Aurono Aurono
← Back to blog

How Aurono Start is built — architecture for trust

February 15, 2026 · Eppo
architecturetechnical

A small box that handles your money

Aurono Start runs on a device in your home — compact, low-power, and always on. Making it work reliably, securely, and transparently required some very deliberate choices. Here’s what’s inside.

One process. No cloud.

A single Python process (FastAPI) serves the API and web interface. No nginx, no reverse proxy, and no external dependencies. You access it through a browser on your local network.

It runs on anything from a single-board computer to a Mac Mini. The device doesn’t matter, as long as it stays on and connected.

The process runs under a dedicated system user with restricted permissions. Systemd hardening prevents it from reading your home directory or modifying system files, and the installer is re-runnable: it updates code while preserving your data.

Three safety layers

At each candle close — hourly, every four hours, daily, or weekly — the scheduler evaluates your rules. Three layers must pass before any trade happens:

  1. Timing check — is this timeframe actually due?
  2. Candle validation — are we looking at closed data, not incomplete candles?
  3. Strategy constraints — capital limits, cooldowns, minimum positions, loss protection

If all checks pass and trigger conditions are met, the order goes to the exchange. If any check fails, it’s logged with a clear reason and no action is taken.

Every decision — trade or no trade — is recorded as an immutable event. The entire portfolio state can be rebuilt from these events at any time.

Exchange isolation

This is the critical boundary.

Your exchange API keys are restricted to reading data and placing orders — no withdrawal access and no transfer capability.

Credentials are encrypted at rest using Fernet symmetric encryption. The key is generated on first run and lives only on the device, while credentials are stored in a separate database table from the event store.

The exchange adapter does exactly four things: verify connectivity, read balances, get market data, and place or cancel orders. If the exchange times out or errors, Aurono logs what happened and waits. No blind retries, no guessing.

Weekly candle derivation

Bitvavo doesn’t provide weekly candle data, so Aurono derives it — fetching 21 daily candles, aggregating them into Monday-aligned weekly candles, and evaluating against those. Same logic, same consistency, regardless of what the exchange API supports.

The Strategy Lab

Simulations run entirely on the device, with no server round-trips. The client-side computation mirrors the backend exactly: same trigger logic, same capital constraints, same cooldowns, and same protection rules.

What you see in a simulation is what the live engine would do — no simplified model for the sake of speed.

Technical indicators (SMA, EMA, RSI, MACD) are computed as pure functions. The regime classifier is fact-driven — it tells you whether the price is above or below its moving averages, not where it’s “going.”

Liquidity monitoring

Aurono tracks what your strategies expect versus what’s actually on your exchange. When there’s a gap, you get a clear message: “Your strategies expect €93.22 but your Bitvavo account has €53.73 — deposit €39.49 to cover the gap.”

No silent failures, and no strategies dying quietly because the money ran out.

Daily reports

HTML emails with inline styling — no external CSS and no tracking pixels. Portfolio summary, per-strategy performance, and any trades that happened. Sent via SMTP from your device.

Why this architecture

Every decision serves one goal: you should be able to verify what Aurono does, understand why, and trust that it can’t do more than you authorized.

Open execution logic. Narrow exchange boundary. Local data. And if you want to stop, you unplug the device.

That’s trust by architecture.

Want the technical detail behind each layer? The Trading Engine and Security Overview docs walk through how Aurono’s safety checks, exchange isolation, and event store actually work.