read this before you give Mentat a key.

Mentat trades on live markets across seven chains. Trades can lose money — through bad signals, slippage, oracle failures, MEV, exchange outages, or your own configuration error. The bot does not stop you from making bad decisions, only from making unauthorised ones.

Run paper-mode first. Run small live first. Treat any size you put on this stack as money you can afford to lose.

Mentat holds your private keys in a Fernet-encrypted vault on the machine you choose to run it on. The encryption key lives outside the repo as a single file. If that file is exposed — laptop stolen, VPS compromised, backup uploaded somewhere — your wallets can be drained.

You are the operator. You set the host, the firewall, the SSH keys, the backups. Mentat is software, not a custodian. There is no insurance, no claims process, no "forgot password" flow.

Mentat's self-modification subsystem can write new tools and scaffold new deputies. It runs them in a Docker sandbox first, then proposes a diff for your review before applying. Triple-layer rollback (git, filesystem snapshot, DB diff) catches most failures. It does not catch all of them.

Treat every self-modification proposal as adversarial code. Read the diff. Run the tests. Be willing to roll back.

Every live action surfaces a yes/no/"I accept the risk" dialog before it fires. The gate is enforced in Python on the same machine the bot runs on. If that machine is compromised, the gate can be bypassed. The gate protects against bot mistakes, not against an attacker with shell access.

Mentat relies on external infrastructure: Anthropic (Claude), NEAR AI Cloud, Helius, Alchemy, Hyperliquid, Telegram, the chains themselves. Any of these going down can cause Mentat to misbehave: stale data, stuck orders, partial fills, missed alerts. Plan for it.

Nothing on this site or output by Mentat is investment advice, tax advice, or legal advice. Mentat is provided "as is" with no warranty of merchantability or fitness for any purpose. League One curriculum is educational only.

You are responsible for understanding your own jurisdiction's rules on derivatives, swaps, perpetuals, staking, and custody. If you can't legally hold a perpetual contract where you live, Mentat will not stop you from doing so — and the consequences are yours.

Mentat Public stores your email, password hash, Telegram chat link, and curriculum progress. Mentat Private operators connect via a shared deck key — we don't have your address book or your wallet history; the bot does, on the machine you run it on.

See /privacy for the long form.

League One: log in, delete account from the dashboard. We purge the row, the chat history, and the Telegram link.

Mentat Private: stop the systemd unit, withdraw funds from each wallet, rotate the encryption key, archive or wipe the box. The bot is one Python process and one SQLite file. There is nothing else to unwind.