Question 1

How do I add risk management to a crypto trading bot?

Accepted Answer

Call a risk governance API before every trade. RiskState provides a single POST endpoint (/v1/risk-state) that returns a max_size_fraction (how much capital your bot can deploy), allowed_actions (DCA, LONG, WAIT), and structural_blockers (hard stops). Your bot sends the asset (BTC or ETH), gets back a JSON policy in under 2 seconds, and enforces the limits before executing. No ML model to train, no rules to write — 30+ real-time signals are already scored and combined into one actionable policy. Works with any language, any framework, any execution layer.

Question 2

What is a risk governance API for crypto?

Accepted Answer

A risk governance API is a service that sits between an AI trading agent and the market, answering one question: how much risk is allowed right now? Unlike trading signals (which say what to buy), a risk governance API returns position limits, leverage caps, and blocked actions based on real-time market conditions. RiskState is the first purpose-built risk governance API for crypto. It ingests 30+ signals (on-chain, derivatives, macro, DeFi health) and outputs a deterministic 5-level policy (BLOCK → CAUTIOUS → GREEN) with a SHA-256 hash for auditability. The agent decides what to trade; the governance API decides how much.

Question 3

How do I prevent my AI trading agent from overleveraging?

Accepted Answer

Use a policy engine that enforces position size and leverage limits before execution. RiskState’s API returns leverage_allowed (boolean) and max_size_fraction (0 to 1) on every call. At policy levels 1-2, leverage is blocked entirely. At level 3, only trades with R:R > 2:1 are allowed. At levels 4-5, leverage up to 2x is permitted. These limits are computed from real-time signals — funding rates, open interest, volatility regime, DeFi health factor — so they tighten automatically when market conditions deteriorate. Your agent reads the policy, respects the ceiling, and never overleverages.

Question 4

How do I add guardrails to an autonomous crypto agent?

Accepted Answer

Insert a governance check between your agent’s decision and its execution. Before any trade, your agent calls RiskState’s API with the asset. The response contains: structural_blockers (if non-empty, halt immediately), max_size_fraction (hard ceiling on position size), and allowed_actions (enum list like DCA, WAIT, LONG_SHORT_CONFIRMED). If your agent’s intended action isn’t in allowed_actions, it doesn’t execute. This pattern works with any agent framework — LangChain, CrewAI, ElizaOS, Hermes, AgentKit, or custom code. Three lines of code: fetch policy, check blockers, enforce size.

Question 5

Is RiskState tied to a specific LLM or agent framework?

Accepted Answer

No. RiskState is fully agnostic. It’s a REST API that returns JSON — any LLM (Claude, GPT, Gemini, Kimi, MiniMax, DeepSeek, Llama), any agent framework (OpenClaw, Hermes, LangChain, CrewAI, ElizaOS, AgentKit, AutoGPT), and any execution layer (CoW Swap, Uniswap, Safe, Hyperliquid, any DEX or CEX) can consume it. There’s also an MCP server (@riskstate/mcp-server on npm) and a SKILL.md for agent discovery. Your stack choices don’t matter — the policy response is universal.

Question 6

What’s the difference between a risk API and a trading signal?

Accepted Answer

A trading signal tells you what to buy or sell. A risk governance API tells you how much you’re allowed to risk. They’re complementary, not competing. RiskState doesn’t generate trade ideas — it returns max_size_fraction, allowed_actions, and structural_blockers. Your agent (or your signal provider) decides the trade; RiskState decides the position size, leverage limit, and whether the trade is permitted at all. Think of it as a compliance layer that updates every 60 seconds based on 30+ real-time market signals.

Question 7

What crypto assets does RiskState support?

Accepted Answer

BTC and ETH, each with full independent scoring pipelines. BTC uses on-chain metrics (MVRV, NUPL, supply in profit), halving-based cycle classification, and BTC/SPX correlation. ETH uses a structural score (network fundamentals, staking ratio, supply dynamics, ETH/BTC relative strength), ETH/NASDAQ correlation, and altseason detection. DeFi lending integration supports Aave V3 and Spark Protocol with per-collateral liquidation thresholds. Both assets share: derivatives data (funding, OI, basis, squeeze detection), macro regime analysis, and the same 5-level policy engine.

Question 8

How fresh is the data behind RiskState?

Accepted Answer

30+ real-time signals from 9+ sources: Binance (funding, OI, RSI from 4h klines), CoinGlass (CVD, netflow, ETF flows, MVRV, NUPL), CoinGecko (prices, dominance, institutional treasuries), FRED (yields, DXY, Fed balance sheet), DefiLlama (TVL, DEX volume, fees, lending rates), Lido (staking APR), and more. API responses are cached for 60 seconds. Each response includes a data_sources object showing freshness per signal. Recommended polling: every 5 minutes for agents, every 60 seconds for high-frequency use cases.

Question 9

Is the RiskState API response deterministic?

Accepted Answer

Yes. Same market conditions produce the same policy output, always. Every response includes a SHA-256 policy hash for non-repudiation — your agent can store the hash and prove what policy was active at any point in time. No stochastic decisions, no hidden state, no AI in the scoring loop. The policy function is pure: 30+ signals → normalization → composite score → 4 risk caps → policy level. Fully auditable, fully reproducible.

Question 10

Can I use RiskState in production?

Accepted Answer

Yes. The API is live at api.riskstate.ai/v1/risk-state and serving requests. During beta, all users get free access with 100 calls/month. The API contract (v1.4.0) is stable — field names and enum values won’t change without versioning. Integration takes under 30 minutes: get an API key from the waitlist, call POST /v1/risk-state with your asset, and read the exposure_policy object. SDKs for Python, TypeScript, and agent frameworks are planned.

Question 11

Is my data stored or shared when using RiskState?

Accepted Answer

No. The API is stateless. RiskState doesn’t store request payloads, wallet addresses, or agent behavior. The only persistent data is anonymous usage counts for rate limiting. If you pass a wallet address (for DeFi health factor integration), it’s read on-chain in real-time and never persisted. Policy hashes exist for your audit trail, not ours.

Question 12

How does RiskState compare to building risk management in-house?

Accepted Answer

Building equivalent risk management requires: ingesting 9+ data sources (with fallback chains for API failures), normalizing 30+ signals into comparable scores, implementing a composite scoring engine, building a policy engine with 4 independent risk caps (rules, DeFi, macro, cycle), adding volatility adjustments, and maintaining it all as markets evolve. RiskState packages this into a single API call that returns one number (max_size_fraction) and one list (allowed_actions). You skip months of data engineering and get a battle-tested policy engine that’s been running live since February 2026.

Risk limits
for crypto trading agents.

AI agents lack risk enforcement before execution.

No policy gate

Static limits don't adapt

Autonomous ≠ uncontrolled

Raw models find reasons to break discipline.
RiskState prevents:

From signals to permissions in seconds.

Pre-trade risk gate for any system

REST API

SKILL.md

MCP Server

One endpoint. Full risk enforcement.

Market State

Risk Permissions

DeFi-Aware

Why RiskState is trustworthy.

Request early access.

Frequently asked questions.

Risk limitsfor crypto trading agents.