Security Model
How Smart Trade protects your funds.
Your keys, your control
- The agent wallet is ephemeral — generated in-browser and stored only in
sessionStorage. It disappears when you close the tab. - Your private key never leaves your browser and never touches any server.
- Agent approval is scoped: it can only trade on your behalf — it cannot withdraw funds.
- You can revoke agent approval at any time directly from the app.
No backend, no custody
- Smart Trade is a client-side application — all signing happens in your browser.
- There is no server between you and Hyperliquid.
- Orders are submitted directly to Hyperliquid L1 via EIP-712 signatures.
- Your wallet connection (MetaMask / WalletConnect) handles all Arbitrum transactions.
Builder fees are protocol-native
- The builder fee is a Hyperliquid protocol feature — not a custom contract.
- Fee: 0.01% (1 basis point) per trade — attached transparently to each order.
- Builder approval is an on-chain action you can verify on Hyperliquid explorer.
- You approve a maximum fee, not unlimited access.
Open source
- This frontend is open source: github.com/elCanosail/hermes-trade
- "Don't trust, verify" — you can audit every line of code.
- The trading bot, signal engine, and wallet selection remain proprietary. Publish the thesis. Charge for the execution.
What we don't do
- We don't store your private keys.
- We don't have withdrawal permissions.
- We don't run a backend that processes your trades.
- We don't collect personal data beyond what your wallet exposes.
Questions? Reach out on Telegram or Twitter.
Go to Smart Trade →