Security & Roadmap

Security Model

Understand the permission model, default safety posture, and trading guardrails for AI-assisted access.

View as Markdown

AI-assisted trading access must be safer than ordinary automation because user intent is expressed in natural language.

Required permission scopes

ScopeAllows
market:readPublic market data and rule resources.
account:readBalances, positions, open orders, fills, and account summaries.
order:writeOrder creation, amendment, and cancellation.

Default safety posture

  • Default to read-only.
  • Default to testnet.
  • Do not expose withdrawals or transfers through AI tools.
  • Require preview before create.
  • Require explicit confirmation before mainnet trading.
  • Use idempotency keys for trading actions.
  • Apply max notional and leverage limits.
  • Keep complete audit logs.

Controlled trading flow

User natural language intent
  -> AI maps intent to tool parameters
  -> 6mm_preview_order validates the order
  -> service returns risk checks and margin impact
  -> user explicitly confirms
  -> 6mm_create_order submits the order
  -> audit log records the full flow

Prompt injection protection

AI clients and MCP servers should treat external content as untrusted. Market pages, copied text, documents, and web content must not override tool permissions, confirmation rules, or trading limits.