Documentation
How tradingarbor works, end-to-end. A complete walkthrough of the product for customers, accountants, and anyone evaluating the platform.
Overview
Trading Arbor automates three audited strategies — swing options, crypto trend, and credit spreads — on your own brokerage account. You set up your broker once, accept the risk disclosure, and the engines run autonomously. You watch the daily summary; you stay in control via paper-by-default, kill switches, and one-click cancel.
We never custody your funds. Your money stays at your broker (Schwab, Tastytrade, Alpaca, etc.). We sit between you and the broker as an API client — the same way TradingView or QuantConnect work, except instead of giving you a coding environment we ship the strategies fully-formed and audited.
This page documents how the system works end-to-end. Customers
get everything they need here. Developers evaluating an
acquisition or handoff who need architecture diagrams, engine
internals, backtest methodology, or deploy runbooks can request
access to the internal documentation at
founder@tradingarbor.com;
that surface is gated by a real auth wall on top of the
FOUNDER_EMAILS allowlist, not just URL secrecy.
Getting started
From signup to first paper trade in fifteen minutes.
- Sign up + verify. Create your account, accept the risk disclosure, set up two-factor authentication (TOTP via Google Authenticator / 1Password / Authy). Admins are required to enroll TOTP before the engines will spawn.
- Connect your broker. Generate API keys from Alpaca / Schwab / Tradier / Tastytrade / Tradestation / E*Trade. Paste them into the onboarding wizard. We test the connection and confirm the broker is reachable.
- Flip the switch. Engines start in paper mode by default. Watch a few days. When you're comfortable, flip individual engines to live mode (step-up MFA required).
Setup walkthrough lives at
/onboarding. The wizard
auto-resumes from wherever you left off.
Trading engines
Three independent engines. Each one's allocation is a hard percentage of your account; pause any of them without affecting the others.
Options Swing Engine
Long calls / long puts on equities at the 30-DTE, 0.70-delta slice. The engine scans a curated universe of ~300 large-cap tickers nightly. Entry triggers: 20-day breakout with a volume filter and a regime gate (SPY above its 200-SMA for calls; below for puts). Exits: partial-take at 2R/3R/4R, swing-low stops, 30-day time stop. Allocation: 90% of designated trading capital by default.
Crypto Trading Engine
Long-only trend-follow on BTC and ETH. Entry: 20-day breakout with SMA-20/50 alignment plus a BTC SMA-100 bear filter that pauses all crypto entries below the line. Exits: 8% hard stop, 30-day time stop, pyramiding two adds on confirmation, vol-target sizing (0.75x–1.5x). Allocation: 10% by default; runs 24/7 since crypto markets don't close.
Credit Spread Engine
Defined-risk short put / short call vertical spreads on liquid
underlyings. Theta-positive income with capped loss per spread.
Off by default — opt-in from
/settings once you're
comfortable with the other two engines.
Broker connections
Six supported brokers. Each has its own quirks; pick the one your account is already at.
| Broker | Stocks | Options | Crypto | Auth |
|---|---|---|---|---|
| Alpaca | ✓ | ✓ | ✓ | API key |
| Tradier | ✓ | ✓ | — | API key |
| Tastytrade | ✓ | ✓ | — | Username/password |
| Schwab | ✓ | ✓ | — | OAuth 2 |
| Tradestation | ✓ | ✓ | — | OAuth 2 |
| E*Trade | ✓ | ✓ | — | OAuth 1.0a |
If you trade crypto AND options, you'll connect Alpaca for crypto plus one of the others for options/equities. The dashboard handles both connections cleanly.
Credentials are encrypted at rest (AES-256-GCM, per-tenant data key wrapped by a master KEK stored in AWS KMS). Step-up MFA is required to view, rotate, or delete them.
Risk controls
Multiple defense layers:
- Paper-by-default. Every engine starts in paper mode. Flipping to live trading requires explicit opt-in per engine, with a step-up MFA prompt at the toggle.
- Per-engine kill switches. Pause crypto without pausing options, or vice versa, from the dashboard kill-switch panel. Engines pick up the change within 30s.
- Per-trade risk cap. Each engine sizes positions as a percentage of your account equity (typically 1–2%). The engine refuses to fire a signal that would exceed the cap.
- Drawdown halt. If account equity drops more than 15% from its rolling peak, the engines auto-halt new entries and notify the operator. Existing positions continue to be managed.
- Order bounds. Before any order reaches your broker, it passes through a sanity-check layer that rejects out-of-spec orders (size too large, price way off market, symbol not in the universe).
