move funds to secure wallet
5. Document suspicious activity
SHORT-TERM (Within Hours):
6. Change all related passwords
7. Review transaction history
8. Check for unauthorized approvals
9. Revoke all token approvals
10. Contact Agentical support
MEDIUM-TERM (Within Days):
11. Security audit of devices
12. Malware scan all systems
13. Review access logs
14. Assess total damage
15. Report to authorities if needed
LONG-TERM (Ongoing):
16. Implement enhanced security
17. Use hardware wallet moving forward
18. Enable all security features
19. Monitor for further issues
20. Learn from the incident
