Security & Trust

Built to protect your account

Helix is engineered for serious traders, prop firms, and funds. Security and data isolation are foundational — here's how we protect you.

Encryption in transit

All traffic between your browser, the connector, and Helix is encrypted with TLS. Connection keys are transmitted over secure channels only.

Per-user data isolation

Every user's data is scoped to their authenticated identity and enforced at the database layer. No customer can ever see another's accounts, signals, or executions.

Managed authentication

Sign-in is handled by Google Firebase Authentication with email/password and Google SSO. We never store your password.

Your credentials stay local

Your broker credentials and order routing never leave your machine. The connector is read-only and off the order path — it streams telemetry up, nothing down.

Hardened infrastructure

Helix runs on Google Cloud, Firebase, and Vercel with least-privilege service accounts and database rules that deny cross-tenant access by default.

Secure payments

Subscriptions are processed by Stripe. Helix never sees or stores your full card details.

Proprietary models protected

Our models and intellectual property remain on the server and are never shipped to clients or exposed through the API.

Real-time risk governance

A prop-firm-grade risk engine gates every order, with transparent rejection reasons — reducing the chance of runaway automated behavior.

All systems operational

Live system status is shown in-app under System once you're connected.

Responsible disclosure

We welcome reports from security researchers. If you believe you've found a vulnerability, please email helixquantumsolutions@gmail.com with details and steps to reproduce. Please don't access other users' data or disrupt the service while testing — see our Acceptable Use Policy.

Read more in our Privacy Policy and Terms of Service.