Institutional Integration Guide

Pre-vendor due diligence brief. Read this if you are a procurement officer, risk lead, or technology lead at a fund, desk or treasury team evaluating RiskState.

This document is the canonical reference for how RiskState is built, operated, and integrated. It cites the technical docs that describe each capability and is written to be skimmed top-to-bottom by procurement and integrated by reference into vendor questionnaires.

Status as of 2026-04-28. v1.3.0 of the API, score_v3 of the engine, public free beta. The 6-month scoring freeze is part of how we keep the track record auditable. SOC 2, RBAC scopes and multi-region failover land after the freeze (Q4 2026 onward); we are explicit about what is shipped today versus on the roadmap.

Audience
Product status (today)
What RiskState is — and is not
Architecture overview
Data classification
Authentication and key management
Audit trail
Policy customization to mandate
Retention and deletion
Incident response and vulnerability disclosure
Operational posture
Shadow-mode pilot model
Beta vs production-pilot
Roadmap framed by risk committee axis
Institutional Hardening Modes
SIG Lite mapping
Contact

Audience

Two readers:

Procurement / risk lead running pre-vendor due diligence. Wants short, direct answers to compliance questions. Use the SIG Lite mapping and Audit trail sections.
Technology / quant lead scoping integration. Wants the architecture, the data flow, and the integration handles. Use Architecture overview, Authentication and Shadow-mode pilot model.

Product status (today)

Item	Value
API version	`1.3.0` (additive backwards-compat under `score_v3`)
Scoring version	`score_v3`
Scoring freeze	Active until `2026-10-22` (policy)
Pricing	Free during beta (no metered billing yet)
Assets covered	BTC and ETH (USD-denominated)
Markets covered	Spot, perpetual futures, DeFi borrowing (informational)
Hosting	Single region (US-East). Multi-region failover targeted post-pilot.
Compliance	None today; SOC 2 scoping post-pilot
Track record start	2026-02-17

What RiskState is — and is not

Is	Is not
A deterministic pre-trade risk layer	A signal / alpha / prediction service
A deterministic policy + audit engine	A trading or execution venue
A read-only observer of market state	An actor that submits orders
A configurable cap on customer mandates	A replacement VaR / Monte Carlo / portfolio risk engine
Self-serve via API and MCP today	Integrated with your OMS / EMS or custody layer today

If your evaluation is "does it predict the next move", RiskState is the wrong product. If your evaluation is "does it bind exposure to mandate before execution, with an audit trail we can defend in committee", that is what it is built for.

Architecture overview

        ┌─────────────────────────────────────────────────────────┐
        │  Customer system (agent / desk / OMS)                   │
        └──────────────────────────┬──────────────────────────────┘
                                   │
                       Bearer auth │  POST /v1/risk-state
                                   ▼
        ┌─────────────────────────────────────────────────────────┐
        │  RiskState (Netlify Functions, single region US-East)   │
        │                                                         │
        │   1. Auth (env-var owner key + Blobs external keys)     │
        │   2. Pre-flight policy_config (block protocols, etc.)   │
        │   3. 60s shared cache (asset, protocol)                 │
        │   4. Multi-source fetch (CoinGecko / Binance / OKX /    │
        │      Bybit / CryptoCompare / FRED / DefiLlama / ...)    │
        │   5. Scoring pipeline (composite + structural +         │
        │      tactical + policy combiner)                        │
        │   6. Policy engine (4 caps × quality × volatility)      │
        │   7. Per-call policy_config tightening                  │
        │   8. Sync audit write (full record to Blobs)            │
        │                                                         │
        └──────────────────────────┬──────────────────────────────┘
                                   ▼
                          JSON response with policy_hash

A request takes ~5–12 seconds (mostly upstream data fetch latency); cached responses ~50–200 ms. There is no customer state retained between requests other than the audit record and the policy_config attached to the customer's API key.

Data sources are public-internet APIs. Failover and fallback chains are documented per source in API Reference → Data sources. When the primary fails, secondary providers are tried automatically; the resulting response carries a data_sources block tagging which provider supplied each field at decision time.

