Code
With the Code feature, you can write your own trading strategy directly in JavaScript.
Your strategy runs in a sandboxed environment where you can analyze the current market data, store custom information, and trigger actions using the built-in $ object.
🧩 Available Variables
Each run of your strategy includes access to the following objects and functions:
$.Action
$.ActionEnum representing all available trade actions:
LONG→ Open a long positionSHORT→ Open a short positionEXIT→ Close the current position
$.Price
$.PriceThe current market price of the selected symbol.
Example:
if ($.Price > 25000) {
await $.Strategy.action($.Action.LONG);
}$.Strategy
$.StrategyProvides context for the current trading session and allows you to execute actions.
symbol
Trading pair, e.g. "BTCUSDT"
exchange
Exchange identifier, e.g. "BINANCE"
service
Market type, e.g. "spot" or "futures"
lastTrigger.action
The most recent action (LONG, SHORT, or EXIT)
lastTrigger.price
The price when the last action was executed
lastTrigger.at
Timestamp of the last action, or null if none
roi(percentage?: boolean)
Returns the current ROI. When percentage is true, the value is expressed in percent.
async action(type: $.Action)
Executes an action such as await $.Strategy.action($.Action.LONG)
$.Storage
$.StoragePersistent JSON storage (up to 24 KB) that remains between strategy runs.
byteLimit
Constant holding the maximum allowed bytes (24,576)
async get()
Retrieves the current stored data (returns null if empty)
async set(obj)
Saves a new data object (overwrites existing data)
Example:
$.Http
$.HttpUtility for sending HTTP requests from within your strategy. Each request has a maximum timeout of 1750 ms.
timeout
Constant holding the timeout value in milliseconds (1750)
async get(url, params?, headers?)
Sends a GET request and returns the parsed response object
async post(url, data, headers?)
Sends a POST request and returns the parsed response object
async generateSignature(payload, secret)
Generates an HMAC signature from the provided payload and secret. Returns the signature as a string.
Important: Every HTTP method always returns an object in the following format:
status→ HTTP status code (e.g. 200, 404, 500)text→ Raw response body as string
Example:
Example signature generation:
$.Ta
$.TaProvides access to a built-in technical analysis library for calculating indicators and signals directly inside your strategy or reaction.
The $.Ta object exposes the functionality of the trading-signals library:
👉 https://github.com/bennycode/trading-signals/tree/main/packages/trading-signals
What You Can Do
With $.Ta, you can:
Calculate indicators like RSI, EMA, SMA, MACD, ATR, Bollinger Bands
Build custom technical strategies
Combine indicators with webhook data or price logic
Perform calculations without external API calls
Usage
Indicators are typically used by feeding values sequentially.
Example: RSI
⚡ Rules & Limits
To ensure fair and safe execution, the following rules apply:
Maximum execution time: 5000 ms per run
Maximum HTTP request time: 1750 ms
Maximum storage size: 24 KB
Only one action per run is allowed
Maximum five actions per second globally
Two consecutive
EXITactions are not permittedViolating these limits will suspend the strategy temporarily
🧠 Example Strategy
This example demonstrates:
Checking the last executed action (
$.Strategy.lastTrigger.action)Using current market data (
$.Price)Executing a new action with (
$.Strategy.action())
🏁 Summary
Action trigger
await $.Strategy.action($.Action.LONG)
Available actions
LONG, SHORT, EXIT
Actions per run
1
Actions per second
5
Execution time
5000 ms
Storage limit
24 KB
HTTP timeout
1750 ms
Duplicate EXITs
Not allowed
🔒 Sandbox Restrictions & Forbidden Identifiers
Your strategy code runs inside a strictly sandboxed environment. For security, stability, and fair usage, certain JavaScript identifiers are completely blocked and cannot be used anywhere in your code — not even indirectly or in comments.
If your strategy references any of the identifiers listed below, execution will fail and the strategy may be suspended.
🚫 Forbidden Identifiers
The following identifiers are not available and must not appear in your strategy code:
Networking & Communication
fetchWebSocketEventSourceWorker,SharedWorkerXMLHttpRequestnavigator,locationpostMessageonmessage,onmessageerrorMessageChannel,BroadcastChannelimportScriptsclose
✅ Use
$.Http.get()and$.Http.post()instead.
Dynamic Code Execution
evalFunctionAsyncFunctiongeneratorFunctionconstructor
❗ Dynamic or runtime-generated code is not permitted.
Global Objects & DOM-Like APIs
globalThiswindowselfframesparenttopdocument
ℹ️ There is no DOM, browser, or global scope access.
Timers & Scheduling
setTimeout,setInterval,setImmediateclearTimeout,clearInterval,clearImmediatequeueMicrotask
⏱ Strategies are event-driven and executed automatically — manual scheduling is not allowed.
Crypto, Performance & Parallelism
cryptoperformancestructuredCloneAtomicsSharedArrayBuffer
Reflection & Obfuscation
ReflectProxy
Node.js / Deno Environment
processrequiremoduleexportsDeno
❌ This is not a Node.js or Deno runtime.
Encoding / Decoding
atobbtoa
User Interaction & Debugging
alertconfirmpromptconsoleIntlFinalizationRegistryWeakRef
🛑 Logging, dialogs, locale detection, and memory introspection are intentionally disabled.
✅ What You Can Use
Instead of the blocked APIs, always rely on:
Market data:
$.PriceTrading actions:
$.Strategy.action(...)Persistent state:
$.Storage.get()/$.Storage.set()HTTP requests:
$.Http.get()/$.Http.post()
These are the only supported interfaces for interacting with the outside world.
⚠️ Important Notes
Forbidden identifiers cannot be used anywhere:
Not in variables
Not in functions
Not in comments
Not via aliases
Not via destructuring
Even unused references may cause execution failure
Violations may result in temporary strategy suspension
Last updated