Help Center › Security

How AlgoVesta protects your API keys

You never give AlgoVesta your money — only a permission to place trades on your own exchange account.

  1. AES-256 encryption at rest. Keys are never stored or logged in plain text. Even with database access, they cannot be read.
  2. Trade-only permissions. During setup you only grant read + trade. The withdrawal permission category is never selected — so withdrawing funds via the API is technically impossible, not just against policy.
  3. Funds stay on your exchange. AlgoVesta has no custody. Your balance never leaves your own account.
  4. Instant revocation. Delete the key on your exchange at any moment — AlgoVesta loses access within seconds.
⚠️
If an exchange offers IP whitelisting you may enable it for extra protection — our server IPs are published at launch in the dashboard.
New to AlgoVesta? It runs your Telegram and TradingView signals across 16 exchanges and MetaTrader with trade-only API access — your funds always stay in your own custody.
Start free trial