Nutcracker Bot™ — Key Terms & Disclosures

1. Nature of the Service: Technical Infrastructure Only

Nutcracker Bot (the “Software”) is a non-custodial software-as-a-service (SaaS) utility provided by Automated Strategy. The Software enables users to automate their own trading strategies via third-party exchange APIs. Automated Strategy is a technology provider, not a financial institution, broker-dealer, or investment advisor.

2. Non-Custodial & “Execution-Only” Access

The Software requires Trade-Only API permissions to function. Users must never provide API keys with withdrawal or transfer permissions. Automated Strategy never has custody of, or access to, user funds. All assets remain in the user’s personal exchange account at all times. Users are solely responsible for managing their API security and exchange-level permissions.

3. Early-Stage Beta & R&D Disclaimer

Nutcracker Bot is currently in an Early-Stage Beta (Research & Development) phase. While extensively tested in live environments, the Software is provided on an “AS-IS” and “AS-AVAILABLE” basis. Users acknowledge that early-stage software may contain bugs, experience downtime, or encounter API connectivity issues. By using the Software, you accept all risks associated with testing pre-commercial financial technology.

4. No Financial Advice (Non-Solicitation)

All strategies, ML feedback loops, and performance metrics displayed on this site are for informational and educational purposes only. Nothing on this website or within the Software constitutes investment, financial, or legal advice. Nutcracker Bot executes trades based on user-defined parameters and mathematical models. Past performance is not a guarantee of future results.

5. Risk Acknowledgment (Spot-Only Focus)

Cryptocurrency trading involves substantial risk of loss. While Nutcracker Bot employs a Spot-Only (No-Leverage) philosophy to mitigate liquidation risks, market volatility can still result in loss of principal. Users should only trade with capital they can afford to lose. Automated Strategy is not liable for any trading losses incurred through the use of the Software.

6. Regulatory Bridge (Portugal FinLab)

Automated Strategy is a participant/applicant in the Portugal FinLab (7th Edition). We are actively working with Banco de Portugal and CMVM to ensure alignment with the MiCA regulatory framework. Our current operation is strictly limited to technical R&D and non-regulated software delivery.

Privacy & Security Policy

Last Updated: January 16, 2026

At Nutcracker (by Automated Strategy), we operate on a “Security by Design” principle. Our non-custodial architecture ensures that we never have human access to your funds or unencrypted credentials.

1. Data Minimization & Collection

We only collect the minimum data required to operate the Software:

  • Identity Data: Name and email for account authentication.
  • Execution Data: API Keys and Secret Keys provided by you (Trade-Only permissions required).
  • Log Data: Technical timestamps and IP addresses for security monitoring.

2. Industry-Leading Secrets Management (Vault Standard)

API credentials are never stored in a traditional database. We use HashiCorp Vault for:

  • AES-256-GCM encryption at rest
  • Just-in-time credential access via single-use tokens
  • Physical and logical isolation from web-facing components

3. Session Security & Transient Access (JWT)

We use short-lived JSON Web Tokens (JWT) to protect your dashboard:

  • Cryptographically signed sessions
  • Automatic expiration after brief inactivity
  • No persistent tracking cookies

4. Zero-Knowledge Infrastructure

  • TLS 1.3 encryption for all data in transit
  • No employee access to raw API secret keys
  • Decryption occurs only in volatile memory during execution

5. Your Rights & Data Portability (GDPR)

  • Right to Erasure: Deleting your account purges all encrypted secrets.
  • Data Portability: You may request a summary of your stored data at any time.