Data classification

Category	Examples	How RiskState handles it
Public market data	BTC/USD price, RSI, funding rate, ETF flows, MVRV proxy, macro series	Fetched from public APIs at request time; not retained beyond the 60s response cache
Customer credential	API key (`rs_live_*`)	Stored hashed-by-storage in `api-keys` Blobs store. The first 16 chars (`key_prefix`) are used for partitioning audit records and surfacing to admin views. The full key is never logged or returned in any non-creation response.
Customer mandate	`policy_config` (max_gross, leverage_cap, blocked_protocols, desk_id)	Stored as part of the API key's metadata. Surfaced in the audit record when applied.
Decision record	Every `/v1/risk-state` response, with `policy_hash`, `data_sources`, `binding_constraint`, `policy_config_applied`	Stored in `audit-decisions` Blobs store for 365 days, then auto-deleted (audit doc).
Wallet address (optional)	If passed in `wallet` field for DeFi position context	Not retained. Only the boolean `has_wallet` is stored in audit.
PII	Email address (during waitlist signup)	Stored in the API key entry (`api-keys` Blobs). Used only for delivery of the API key and revocation notices. Not used for marketing without separate consent.

What is deliberately not collected:

Trading P&L or position sizes (we never see your trade book).
Counterparty / exchange identifiers beyond what is required by the API call.
Browser fingerprints, IP-based tracking, third-party analytics on API endpoints.

Authentication and key management

Bearer token over HTTPS. Two tiers:

Owner key (RiskState's master, env-var only). Cannot be created by external actors. Used for admin operations.
External keys (rs_live_*, 256-bit entropy). Generated via POST /api/api-keys (currently owner-only; self-service waitlist signup queues a key delivery to the email).

Rate limit. 60 requests/minute per external key. Sliding minute window. Exceeding returns HTTP 429 with a retry_after_seconds body field.

Revocation. POST /api/api-keys with action: "revoke" flips the key inactive. Propagation is typically sub-second; a known eventual-consistency window of up to ~1 second can pass before subsequent requests with the revoked key are rejected. For institutional pilots requiring instant cutoff, we recommend a complementary client-side revocation list. A formal cache-invalidation layer is on the post-freeze hardening list.

Storage. Keys live in the api-keys Blobs store. Each entry holds: email, created, active, revoked, last_used, request_count, optional policy_config. The full token is only revealed once at creation and emailed via Resend (DKIM-signed, api@riskstate.ai).

Scopes. Single-scope today (read access to /v1/risk-state plus owner-only admin paths). RBAC scopes (risk:read, audit:read, portfolio:write) ship in B5 of the institutional roadmap.

Audit trail

Every authenticated /v1/risk-state call writes a synchronous audit record before responding. The record includes policy_hash, scoring_version, data_sources snapshot, binding_constraint (with reason_codes), full request echo (without sensitive values), response_summary, policy_config_applied, policy_config_snapshot, cache_hit, and latency_ms.

The full schema, retrieval endpoint (GET /v2/audit/decisions), pagination model, and SIG Lite mapping live at:

→ Audit Log →

For procurement: this is the system of record for "show me every decision your engine made that we acted on". 365 days online; long-term cold-storage retention is a per-customer setting in the institutional pricing tier (post-freeze).

Policy customization to mandate

Each external API key can be attached to a policy_config profile that further tightens the engine's caps to the customer's mandate. Tighten only — never loosens.

Configurable today:

Field	Purpose
`max_gross`	Hard ceiling on `max_size_fraction` (e.g. 0.40 = 40% of capital)
`max_per_asset`	Asset-specific caps (e.g. BTC 0.30, ETH 0.25)
`leverage_cap`	Hard ceiling on numeric leverage
`blocked_protocols`	Reject requests for specific DeFi protocols (e.g. `["aave"]`)
`concentration_limit`	Stored only — enforced when portfolio API ships (B1)
`desk_id`, `notes`	Free-text labels carried into audit

The full enforcement model, response shape, validation rules, and worked examples live at:

→ Policy Config →

For pilot, RiskState configures the profile with you during onboarding. Customer-side self-service writes are post-pilot (v2 of policy-config).

Retention and deletion

Data	Retention	Deletion
Audit decision records	365 days	Auto-deleted by `audit-cleanup` cron daily 03:30 UTC
API key metadata	Until revoked + 30 days	On request, owner-driven
`policy_config` profile	Until cleared via `DELETE /v2/keys/policy`	On request
Email (PII)	While account active + 30 days after closure	On request, GDPR DSAR honoured
Cached response (60s TTL)	60 seconds	Auto-eviction
Upstream raw API payloads	Not retained beyond a single request	N/A

Right-to-be-forgotten requests: send to hello@likido.xyz with the API key prefix (16-char public part); we confirm in writing within 5 business days.

