Production-grade, multi-service trading platform with a React 19 frontend, FastAPI backend, TimescaleDB ledger, Redis, Celery background jobs, a sandboxed strategy engine, and an isolated AI sentinel service.
This software is for educational and research purposes only. Do not risk money you are afraid to lose. Use the software at your own risk. The authors and contributors assume no responsibility for your trading results.
- Overview
- Capabilities (Highlights)
- Architecture and Service Map
- Core Flows
- Tech Stack
- Data Model (Key Tables)
- API Surface (High-Level)
- Quick Start (Docker)
- Local Development (Without Docker)
- Configuration and Secrets
- Observability and Troubleshooting
- Security and Data Hygiene
- Contributing
- Roadmap
- License
The platform orchestrates autonomous trading agents that analyze multi-timeframe market data, generate proposals, and execute trades only after explicit approval. It combines strict network isolation with a sandboxed strategy execution model and a centralized fleet manager.
- Agent lifecycle: PAUSED -> SCANNING -> PROPOSING -> AWAITING_APPROVAL -> ACTIVE -> IN_POSITION -> COOLDOWN
- Fleet manager: registry of active agents, budget locking, and real-time status broadcasting via Redis WebSockets
- Sandboxed strategy execution: Python sandbox with restricted imports (pandas/numpy only)
- Market data ledger: high-frequency OHLCV caching with retention policies using TimescaleDB
- Background orchestration: scheduled cleanup of logs and market data via Celery Beat
graph TD;
UI["Frontend (React Vite)"] -->|"HTTP/WS"| API["Backend (FastAPI)"];
API -->|"SQL"| DB[("TimescaleDB")];
API -->|"Broker/Cache"| R[("Redis")];
API -->|"Sandboxed Exec"| SE["Strategy Engine"];
R -->|"Tasks"| CW["Celery Worker"];
R -->|"Schedules"| CB["Celery Beat"];
CW -->|"Read/Write"| DB;
SE -->|"Market Data"| DB;
API -->|"Internal"| AS["AI Sentinel"];
subgraph Networks
PN["public_net"];
AN["app_net"];
DN["data_net"];
end;
| Service | Port | Purpose | Network |
|---|---|---|---|
| frontend | 5173 | React UI and charting | public_net, app_net |
| backend | 8000 | Core API, agent orchestration | public_net, app_net, data_net |
| strategy-engine | 8001 | Sandboxed strategy execution | app_net, data_net |
| ai-sentinel | - | Isolated AI analysis | app_net |
| ledger-db | 5432 | TimescaleDB ledger | data_net |
| redis | 6379 | Message broker and cache | app_net, data_net |
| celery_worker | - | Background tasks | app_net, data_net |
| celery_beat | - | Scheduled tasks | app_net |
- Fetch macro (4h) and micro (15m) data
- Execute strategy code in sandboxed namespace
- Synthesize signals and generate proposal with risk markers
- Await user approval
- Execute trade, monitor position, then cooldown
- OHLCV data is cached by timeframe with retention policies per timeframe
- Celery Beat schedules collection and cleanup tasks
- User strategy code is transpiled to Python and executed in the strategy engine
- Only pandas and numpy are available in the sandbox
- Fleet manager emits updates via Redis channels
- UI consumes and renders real-time status changes
- React 19 + Vite
- TailwindCSS
- Zustand
- KlineCharts + Lightweight Charts + D3
- React Router
- FastAPI + Uvicorn
- SQLAlchemy (async)
- Celery + Redis
- CCXT (exchange integration)
- pandas + numpy
- TimescaleDB (PostgreSQL 15)
- Redis (cache + broker)
- strategy-engine: sandboxed Python execution for strategies
- ai-sentinel: isolated AI analysis service
The database contains core entities for agents, market data, and paper trading. Key tables include:
- TradingAgent (budget, status, leverage, lifecycle)
- AgentLog (high-frequency logs, cleaned hourly by Celery)
- OHLCVCache (time-series market data with retention)
- PaperAccount, PaperPosition, PaperOrder, PaperTrade (paper trading simulation)
- Strategy (Pine Script and generated Python code)
Base URL: http://localhost:8000
GET /healthhealth checkGET /api/v1/openapi.jsonOpenAPI schema
Primary routers:
/api/v1/auth/api/v1/users/api/v1/settings/api/v1/strategies/api/v1/market/api/v1/trade/api/v1/paper/api/v1/fleet/api/v1/fleet/ws/api/v1/history/api/v1/ai/api/v1/ai-strategy/api/v1/research
Example requests:
curl http://localhost:8000/healthcurl http://localhost:8000/api/v1/strategiescurl http://localhost:8000/api/v1/fleet- Docker Desktop (or compatible Docker Engine)
- Docker Compose
Create the required secret file and optional environment variables.
mkdir -p infra/secrets
echo "your_super_secret_password" > infra/secrets/db_password.txtIf you use an .env file:
touch infra/.envRequired environment variables (examples):
| Variable | Description | Example |
|---|---|---|
| POSTGRES_SERVER | Database hostname | ledger-db |
| POSTGRES_DB | Database name | trading_db |
| REDIS_URL | Redis connection string | redis://redis:6379/0 |
| EXCHANGE_API_KEY | Optional CCXT key | sk-123... |
cd infra
docker compose up -d --buildAccess the services:
- Frontend: http://localhost:5173
- Backend API Docs: http://localhost:8000/docs
- Strategy Engine: http://localhost:8001
This mode is intended for contributors who want to run services directly on their machine.
- Python 3.11+
- Node.js 20+
- PostgreSQL 15 (TimescaleDB recommended)
- Redis
cd backend
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
uvicorn app.main:app --reload --host 0.0.0.0 --port 8000cd backend
source .venv/bin/activate
celery -A app.core.celery_app worker --loglevel=info
celery -A app.core.celery_app beat --loglevel=infocd strategy-engine
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
uvicorn app.main:app --reload --host 0.0.0.0 --port 8001cd frontend
npm install
npm run devThe compose file uses a Docker secret for the DB password:
infra/secrets/db_password.txt
Key environment variables (examples):
POSTGRES_SERVER=ledger-db
POSTGRES_DB=trading_db
CELERY_BROKER_URL=redis://redis:6379/0
REDIS_URL=redis://redis:6379/0Set your local environment variables in your shell or a private .env file.
docker logs backend
docker logs celery_worker
docker logs celery_beat
docker logs frontendcurl http://localhost:8000/healthThis repository intentionally excludes local-only artifacts (session notes, credentials, .env files, debug scripts, and personal research). The strategy engine executes code in a heavily restricted namespace.
- Fork the repository and create a feature branch.
- Keep changes focused and include context in the commit message.
- Ensure Docker builds and the stack starts via
infra/docker-compose.yml. - Open a PR with a short summary and screenshots for UI changes.
- Hardened auth and role-based access (RBAC)
- Extended strategy SDK and backtest workflows
- Live trading connectors beyond Bitget
- OpenTelemetry structured tracing
Released under the MIT License.
