VegaTrade
VegaTrade VegaTrade

Every AI decision, replayable.

The audit-chain-native AI HFT platform.

Glass-box AI decisioning in the slow loop. Deterministic C++ in the hot path. Every signal and every strategy shows its work.

Request Access

Differentiation

An AI HFT platform built audit-chain-first. Glass-box AI. Deterministic execution.

Glass-Box AI

Every decision shows its work

The AI is a glass box, not a black box. Every AI decision — strategy selection, parameter choice, signal generation, lot disposition, dividend timing — captures its prompt, model identifier, temperature, inputs hash, output, and reasoning into the audit chain at the moment of decision. The Replay API reconstructs any past decision byte-identical years later. Black-box AI is forbidden by architecture, not by policy.

WORM. Hash-Chained. Signed.

17a-4-aligned audit architecture

Every event is appended to a per-tenant regulatory chain with SHA-256 row hashing and daily-root ECDSA-P256 signing in a hardware security module. Chain integrity is enforced in code, verified at insert time, and replayable byte-identical from cold immutable storage. The audit log is a primary data structure; losing events is treated as a critical bug, never a performance trade-off.

Designed For (On The Roadmap)

Institutional thick-native client

A signed, code-signed desktop binary for institutional users running local C++ compute against the regulated backbone for execution and audit. Professional-grade workstation surface; server-authoritative order routing; end-to-end audit-chain attribution including the install and update events. The architecture is specified; the binary is on the roadmap.

On the roadmap — design phase

Discuss timing →

§1091 Wash-Sale. Form 8949.

Tax-lot tracking + harvesting backbone

Lot accounting (FIFO / LIFO / HIFO / Specific-ID), §1091 wash-sale detection with basis adjustment and holding-period tack, Form 8949 row generation, and 1099-B reconciliation are landed. Per-disposition Specific-ID override is audit-chain emitted with operator attribution. User-facing tax-loss-harvesting workflows are the next layer.

Backbone built — user-facing TLH workflows on the roadmap

Discuss timing →

Glass-Box Strategy

Validity-invariant gates · open methodology

Every strategy is a glass box: open code, named parameters, reproducible backtests. Each one clears walk-forward and nested cross-validation, deflated Sharpe, and probability-of-backtest-overfitting gates before reaching paper trading. Execution-model fidelity bands quantify the cost the backtest charges. Substrate-to-live parameter-set provenance is bound by audit-chain head hash. The platform publishes net-of-all-fees Sharpe alongside gross, and for tax-aware strategies, after-tax Sharpe at the user's marginal rate — the number a fiduciary defends, not the one a marketer picks.

Two Loops · One Boundary

Slow-loop AI · Hot-path HFT execution

The platform separates strategic reasoning from order execution. The slow loop is Python — Claude Opus reasons about markets, regimes, and signals at seconds-to-minutes cadence. The hot path is C++ — deterministic, pre-allocated, no exceptions, executing in microseconds-to-milliseconds. The two are joined by an ECDSA-P256-signed ZeroMQ boundary. No model call ever touches the order path; every order passes the pre-trade risk gateway.

Who this is for

Three audiences. One platform. Distinct angles on the same audit-chain spine.

For Investors

The platform a fiduciary defends

The differentiation is the audit-chain spine. Most retail trading platforms ship the AI output without the reasoning. We ship both, audit-chain bound, and replayable years later.

The validity-invariant framework — walk-forward, nested cross-validation, deflated Sharpe, probability-of-backtest-overfitting — is the gate every strategy clears before live capital. The Sharpe a marketer publishes is not the Sharpe we publish; the platform publishes gross-of-fee and net-of-all-fees, and for tax-aware strategies, pre-tax and after-tax at the user's marginal rate.

We do not publish traction numbers. The platform is pre-launch. The architecture is the asset.

For Institutions

The forensic surface procurement asks for

Every authentication event, trade execution, administrative action, and tax disposition carries originating IP and derived geolocation in its audit payload. Every privileged action is geo-attributable.

Tenants are isolated by database, not by row predicate. Audit chain is per-tenant. Cross-tenant ledger queries are scoped at the database boundary, not by application filter.

The institutional thick-native client is designed to extend that attribution all the way to the workstation — install, update, and every action a user takes is reconstructible. The desktop binary is on the roadmap; the architecture is specified now.

For Acquirers

A regulated backbone, brand-independent

VegaTrade is the consumer brand. Atlas-Trade is the regulated audit-service backbone. The split is deliberate: the consumer product can evolve its brand without forcing regulatory-filing churn.

The audit service is a primary data structure with its own producer-ID discipline, hash chain, daily-root HSM signing, immutable WORM storage, and a byte-identical Replay API. Producer identifiers cover every emission boundary in the platform; each is a single value type per regulatory query.

The architectural asset is the backbone. The consumer surface is interchangeable. The procurement story stays whole.

Architecture

Two loops. Two brands. One audit-chain spine.

The platform is built on two architectural splits. The first is the loop split: the slow loop is the AI brain (Python, seconds-to-minutes), the hot path is the HFT engine (C++, microseconds-to-milliseconds), and the boundary between them is signed. No model call ever touches the order path; every order passes the pre-trade risk gateway.

The second is the brand split. VegaTrade™ is the consumer surface a user sees in their browser or, eventually, in a signed desktop client. Atlas-Trade™ is the regulated audit-service backbone — the per-tenant hash-chained event store, the daily-root signer, the Replay API, the immutable WORM archive. The two names exist because regulators audit the backbone and users use the surface; coupling them at the brand layer is a constraint we refuse.

Consumer Surface

VegaTrade

  • Browser today; institutional thick-native desktop client on the roadmap
  • Per-tenant authenticated workstation
  • Read scope: positions, orders, P&L, lots, strategies, audit log
  • Action scope: every state-changing action chains to Atlas-Trade

Regulated Backbone

Atlas-Trade

  • Append-only, hash-chained event store
  • Daily-root ECDSA-P256 signing in a hardware security module
  • Per-tenant database isolation; per-tenant audit chain
  • Byte-identical Replay API from cold immutable storage

Founder & CEO

Jon Toroni

Over 20 years of experience in accounting and finance. Worked with a number of SaaS companies. Software design experience spanning 8 years.

Audit the architecture. Then audit ours.

Request Access