Security

Your account connection should be easy to remove.

Cataldex is built to limit what it can access, protect saved credentials, and keep each member's data separate.

01

Connect at your broker

When supported, you approve Cataldex on the broker's website instead of pasting secret API keys into ours.

02

Encrypted connections

Broker access tokens are encrypted with a server key that is kept separate from the member database.

03

Protected passwords

Passwords are salted and hashed. Login sessions are random, expire, and are stored only as hashes.

04

Separate member data

Members can only load records that belong to their own account. Founder tools use a separate protected role.

05

Limited access

Broker connections request only the supported permissions and can be removed from Cataldex or the broker.

06

Activity you can inspect

System health, trade decisions, orders, and fills are recorded so problems can be found and reviewed.

An honest Beta

Security is ongoing work.

Cataldex Beta is not claiming SOC 2 certification or perfect protection. Live production access will require broker approval, HTTPS, regular secret rotation, backups, monitoring, an incident plan, and continued security testing.