Security

Trader's public website is static Cloudflare Pages content. It has no login, no form submission, no payment flow, and no server process behind it.

Security headers

The site ships a restrictive Content Security Policy, HSTS, X-Frame-Options, nosniff, and a minimal permissions policy through Cloudflare Pages _headers.

Trading boundary

This site cannot place trades, approve trades, or change journals. It is a static product page for a system currently in paper-testing.

Reporting

The security policy is published at /.well-known/security.txt. If you were invited to review the product, use the owner's existing support channel.