Your funds never leave your wallet.
Elch Trade is an API-only service. We can place trades on your behalf, we can read your balance, and that is it. We cannot move funds out of your account, because we never ask for that permission.
Withdrawal permission is never requested
The setup flow refuses any API key that has Enable Withdrawals checked. If a service ever asks you to enable withdrawals, that is the moment to close the tab.
API secrets encrypted at rest
Your Binance API secret is encrypted at the database layer with a per-user rotating key. Server logs never contain the secret in readable form.
IP allowlisting required
You allowlist our trading server’s IP on Binance when you create the API key. Even if a key leaked, it cannot be used from anywhere else.
You revoke access in one click
From the Binance API page you can disable or delete the key any time. We do not have a way to stop you, because the key is yours.
What "API only" really means
When you connect Binance to Elch Trade, you give us a pair of strings — an API key and an API secret. With those strings and the right permission boxes checked, we can do exactly three things: read your balance, read your open orders, and place new futures orders. We cannot transfer funds out of your wallet, we cannot withdraw to an external address, and we cannot trade spot or margin pairs.
Binance enforces those limits. We have no special access. If you revoke the key on the Binance side, the connection ends immediately and there is nothing we can do about it.
What we do on our side
Your password is hashed with bcrypt and never stored in plain text. We cannot send you your old password because we do not know it. We can only let you set a new one.
Your API secret is encrypted at the database layer with AES-256. The decryption key is rotated and held outside the database server. A database dump alone is not enough to decrypt the secrets.
Every order placed on your behalf is logged with a timestamp, the symbol, the side, the size and the resulting fill. You can export the entire log from your trade history page.
Server access is restricted to two named operators with hardware-key 2FA. There is no shared SSH account.
Hosting and operations
The trading server runs on AWS EC2 in the eu-north-1 region (Stockholm, Sweden). We chose AWS specifically for the IP stability — your Binance API key’s allowlist points at a fixed IP that does not change.
Our database is encrypted at rest. Daily snapshots are kept for 30 days for disaster recovery. Snapshots are encrypted with the same key as the live database.
We do not use any third-party customer-data processor beyond what is listed on the privacy page.
What we cannot promise
Security is a moving target. We do our best, we patch known issues fast, but no system is unbreachable. If we ever experience a breach that affects your account, we will tell you the same day we know.
In the meantime: please use a unique password (a password manager is a great idea), enable Binance 2FA, never share your API secret with anyone, and create a Binance sub-account dedicated to bot trading if you can.
Ready to set up safely?
Follow the step-by-step Binance setup guide. About 90 seconds.