thornberry
Claim your seat
thornberry
Claim your seat
There's no server holding your stuff. Your broker keys sit in your operating system's keychain. Your audit log is encrypted on your disk. Telemetry is off until you say otherwise. And your limits live in a risk engine the bots answer to, so a bad prompt, a hallucinated ticker, or a bug in a skill you wrote can suggest something dumb, and still can't move a dime.
patience compounds.
Launch runs at L1 — nothing live goes out without your yes. Looser modes come later, after a review and a cooldown, never by accident.
New strategies start on paper. You can switch it off whenever — but the app makes you look at what you're skipping first. Most blow-ups happen in the hour you'd skip it.
Crash reports and analytics ship off. The local model runs offline — only market data and your broker calls ever touch the network.
Tied to your identity on first run. Recovery is a passphrase plus an audit-log seed. No shared server in the middle.
Every decision — the candidate, the rule that fired, the risk check, the fill — written to an encrypted journal on your disk. A bad day is reviewable, not a mystery.
Run the app from Telegram or Discord all you want. A message still can't place an order — that door is shut. Someone could take over your group chat and get exactly nowhere.
Apple Keychain, Windows Credential Manager, secret-service on Linux. Broker secrets never sit in plaintext, and the agents can't read them.
Hit the kill switch and new orders stop in seconds; whatever's open is handled the way you set it. It was the first thing we built and it's the last thing that fails.
Position size, drawdown, prop-firm rules, daily loss — held in a separate risk engine, not buried in the strategy where a hot streak could talk you out of them. The bots trade inside the lines or not at all.
Nine controls between a bad idea and your account.
nine pages · turn to beginYour bots execute your strategy, but only inside the limits you set. Position size, drawdown, prop-firm rules, daily loss: those live in a separate risk engine the bots answer to, not buried in the strategy where a hot streak could talk you out of them.
A misbehaving agent (a bad prompt, a hallucinated ticker, a bug in a skill you wrote) can propose. It can't size past your caps, and it can't trade after you've hit the brake. Pull the kill switch and new orders stop in seconds; what's open is handled by your policy.
And the trade path won't take an order from a chat. You can drive most of the app from Telegram or Discord, but a message can't place a trade. That door is closed. Compromise the group chat and you still can't get an order out.
Every blow-up story starts the same way: someone finds a signal, flips it live within the hour, and sizes up. The high of the idea outruns the evidence for it.
So every new strategy starts in paper by default, against live data, on its own clock. Not the account, the strategy. Edit it in a meaningful way and the clock resets, because it's a different strategy now.
It's a default, not a cage. You can switch paper off whenever you want, but that's on you, and the app makes you see exactly what you're skipping before it lets you. Most blow-ups happen in that one impatient hour, so the speed bump sits where it belongs. Step over it if you mean to.
After that, strategies earn size. They climb the sizing ladder as they build real history across different conditions, and step back down when drawdown or a losing streak says so.
Cloud trading tools ask for three things you should never give away: your broker keys, your positions, and your strategy. Once they're on someone else's server, they're someone else's problem to lose.
No server holds your broker keys, your positions, or your strategies. Keys live in your operating system's keychain. The audit log is encrypted on your disk. The local model runs offline, and outbound connections go through a built-in allowlist: market data and your broker, not a data lake. Telemetry is off until you turn it on.
There's a quieter reason this matters: your edge doesn't leak. The strategies you build, the skills you write, the context in your vault. That's your work. On a cloud platform it's training data and a competitive surface. Here it's a file on your machine. The longer you use thornberry ai, the more it's worth, and all of that value stays yours.
Your machine. Your keys. Your strategy. Your call.
Claim your seatthornberry ai is trading software, not a broker, and not investment advice. Trading securities, options, and futures carries a substantial risk of loss and is not suitable for everyone. You can lose some or all of your capital, and with options and futures you can lose more than you deposit. Past performance does not predict future results. You make every trading decision and you bear every result.
