All DocsWhat is Solana Copy Trading?Getting Started with StratiumHow Stratium WorksTrading Strategies ExplainedBrowsing Strategy ResultsLive Trade FeedProfit SimulatorTelegram Bot GuideUser Dashboard (Web App)P&L Analytics & Performance TrackingDeposits and WithdrawalsSecurity & Non-Custodial ModelRisk ManagementSupported DEXes and TokensFrequently Asked Questions
Trust & Safety
5 min read

Security & Non-Custodial Model

How Stratium protects your funds — non-custodial architecture, AES-256 encryption, wallet isolation, and more.

TL;DR: Stratium is non-custodial — your private key is encrypted with AES-256-GCM and only decrypted for milliseconds during transaction signing. Stratium can execute trades (buy/sell tokens) in your wallet but is architecturally unable to withdraw your funds to an external address. If Stratium shuts down, your wallet remains accessible via Phantom or Solflare using your private key.

Is Stratium safe to use — what does non-custodial mean?

Stratium is a non-custodial trading bot. Non-custodial means you retain ownership and control of your private keys and funds at all times — the platform cannot move your money without your explicit authorization.

Concretely, this means:

  • Your keys, your crypto — You have a dedicated Solana wallet that only you control
  • Stratium cannot withdraw your funds — The platform is architecturally designed so that no one at Stratium can initiate a transfer of your funds to an external address
  • No pooled funds — Your wallet is completely separate from every other user's wallet
  • Full transparency — Every trade is an on-chain Solana transaction you can verify on Solscan or Solana Explorer

This is fundamentally different from centralized copy trading platforms where you deposit funds into a shared pool controlled by the company — the collapse of FTX in November 2022 demonstrated the catastrophic risk of that model.

How does Stratium protect my private key?

When your wallet is created, the private key goes through a secure encryption pipeline before it ever touches persistent storage.

AES-256-GCM encryption

Your private key is encrypted using AES-256-GCM (Advanced Encryption Standard with 256-bit keys in Galois/Counter Mode). This is the encryption standard specified by NIST FIPS 197 and used by:

  • The U.S. government for classified information
  • Banks for securing financial transactions
  • Military-grade communication systems worldwide

The 256-bit key size means there are 2²⁵⁶ possible keys — brute-force cracking is computationally infeasible with any foreseeable technology.

Separation of key and data

The encrypted private key is stored in the database. The encryption key itself is stored separately as a secure environment variable — never in the database, never in application code, never in logs. An attacker who obtained the database would have the encrypted key but not the means to decrypt it.

Momentary decryption only

Your private key is decrypted only for the brief moment needed to sign a transaction. The decrypted key exists in memory for milliseconds and is immediately discarded after signing. It is never written to disk, never logged, and never transmitted across the network in plaintext.

Can Stratium access or steal my funds?

No — and the architecture enforces this, not just policy. Here is the precise capability table:

Action Can Stratium Do This?
Execute trades in your wallet (buy/sell tokens) Yes — this is the core function
View your balance and token positions Yes — required for trade sizing
Withdraw your funds to an external address No — withdrawal requires a signed instruction you initiate
Access your raw private key No — keys are encrypted; the decrypted key exists only momentarily during signing
Move funds between user wallets No — wallets are completely isolated from each other
Freeze or lock your wallet No — your wallet is a standard Solana keypair

The withdrawal restriction is enforced at the architecture level, not the policy level. The copy trading engine only builds and signs swap transactions — it does not have code paths for constructing withdrawal transfer instructions.

Are my funds kept separate from other users?

Yes. Every Stratium user gets their own individual Solana wallet (a unique keypair):

  • No shared wallets — Your funds are never mixed with other users' funds in a liquidity pool or shared account
  • Independent execution — Your trades are signed and submitted independently; your transactions have no dependency on other users' wallets
  • No counterparty risk from other users — Even if another user's account were compromised, your wallet remains completely unaffected

What happens to my funds if Stratium goes down?

Because your wallet is a standard Solana keypair, it exists on the blockchain independently of Stratium's infrastructure:

  • Your tokens remain in your wallet regardless of Stratium's uptime
  • You can export your private key from within the platform and import it into Phantom, Solflare, or any Solana wallet application
  • Your funds are never at risk due to platform downtime, maintenance, or even permanent shutdown

This is the core advantage of the non-custodial model: the platform is a tool, not a custodian.

What security best practices should I follow?

While Stratium handles the technical security of your private key, your Telegram account is the primary access control for your Stratium wallet:

  1. Enable 2FA on Telegram — Your Telegram account is linked to your Stratium wallet; two-factor authentication prevents unauthorized access (Telegram 2FA guide)
  2. Do not share your Telegram account — Anyone with access to your Telegram account can access your Stratium portfolio
  3. Start with a small deposit — Test the system with an amount you are comfortable with before committing larger sums
  4. Withdraw profits regularly — Do not keep more in your trading wallet than you are willing to have actively traded
  5. Verify transactions on-chain — Check trade signatures on Solscan to confirm every trade matches what the bot reported

How is Stratium's infrastructure secured?

Beyond wallet-level security, Stratium's infrastructure includes:

  • Encrypted database connections — All data in transit is encrypted via TLS
  • Environment variable isolation — Secrets (encryption keys, API keys, service tokens) are managed via secure environment variables — never hardcoded
  • Microservice architecture — Services are isolated containers; a compromise of one service does not automatically grant access to others
  • Inter-service authentication — Internal API calls between services require a shared service authentication token; unauthenticated requests are rejected with HTTP 403
  • Regular security reviews — Code and infrastructure are reviewed for vulnerabilities

Learn more

  • Risk Management — How to control trade sizes and limit exposure
  • How Stratium Works — Technical architecture of the execution pipeline
  • FAQ — Common security questions answered in detail
Previous
Deposits and Withdrawals
Next
Risk Management

Ready to start trading?

Get started with Stratium in under 30 seconds via Telegram.

Start Trading