EARLY ACCESS·bitcoiners-dca is live — automate your AED-to-BTC stacking·Get launch pricing →

Security & custody

You keep custody. Always.

You're trusting a DCA bot with access to your exchange account, so you deserve to know exactly how it's built. The short version: trade-only keys, no custody, encrypted at rest, open source. The bot cannot withdraw your Bitcoin — that power never leaves your hands.

Trade-only keys — the bot can't move your Bitcoin

The bot only ever needs Trade scope: enough to place buys, never enough to withdraw. Your coins physically cannot leave your exchange via the bot. This is the single most important guarantee, and it's enforced by the exchange, not by us.

No custody — your keys, your funds

We never hold your Bitcoin or your AED. The bot is software that acts on your own exchange account. If we disappeared tomorrow, your funds are exactly where they were — on your exchange, under your control.

Keys encrypted at rest (Fernet)

Your exchange API keys are stored encrypted with Fernet (AES-128-CBC + HMAC), decrypted only in memory at trade time. Raw keys and secrets are never written to logs.

IP-whitelisting

Lock your API key to the bot's outbound IP at the exchange, so the key is useless from anywhere else — shown to you in the dashboard when you connect an exchange.

Manual withdrawals only

You decide when to sweep to cold storage. To enable withdrawals you whitelist your own hardware-wallet address at the exchange first, so funds can only flow to an address you own. No daemon moves your coins automatically.

Open source — audit it yourself

MIT-licensed and public on GitHub. Read every line, or self-host the free tier. No black box.

The one thing to understand: trade-only keys

Exchange API keys come with scopes. A trade-only key lets software place orders but not withdraw funds. That's the only scope the bot needs to dollar-cost-average for you. So the worst a fully-compromised key could do is make trades on your existing balance — it can never move your Bitcoin off the exchange. Withdrawals stay manual, gated behind a separately-added scope and an address you whitelist yourself.

This is why "manual withdraw only" is a feature, not a limitation: there is no automated path for your coins to leave your control.

Honest about risk

No software is risk-free, and we won't pretend otherwise. Bitcoin itself is volatile; exchanges can have outages; you are responsible for your own account security (use a strong exchange password and 2FA). What we control, we've built to fail safe — and because the code is open source, you don't have to take our word for any of it.

Stack with confidence

Trade-only keys, no custody, your wallet. The DCA bot automates AED → BTC across your exchanges and sweeps to your own hardware wallet. AED 49/mo with a 7-day free trial, or self-host free.

See the DCA bot →