Nutcracker Bot (the “Software”) is a non-custodial software-as-a-service (SaaS) utility provided by Aleph Strategy. The Software enables users to automate their own trading strategies via third-party exchange APIs. Aleph Strategy is a technology provider, not a financial institution, broker-dealer, or investment advisor.
The Software requires Spot-Only, No-Withdrawal API permissions to function. Users must never provide API keys with withdrawal, transfer, or margin permissions. Aleph Strategy never has custody of, or access to, user funds. All assets remain in the user's personal exchange account at all times. Users are solely responsible for managing their API security and exchange-level permissions. In the current pilot phase, the Software performs a technical validation check at initialisation to reject API keys carrying withdrawal permissions. Users are advised to verify correct permission scoping at the exchange level before provisioning keys to the Software.
Nutcracker Bot is currently in an Early-Stage Beta (Research & Development) phase. While extensively tested in live environments, the Software is provided on an “AS-IS” and “AS-AVAILABLE” basis. Users acknowledge that early-stage software may contain bugs, experience downtime, or encounter API connectivity issues. By using the Software, you accept all risks associated with testing pre-commercial financial technology.
All strategies, ML feedback loops, and performance metrics displayed on this site are for informational and educational purposes only. Nothing on this website or within the Software constitutes investment, financial, or legal advice. Nutcracker Bot executes trades based on user-defined parameters and mathematical models. Past performance is not a guarantee of future results.
Cryptocurrency trading involves substantial risk of loss. While Nutcracker Bot employs a Spot-Only (No-Leverage) philosophy to mitigate liquidation risks, market volatility can still result in loss of principal. Users should only trade with capital they can afford to lose. Aleph Strategy is not liable for any trading losses incurred through the use of the Software.
Aleph Strategy is a participant/applicant in the Portugal FinLab (7th Edition). We are actively working with Banco de Portugal and CMVM to ensure alignment with the MiCA regulatory framework. Our current operation is strictly limited to technical R&D and non-regulated software delivery.
Last Updated: May 2026
At Nutcracker (by Aleph Strategy), we operate on a “Security by Design” principle. Our non-custodial architecture ensures that we never have human access to your funds or unencrypted credentials.
We collect the minimum data required to operate the Software. All data is revocable: closing your account and instance permanently purges all associated data from our systems. No third party is given access to your data at any time.
Future SaaS architecture note: In commercial Client-Light and Client-Heavy implementations, exchange API keys, trading data, PnL records, and balance data will reside entirely at the client side — either in a cloud frontend (Client-Light) or on the account owner's local infrastructure (Client-Heavy). The backend will never hold such data directly, processing only the essential Just-In-Time (JIT) tokens required for individual trade placements and strategy execution logic.
API credentials are never stored in a traditional database. We use HashiCorp Vault for:
We use short-lived JSON Web Tokens (JWT) to protect your dashboard:
This site does not use persistent tracking cookies or third-party analytics services. Session management uses short-lived JWT tokens as described in Section 3. No behavioural or advertising tracking is performed.