Incident response and vulnerability disclosure

→ /security (canonical reference; see also /.well-known/security.txt when published)

Channel	Use
`security@likido.xyz`	Confidential security reports
`hello@likido.xyz`	General questions, contract inquiries, GDPR DSAR

Disclosure model. Coordinated disclosure. We acknowledge within 72 hours and commit to a public advisory or status update within 30 days for any confirmed vulnerability that affected production.

Scope.

In scope: riskstate.ai, riskstate.netlify.app, the published API endpoints (/v1/*, /v2/*).
Out of scope: third-party services (CoinGlass, Binance, etc.) — report to them directly.

Hard NO. Active exploitation against live customer keys, social engineering of any RiskState contact, or denial-of-service testing without written authorization. Report; don't exploit.

Operational posture

Item	Today (beta)	Roadmap target
Uptime SLA	None contractual; best-effort	Contractual SLA in production pilot
Status page	Internal only	Public `/status` dashboard with uptime + latency
Incident notifications	Manual email to active keys	Webhook + email (B6)
Multi-region failover	Single region (US-East)	Multi-region active-active
On-call rotation	Solo operator	Team rotation post-funding
Backup cadence	Netlify Blobs durability + daily logical export	Plus snapshot-to-S3

We do not contract uptime SLAs in beta. Expected availability based on the last 60 days has tracked > 99.5%; this is a measured metric, not a guaranteed one. Production-pilot SLA is part of the Q4 paid pilot scope.

Performance:

Operation	p50	p99
`/v1/risk-state` cache hit	~80 ms	~250 ms
`/v1/risk-state` fresh compute	~6 s	~12 s
`/v2/audit/decisions` list	~150 ms	~600 ms

Latency is bound primarily by upstream data-fetch waves; the engine itself is sub-second. The 60-second response cache sits between most callers and the upstream fan-out.

Shadow-mode pilot model

The default pilot template:

Phase	Activity	Deliverable from us
Discovery (M1, ~2 weeks)	NDA, intro call, share mandate, agree shadow data format	NDA + scope memo
Pilot kickoff (M2)	Customer sends daily end-of-day portfolio snapshot (CSV / JSON). RiskState generates daily policy assessments. Pilot Terms Letter signed (shadow-mode, non-binding, 3-month review)	First-week assessments + format alignment
Monthly Attribution Report (M3, M4, M5)	What RiskState would have flagged each day, vs realized P&L. Honest about wins AND misses. False-positive rate. Upside-sacrifice estimate.	Three monthly reports
Quarterly Review (M6)	Present 4 months of attribution + stress + audit trail. Decide on Q4 paid pre-production pilot OR explicit blockers list.	Executive summary + paid pilot LOI draft

Shadow mode is a low-ops integration: no real-time hooks, no order-flow access, no execution layer integration. We see your portfolio shape end-of-day; you see our policy assessments + audit trail.

Pilot is non-binding, exit at any time, no payment during shadow. The fund decides at M6 whether to convert to paid pre-production pilot for Q4 2026.

Detailed pilot scope template is shared under NDA. Contact below.

Beta vs production-pilot

What is shipped today versus what production-pilot adds. This is a hard line — the items in the right column are not in beta.

Capability	Beta (today)	Production pilot (Q4 2026+)
Audit log	✅ Yes — 365d, paginated read	✅ Plus signed daily bundle export, 7-year retention tier
Policy config (mandate enforcement)	✅ Yes — owner-set	✅ Plus customer self-service writes, dual approval, change diff + rollback
`fail_closed` audit mode	❌ Fail-OPEN only	✅ Optional `audit_mode: fail_closed` (no audit, no decision)
Multi-region failover	❌ Single region (US-East)	✅ Active-active multi-region
Contractual SLA	❌ None	✅ Yes (uptime, latency, support)
RBAC scopes + org-level keys	❌ Single-scope	✅ Yes — `risk:read`, `audit:read`, `portfolio:write`, `admin`
Webhook notifications	❌ Polling only	✅ Subscribe to policy state changes, blocker activations
Portfolio API	❌ Single-asset	✅ `POST /v2/portfolio-risk-state`
Stress scenario export	❌	✅ Deterministic shock templates
SOC 2 Type I	❌	🟡 Scoping post-pilot
SOL asset mode	❌	🟡 Experimental flag, formal calibration in `score_v4`

Roadmap framed by risk committee axis

Rather than a feature list, here is what changes along each axis your risk committee will care about:

