Scenario: A crypto exchange in the EU wants to launch an autonomous trading bot that executes algorithmic trades 24/7, stays within regulatory limits, and generates audit trails that regulators can verify.
Challenge: How do you prove the bot stayed within scope? How do you show regulators the bot wasn't being manipulated?
Solution: Use Kakunin runtime binding + behavioral profiling (KYA).
The Setup
Exchange: CryptoEX AG (licensed in Switzerland, operates in EU)
Bot: algo_trader_v2 (proprietary algorithm)
Scope:
Markets: EUR/USD, GBP/EUR (liquid pairs only)
Max trade size: €25,000 (MiCA requires individual trade limits)
Max daily volume: €500,000
Trading hours: 08:00–17:00 UTC (business hours only, no weekend trading)
Regions: eu-west-1 (AWS Ireland, GDPR-compliant)
Deployment: Kubernetes cluster running Kakunin agent framework.
Week 1: Binding Agent Identity
Day 1: Board resolution "CryptoEX AG authorizes deployment of algo_trader_v2 with scope: EUR/USD + GBP/EUR, max €25K trades"
Day 2: Kakunin issues X.509 certificate containing: Agent name: algo_trader_v2, Public key: used to verify signatures, Scope: {maxTradeSize: 25000, markets: [...]}, Serial number: F1D4E8C7B2A9F3E6, Issuer: Kakunin Root CA, Valid: 365 days
Day 3: Agent deployed to Kubernetes receiving certificate, private key stays in AWS KMS (not exposed), every trade will be signed with this identity
Week 2–3: Establishing Behavioral Baseline
Agent runs for 14 days. System observes:
Median trade size: €18,500
Trade frequency: 6 trades/hour (48/day)
Preferred markets: 73% EUR/USD, 27% GBP/EUR
Peak time: 10:00–12:00 UTC
Typical counterparties: CoinEx, Kraken, Binance
Success rate: 99.2% (occasional network timeouts)
System locks in baseline. This becomes the reference for anomaly detection.
Week 4: Production Deployment
May 15, 09:00 UTC: Bot goes live with locked baseline.
First 7 days: Normal Operations
Trade 1: 09:15 UTC, EUR/USD, BUY €20,000 ✓ Allowed (Certificate valid, Signature verified, Size €20K < scope €25K, Matches baseline, Time 09:15 in trading hours)
Trade 2: 10:45 UTC, GBP/EUR, SELL €15,000 ✓ Allowed (All checks pass, Anomaly score: 0.08 very low)
[... 320 trades over 7 days ...] All trades logged. Signatures verified. Baseline respected.
May 22: Incident — Bot Tries to Exceed Scope
10:30 UTC: Market opportunity detected. Algorithm decides to make a large trade.
Trade 321: EUR/USD, BUY €180,000 ❌ BLOCKED
Reason: Exceeds scope limit (€25,000)
What happened:
1. Agent signed the trade with its certificate
2. Signing service checked: Certificate valid? YES. Signature valid? YES. Trade size €180K vs. scope €25K? EXCEEDS. Anomaly score: 0.92 (CRITICAL)
3. Pre-trade control rejected it immediately
4. Trade never sent to exchange
5. Alert issued to exchange operations team
Exchange operations investigates: Check market conditions (Normal, no extreme volatility), Check algorithm logs (Algorithm made a legitimate calculation, just exceeded scope), Check for breach (No evidence of unauthorized access), Conclusion (Bug or logic error in algorithm, not a security incident)
Exchange CTO ACKs the warning: No action taken. Grace period elapsed. Certificate revocation scheduled.
May 23: Revocation & Recovery
11:00 UTC: Original certificate revoked. Agent stops trading immediately.
Trade 322 attempt: EUR/USD, BUY €22,000 ❌ BLOCKED
Reason: Certificate revoked
Exchange deploys replacement agent: New certificate issued, Baseline inherited from original, Scope remains the same, All subsequent trades signed with new cert
Audit Trail: 7 Days Later
May 30: Swiss regulator (FINMA) asks: "Can you prove this bot stayed within scope?"
Exchange response: Hand over complete audit trail.
Audit trail includes: agent_id: algo_trader_v2, agent_certificate_serial: F1D4E8C7B2A9F3E6, issuer: Kakunin Root CA, period: 2026-05-15 to 2026-05-30, total_trades: 1021, trades_allowed: 1020, trades_blocked: 1, reason_blocked: Exceeds scope limit
Regulator verification: 1. Verify certificate signature (Kakunin Root CA public key) ✓, 2. Verify at least 1000 trade signatures using agent's public key ✓, 3. Confirm scope policy matches board resolution ✓, 4. Confirm no trades exceeded scope limits ✓, 5. Confirm 1 trade was blocked for exceeding scope ✓, 6. Confirm baseline was properly established ✓, 7. Check incident response procedure ✓
Conclusion: Bot operated within scope. Pre-trade controls worked. Regulatory approval: GRANTED
What Made This Possible
1. Cryptographic Identity
X.509 certificate issued by trusted third party (Kakunin)
Agent signs every trade
Regulator can verify signatures without trusting the exchange
2. Documented Scope Policy
Board resolution specifies exact limits
Certificate contains these limits
Pre-trade controls enforce them
Evidence that rules were set before the bot ran
3. Behavioral Profiling
14-day baseline established before production
Anomaly detection caught the €180K trade immediately
Baseline proves normal trading pattern
4. Immutable Audit Log
Every trade logged with signature
Cannot be altered or deleted
Complete historical record for regulators
5. Automatic Enforcement
Pre-trade control blocked scope violation in milliseconds
No human could bypass the rules
Grace period allows investigation, but default is enforce
The Regulatory Advantage
Before (traditional bot): Exchange says: "We logged the trades. Trust us." Regulator says: "How do I know you didn't change the logs?" Exchange says: "We have internal controls..." Regulator says: "That's not good enough. Show us cryptographic proof."
After (Kakunin runtime binding): Exchange says: "Here's the certificate chain, here are all 1021 signatures, here's the baseline. Verify it yourself." Regulator uses free tools to verify signatures. Regulator confirms scope policy was enforced. Regulator approves the bot.
Key Metrics from This Deployment
Trades executed: 1,020
Trades blocked: 1
Median trade size: €18,500
Max allowed: €25,000
Incidents: 1 (scope exceeded)
Time to block: 47ms (pre-trade control)
Time to revoke cert: 5 min (grace period)
Regulatory approval: ✓ Granted in 48 hours
Lessons
1. Baseline matters. Establish normal behavior before going live. It's your anomaly detection.
2. Pre-trade controls work. The bot tried to break scope; the system caught it before the exchange even saw the trade.
3. Cryptographic proof is strong. Regulator verified 1000+ signatures without needing to trust the exchange's infrastructure.
4. Grace periods are valuable. When anomalies happen, give operators time to investigate (not everything is a breach).
5. Revocation is fast. From alert to certificate revoked = 5 minutes. From revoked to recovery bot live = 1 hour.
Next Steps
1. Read the MiCA compliance guide
2. Follow the quickstart
3. Get regulatory approval