- Idempotent order submission. Each order carries a client-side ID so network retries can't double-fill.
Security & MFA
Defense-in-depth across the auth + credential surface:
- TOTP MFA required for admin accounts; viewer accounts can opt in. Compatible with Google Authenticator, 1Password, Authy, any RFC 6238 client.
- WebAuthn passkeys for hardware-key / biometric step-up (YubiKey, Touch ID, Windows Hello, Android fingerprint).
- Step-up re-auth on every sensitive write — broker credential changes, user role changes, paper/live toggle, kill-switch flips.
- Backup codes issued at MFA enrollment. Each works once; regenerate if compromised.
- Per-tenant encryption. AES-256-GCM data keys wrapped by an account-level KEK in AWS KMS. Server operator can't decrypt customer credentials without KMS authority.
- Rate limiting. 5 failed logins / 15 minutes per IP triggers a temporary lockout. MFA verify is rate-limited separately to defend against brute-force on the 6-digit code.
Manage your own MFA at /settings/mfa.
Daily summary
A morning email + an in-dashboard modal summarizing yesterday's account activity.
Contents:
- Account snapshot — equity, cash, buying power, day trades used
- Equity trend — today's change, last 7/30 days, current drawdown
- Per-engine 24h activity — trades closed, win rate, realized P&L
- Portfolio Greeks — net delta / theta / vega across options
- vs SPY benchmark (last 30d) — your return, SPY return, alpha
- Signals — fired vs skipped, with top skip reasons
- Open positions grouped by asset class (stocks / options / crypto)
Open the modal in the dashboard via the "Daily summary" button in the page header, or browse a specific past day from the recent list at the bottom.
Performance metrics
We show both backtest and live-expected numbers on every screen so you know what to plan around. Backtest numbers are honest but idealized; live-expected applies a calibration that reflects what we expect in production:
live_expected_avg = backtest_avg × 0.5 live_expected_worst = backtest_worst × 1.5 live_expected_sharpe = backtest_sharpe × 0.7
These multipliers come from comparing the founder's live
trading record (visible at
/transparency) against
the backtested figures over the same period. They are not
guarantees — they're a planning floor.
The analytics page at
/performance breaks down
Sharpe, profit factor, expectancy, max drawdown, win rate, best
/ worst trade, and per-ticker contribution.
Troubleshooting
"Backend unreachable" banner
The dashboard polls the trader app every 15s. If it can't
reach it, you'll see a reconnect banner. Common causes: deploy
in progress (~2 min), your droplet rebooting, your home network
blocking. Wait 60s; if it persists, check the system status at
/health.
"Trading is paused" banner
You haven't accepted the current risk disclosure version, or
the broker connection is broken. Click "Review and accept" to
re-acknowledge; reconnect your broker from
/settings if you see a
reconnect-required banner.
Engine signals not firing
Check the Signals tab — every potential signal is logged with the reason it fired OR skipped. Common skip reasons: volume below threshold, regime filter ruled it out, position cap hit, kill switch is paused.
Broker rejected an order
The dashboard shows the broker's verbatim error message on the failing signal. Most common: insufficient buying power (especially after a big move), pattern day trader limit hit on cash accounts, options approval level too low for the strategy (some brokers require Level 3 for spreads).
I lost my MFA device
Use a backup code (saved when you enrolled). If you've also lost the backup codes, email support@tradingarbor.com from your registered account email — we'll verify ownership and reset MFA.
Glossary
| Delta | Option's sensitivity to underlying price changes. 0.70 delta ≈ 70% probability of finishing in-the-money. |
| DTE | Days to expiration. We trade 30-DTE options as the swing engine's default. |
| R-multiple | Risk-multiplied return. 2R = 2× the initial risked amount. |
| SMA | Simple moving average. We use SMA-20, SMA-50, and SMA-100 in various filters. |
| Sharpe | Risk-adjusted return. Higher is better; > 1.0 is considered good. |
| Profit factor | Gross wins / gross losses. > 1.0 means winning. We target > 1.5. |
| Step-up auth | Re-prompting for MFA on a sensitive action even if you're already signed in. Defense against session-hijack attacks. |
| Kill switch | Per-engine pause flag. Stops new entries; existing positions continue to be managed by their exit rules. |
| Paper mode | Trades route to the broker's paper / sandbox environment. No real capital at risk. |
Contact & support
- General questions — hello@tradingarbor.com
- Account / billing — support@tradingarbor.com
- Security disclosures — security@tradingarbor.com (PGP key on request)
- Founder / partnerships — founder@tradingarbor.com
- System status — /health