Can EdgeLedger withdraw funds from my exchange?
No. EdgeLedger only needs read-only API permissions for exchange sync. It should not be granted withdrawal or trading permissions.
Security
Security-first trading journal workflows.
EdgeLedger is built so traders can review their history without giving the platform permission to trade, withdraw funds or modify exchange accounts. Exchange connections use read-only API access, and sensitive workflows are designed around limited access and revocable sharing.
EdgeLedger
Read-only exchange connections
Exchange integrations are intended for trade-history import and account review only. EdgeLedger does not need trading, transfer or withdrawal permissions to journal exchange activity.
- Use read-only API keys when connecting exchanges
- Do not grant withdrawal or trading permissions to journal imports
- Restrict API keys by IP address where the exchange supports it
- Revoke exchange API keys from the exchange account if access is no longer needed
EdgeLedger
Account and access controls
EdgeLedger supports email/password authentication, Google OAuth, email verification and two-factor authentication workflows. Mentor and public sharing features are scoped so traders can share specific information without exposing unrelated account areas.
- Email verification and authentication controls for accounts
- Two-factor authentication support for stronger account protection
- Scoped mentor access links for selected challenges or reports
- Revocable public sharing links for selected trading performance views
EdgeLedger
Responsible disclosure
Security reports should be sent privately so issues can be reviewed and fixed responsibly. Do not scan, load-test or probe production systems without prior written authorization.
- Report vulnerabilities to [email protected]
- Include clear reproduction steps and affected URLs when possible
- Avoid accessing, modifying or exfiltrating other users' data
- Use [email protected] for platform misuse or policy violations
Questions
Common questions
Can I revoke exchange access?
Yes. Exchange API access can be revoked from the exchange account, and EdgeLedger connections can be removed from the dashboard.
Where do I report a vulnerability?
Security vulnerabilities should be reported privately to [email protected] with enough detail to reproduce the issue.
EdgeLedger
Review your trading history with clearer context.
Start free, then upgrade when you need automation, reports, AI insights, prop firm tools, and tax exports.