SoarSoar
How It WorksSecurityAi Agents

Your keys, your bot: how Soar trades your account without ever holding your funds

A plain-English look at the custody model that lets an autonomous bot trade for you while your broker keys never touch Soar's servers.

The Soar Team
Signals, graded. Bots that trade only what clears the bar.
3 min read
Your keys, your bot: how Soar trades your account without ever holding your funds

Almost every product that promises to "trade for you" runs into the same uncomfortable question: to place an order on your account, something needs your broker's API keys. The usual answer is to hand them over and hope for the best. Soar's answer is different, and it's worth understanding before you deploy a single bot: your keys never touch Soar.

The problem with handing over your keys

The problem with handing over your keys — Your keys, your bot: how Soar trades your account without ever holding your funds

A broker API key is a real credential. Depending on the permissions you grant it, it can read balances, place trades, and in some cases move money. When a platform stores that key on its own servers, you're trusting not just their intentions but their entire security posture — every server, every log, every employee, forever.

We didn't want to ask for that trust, because we don't need it. The bot that trades on your account should run on infrastructure you own, not ours.

Where your bot actually lives

Where your bot actually lives — Your keys, your bot: how Soar trades your account without ever holding your funds

When you deploy a Soar bot, it doesn't run inside Soar. It runs in a runtime that belongs to you. For crypto and stock brokers like Kraken, Coinbase, Alpaca, Robinhood, Gemini, Binance.US, AsterDEX, and Hyperliquid, that's a Cloudflare Worker you own. For Interactive Brokers and Webull, it's your own DigitalOcean server. Either way, your API keys live only inside that runtime — the one you control.

Here's the part that matters: the bot signs its own orders. When a graded trade card clears the bar, your bot — using the keys that never left your runtime — sends the order to your broker directly. Soar is never in that path.

What Soar can and can't do

What Soar can and can't do — Your keys, your bot: how Soar trades your account without ever holding your funds

The relationship is intentionally lopsided. Soar's engine grades setups and sends signals; your bot decides, sizes, and executes. Soar can read what your bot reports back — its positions, its equity, whether a target hit — so you get a clean dashboard. But it has no ability to move your funds or place a trade with your keys.

  • Your broker keys live only in your own bot's runtime — a Cloudflare Worker or your own server.

  • The bot signs and submits its own orders; Soar never holds or transmits your keys.

  • Soar can read what your bot reports, but can never withdraw, transfer, or trade with your credentials.

  • The bot only ever opens new positions from graded cards — it never touches holdings you already own.

  • Every position is sized to your risk profile, capped for concentration, and protected by a broker-side stop.

The bot that trades on your account should run on infrastructure you own — not ours. That's the whole idea.

Learn it with fake money first

None of this asks you to trust it blind. You can start a bot in paper mode and watch a strategy trade with simulated capital — same graded cards, same entries, targets, and stops — with zero risk. When you're comfortable with how it behaves, you flip it to live. The custody model is the same either way: your account, your keys, your control.

You don't have to take our word for it. Spin up a paper bot, browse the community to see real strategies and their track records, or just ask the Copilot to walk you through a deploy. The keys stay yours the whole way.

SharePost

Related reading