Security model
End-to-end encryption
Anthid uses end-to-end encryption for sensitive platform communication so broker-connected workflows stay protected as requests, responses, and account events move through the system.
Encrypted credential storage
Broker credentials are encrypted with AES-GCM before storage. Credentials are treated as sensitive secrets, stored in encrypted form, and designed to support rotation at any time when access policies, broker requirements, or internal security procedures change.
Sharded customer environments
Customer environments are sharded to provide isolation between organizations. This keeps customer workloads separated at the platform layer and limits the operational blast radius of account-specific activity.
Credential protection
Anthid stores broker credentials using AES-GCM encryption and keeps credential handling separated from normal trading workflows. Your application does not need to persist broker secrets locally once the broker account is connected through Anthid. Credentials can be rotated whenever needed. This gives your team a practical path to respond to policy changes, broker-side credential updates, employee access changes, or scheduled secret rotation without redesigning the integration.Environment isolation
Anthid uses sharded customer environments to isolate organizations from each other. Each customer environment is separated so trading activity, account state, controls, streaming events, and ledger records are scoped to the correct organization. This isolation model helps protect customer data and reduces cross-customer operational risk while still giving each organization access to managed broker connectivity, controls, metrics, and real-time streaming.Platform controls
Security works alongside Anthid’s trading controls. Organization, account, and symbol-level guardrails help limit where and when trading can occur, while circuit breakers can stop activity when your team needs to pause trading quickly. These controls give teams a security-aware operating model: credentials are protected, customer environments are isolated, and trading access can be constrained through platform-level policy.Operational posture
Anthid is designed to reduce the amount of sensitive broker infrastructure your team has to build and operate directly.- Sensitive communication is protected with end-to-end encryption.
- Broker credentials are stored with AES-GCM encryption.
- Credentials can be rotated at any time.
- Customer environments are sharded for isolation.
- Trading workflows can be constrained with organization, account, and symbol-level controls.
- Broker connectivity, streaming, ledger storage, and metrics run through a managed platform layer.