fxyz

Appearance

Connecting Hyperliquid

Hyperliquid's model is the cleanest of the three because the venue itself separates trading from withdrawal at the protocol level.

How it works

Hyperliquid lets you authorize a second address — an "agent" — to sign trades on your behalf. You authorize it on-chain with your main wallet. After that, the agent can place, modify, and cancel orders. It cannot withdraw, transfer USDC, or change account settings. Those still require a signature from your main wallet.

fxyz uses that mechanism to set up a trade-only agent for itself.

What you'll see

  1. In fxyz, open the Settings panel and click Connect Hyperliquid (or click the Hyperliquid connect card on the trade page).
  2. fxyz generates a fresh agent keypair for you in the browser.
  3. Your wallet pops up asking you to sign an approveAgent message, on Arbitrum. (Arbitrum is the chain Hyperliquid validates signatures against. fxyz switches your wallet there and switches back after.) The message names the agent address and the slot name fxyz. Read it before signing.
  4. fxyz submits the signature to Hyperliquid. The venue records the agent as authorized.
  5. The agent's private key is then stored on fxyz's side, encrypted, never exposed to your browser again.

You'll see "Connected" next to Hyperliquid. Anything you build can now trade on your HL account.

Disconnecting

Click Disconnect Hyperliquid. fxyz asks you to sign one more message — this one rotates the fxyz slot to the all-zeros address. From that moment on, the venue itself stops accepting trades from the slot. Revocation isn't "we promise to forget the key" — it's the protocol turning the key off.

What the venue itself enforces

Withdrawals, transfers, and account-setting changes on Hyperliquid require your main wallet — the one you trade with on Hyperliquid's own UI. fxyz never holds that wallet, never sees it, and has no way to ask for it. The agent credential fxyz uses is, by Hyperliquid's own protocol rules, trading-only, with no exceptions, no overrides, no admin path. The HL contract itself refuses any withdraw signed by it.

See Security for the full picture of how the agent credential itself is fortified.

Funds stay on the exchange. fxyz can trade, never withdraw.