Cryptohopper — agentic threat model
Cryptohopper presents a high-risk profile due to its high autonomy in executing financial transactions across external cryptocurrency exchanges. The combination of automated trade execution, API key integration, and social trading marketplaces creates significant vectors for financial loss via strategy manipulation or credential compromise.
OWASP AIVSS score rationale
| Autonomy of Action | 0.90 | |
| Goal-Driven Planning | 0.70 | |
| Self-Modification | 0.20 | |
| Dynamic Tool Use | 0.80 | |
| Persistent Memory | 0.60 | |
| Contextual Awareness | 0.80 | |
| Dynamic Identity | 0.20 | |
| Multi-Agent Interactions | 0.40 | |
| Non-Determinism | 0.50 | |
| Opacity & Reflexivity | 0.60 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — the exact foundation models or LLMs powering the 'AI-driven bots' are not specified. If LLMs are used for strategy design or social trading analysis, they are vulnerable to prompt injection, adversarial inputs, or model reprogramming that could manipulate trading signals.
Not certain from the listing — details on data storage, vector databases, or RAG pipelines are not provided. However, the platform relies heavily on market data feeds and user exchange data; poisoning of these data streams or backtesting datasets could lead to catastrophic trading decisions.
The platform orchestrates automated trading bots executing multi-step strategies (arbitrage, market-making) across exchanges. Vulnerabilities in tool integration (API keys for exchanges) or logic flaws in the bot framework could allow unauthorized trade execution or tool misuse.
Not certain from the listing — the hosting, sandboxing, and secrets management infrastructure are proprietary. Given the platform stores highly sensitive exchange API keys, insecure storage or lack of isolation could lead to credential theft and total financial compromise.
Provides backtesting and investment monitoring tools. However, there is no mention of real-time security guardrails or anomaly detection to halt bots if they exhibit erratic, compromised, or manipulated trading behavior.
Not certain from the listing — compliance certifications (like SOC2) or specific identity and access management (IAM) controls are not detailed. Robust API key permission management (e.g., restricting withdrawal permissions) is critical but depends on user configuration.
Features social trading and strategy sharing. This creates an ecosystem risk where users can copy compromised, malicious, or manipulated trading strategies from other 'agents' or users, leading to cascading financial losses across the user base.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).