Axis	Today	Direction
Evidence — does the engine reduce drawdown?	Beta track record from 2026-02-17. Backtest with permutation tests + circular block bootstrap. First out-of-sample report mid-May.	Live shadow attribution per pilot, monthly reports, public Research posts on a 6-month cadence.
Control — can the engine be bound to mandate?	Owner-set `policy_config` with `max_gross`, `max_per_asset`, `leverage_cap`, `blocked_protocols`, `desk_id`.	Customer self-service writes with dual approval, change diff, rollback, export.
Audit — can every decision be defended?	Append-only decision log with `policy_hash`, `data_sources` provider tags, `policy_config_applied` snapshot, 365-day retention.	Optional daily signed bundle (JSONL + SHA-256 manifest), normalized input snapshot mode, 7-year retention tier.
Reliability — will it be there when we need it?	Single region, best-effort uptime (~99.5% measured), no contractual SLA.	Multi-region active-active, contractual SLA, public status page, incident webhooks.
Governance — who can change what, and how do we see it?	Single-scope keys. Owner-only policy writes. Revocation is sub-second (with ~1s eventual-consistency window documented).	RBAC scopes (`risk:read`, `audit:read`, `portfolio:write`, `admin`), org-level key hierarchy, separation-of-duties workflow.

Time anchor. score_v4 (calibrated with pilot data) ships at 2026-10-22 when the freeze lifts. Portfolio API v2 (POST /v2/portfolio-risk-state), SOL asset mode (experimental flag), stress scenario export, RBAC and webhooks are scoped for the same window. SOC 2 Type I and multi-region failover are post-pilot, with capital and team in place.

What is explicitly not on the roadmap:

Replacing your VaR / Monte Carlo engine.
Running our own execution venue.
Predicting market direction with confidence claims.
ISO 27001 in the freeze window.

If procurement requires a deliverable that does not appear above, raise it; if it is in scope we will commit a milestone, if not we will say so plainly.

Institutional Hardening Modes

For pilot customers whose mandate requires it, the following toggles are documented as optional production-pilot modes. They are not active in beta. We surface them upfront because procurement will ask, and because they convert today's limitations into selectable maturity tiers rather than blockers.

Mode	Beta default	Production-pilot option
`audit_mode`	`fail_open` — if the audit write fails, the API still responds	`fail_closed` — if the audit write fails, the API returns `503 audit_unavailable`. Trades the latency robustness for the property "no audit, no decision".
`data_mode`	`provider_tags` — record which provider supplied each input field	`normalized_snapshot` — also record the engine's normalized input vector at decision time, so a decision can be reconstructed end-to-end without re-fetching upstream APIs.
`retention_mode`	`365d` — auto-delete after 365 days	`7y_export` — extended online retention plus daily JSONL + SHA-256 manifest export to customer-controlled S3 bucket.
`revocation_mode`	`eventual` — sub-second propagation, ~1s window where revoked key may still authenticate	`instant` — write-through revocation with a synchronous block-list flush.

Pilots that need any of these can request them in the pilot scope memo. Beta defaults are explicit so your risk committee can document the gap before production.

SIG Lite mapping

The full mapping table for each SIG Lite area is in the audit log doc. High-level coverage:

SIG Lite area	Status	Reference
Logging — completeness, retention	✅	Audit Log — every authenticated decision, 365d retention
Authentication	✅	Bearer token, 256-bit entropy, rate-limited, revocable
Authorization / scoping	Partial	Owner vs external; full RBAC scopes B5 (post-freeze)
Data integrity	✅	`policy_hash` (SHA-256) per decision, `scoring_version` pinning, `reference_time` plumbing
Privacy / data minimisation	✅	Wallet not stored, full request body not stored (re-derivable), key prefix only
Incident response	✅	Coordinated disclosure, 72h ack, public advisory within 30d
Vulnerability disclosure	✅	`security@likido.xyz` + (post-A6) `/.well-known/security.txt`
Uptime / availability	Partial	Best-effort beta; contractual SLA is production-pilot scope
Multi-region failover	❌	Single region today; on roadmap
SOC 2 / ISO 27001	❌	Post-pilot scoping
Right to be forgotten	✅	DSAR honoured within 5 business days
Encryption in transit	✅	HTTPS-only
Encryption at rest	✅ (provider)	Netlify Blobs storage encryption
Backup / recovery	Partial	Provider durability + manual export; formal RPO/RTO post-pilot

For procurement teams: this table reflects today's reality, not aspiration. The "Partial" and "❌" rows are the real gaps an institutional pilot would weigh against the value RiskState brings.

Contact

General / contracting / pilot scoping: hello@likido.xyz
Security reports: security@likido.xyz (see /security)

For pilot conversations: include the fund / desk name, mandate summary (3 lines), the assets and markets you trade, and the procurement timeline. We respond within 2 business days.