What SIWE does
When you click "Connect wallet" we ask you to sign a one-time off-chain message. That signature proves you control the address. We create a session keyed to that address. Nothing is broadcast on-chain. No gas. No password.
No password means no password database. No email means no email-list breach (looking at you, every B2C SaaS in 2024).
Where this stops
SIWE is the platform auth. Your exchange still has its own login + KYC — Smartbull never touches that. We connect to the exchange via the API key you paste into /account → Vault.
If you want to receive trade alerts, you can opt-in to Telegram on /account → Notifications. That's the only place we'll ask for any out-of-band identifier, and it's optional.
What if I lose access to the wallet?
We can't recover a wallet for you — that's the trade-off of self-custody auth. We recommend either:
- A hardware wallet (Ledger / Trezor) with seed phrase stored offline.
- A multisig (Safe) controlled by 2-of-3 of your keys.
Either way, the only thing tied to your Smartbull account is the address. Re-connect from a recovered wallet and your account, history, and bot config are all there.