01
Lieston is a trading terminal for decentralized exchanges. It runs as a desktop application on your machine, holds your keys locally, and executes conditional orders on Base and Solana.
It is an execution layer, not a decision layer. You define the rules: entry prices, take-profit, stop-loss, budgets. The terminal watches the market and carries them out deterministically. No AI proposes trades, no server sits between you and the chain.
Everything below describes what the software actually does. Where a behavior has a limit, the limit is stated.
02
Lieston is an Electron desktop application. All order monitoring runs in a single loop inside the app, started when you unlock your wallet and stopped when you lock it or quit.
While the app is open but locked, public price data keeps updating, so charts and rolling history stay fresh. No order can trigger or execute in that state. While the app is closed, nothing runs at all.
Executed trades appear in the Activity tab. The engine also streams its log into the app as it works. If you set up a Telegram bot, the terminal notifies you on buy fills, sells, cancelled auto-buys, and startup reconciliation. Notifications are optional and never required for trading.
Live PnL is execution-based. For each open position the terminal fetches a real sell quote for your full holding and compares it to what you actually spent, in native terms. It is the number you would get, not a chart price.
03
Order types today:
Limit buy and dip buy. Price-triggered entries. Buy rules are one-shot: when a rule fires, it is cleared before anything executes, so it cannot fire twice.
Take-profit and stop-loss. Percent thresholds against your entry price. You can arm either one or both; whichever is hit first executes. The sell size is configurable, full exit by default. Near a threshold the terminal switches from chart price to a live execution quote, so the trigger reflects what you would actually receive.
Flash-crash exit. A separate rule that reacts to a sharp drop within a recent window rather than your entry price. It is evaluated before take-profit and stop-loss.
Buys and sells fail differently on purpose. A buy that cannot be funded is cancelled and stays cancelled. A sell that fails, because of a route error, gas, or a refused swap, stays armed and retries every cycle. Protecting an open position is treated as more important than retrying an entry.
04
Most terminals give one order one budget. Lieston lets several buy orders share one budget: the native balance of your wallet on that chain.
How it works: every armed buy draws from the same live balance. When a rule fires, the terminal reads the spendable balance at that moment. If the funds are there, the buy executes and the balance every other order sees shrinks accordingly. If a later entry triggers and the budget is no longer enough, that entry cancels itself, permanently, and you get notified.
This means cancellation happens at each order's own trigger, not at the winner's fill. It also means that if your balance genuinely covers two entries, both fill. The budget is the constraint, not an arbitrary one-cancels-others lock. Fired buys execute one at a time against a live balance read, so two orders can never spend the same funds.
A gas reserve is excluded from the spendable budget up front, so a winning fill cannot leave you unable to pay for the next transaction.
Budgets are per chain. ETH on Base is one budget, SOL on Solana is another. Entries cannot share funds across chains.
05
Each chain is an adapter behind the same engine. The rules, the watcher, and the order logic are chain-blind; only execution differs.
Base. Routing through 0x. EIP-1559 fees, where the faster modes target a fixed gas budget in USD terms. The terminal refuses tokens with a transfer tax above 1%, a common honeypot pattern. Confirmation waits for the mined receipt.
Solana. Routing through Jupiter, no API key needed. Priority fees are capped per mode. Swaps with more than 30% price impact are refused. Confirmation waits for the "confirmed" commitment.
Both chains share the same slippage tiers by mode and both keep a fee reserve out of your spendable balance.
You bring your own RPC endpoints: an Alchemy URL for Base and a Helius URL for Solana, plus a free 0x API key for Base routing. The app tells you exactly which one is missing and where to get it.
06
Your wallet is a BIP39 mnemonic, 12 or 24 words, generated on your machine. One phrase derives both chains using the standard paths that MetaMask and Phantom use, so the same words restore your accounts in either wallet. You are not locked into Lieston.
The keystore is encrypted with argon2id (64 MiB memory, 3 iterations) deriving a key for AES-256-GCM. The encrypted file lives in your local app data. The KDF parameters are stored in the file itself, so they can be strengthened later without breaking old keystores.
When you unlock, keys are decrypted into memory inside a single signing boundary and nowhere else. They are never written to disk unencrypted. Locking the wallet clears the key material and stops the order engine.
Two honest limits. First, your session passphrase stays in memory while unlocked, because saving API keys re-encrypts the secrets store. It is cleared on lock and on quit. Second, memory zeroization in a garbage-collected runtime is best-effort by nature. The claim we stand behind is precise: keys are decrypted only in memory and never touch disk in the clear.
Everything on this page is checkable. The code goes public before the first build ships. Read it before you trust it.
08
Nothing runs. Orders are evaluated only while the app is open and your wallet is unlocked. Armed rules survive in the local database and resume when you unlock again. If a threshold was crossed while you were away, the rule acts after unlock, at whatever the price then is.
In an encrypted file on your machine, protected by argon2id and AES-256-GCM. Decrypted key material exists only in memory while the wallet is unlocked. Nothing key-related ever leaves your computer.
Because there is no Lieston server. The app talks to the chain through endpoints you own: your RPC URLs, your 0x key. Shipping shared keys inside an open-source app would be both insecure and pointless, and routing your traffic through us would defeat the point. Your usage stays yours.
Yes. The wallet is a standard BIP39 mnemonic using the default derivation paths of both. The same words restore your Base account in MetaMask and your Solana account in Phantom. You own the seed, not us.
No. There is no backend, no analytics on your trading, no account. Transactions go from your machine to your RPC provider to the chain. The only outbound messages the app sends on your behalf are the Telegram notifications you configure yourself.
Yes, AGPL-3.0. The repository goes public before the first downloadable build ships, so you can read the exact code you would run before running it.
It stays armed and retries every cycle. A failed take-profit or stop-loss is never silently dropped, because protecting an open position matters more than a clean log. The one exception is a zero token balance, which clears the rule since there is nothing left to sell.
Yes, if your balance covers both. The shared budget is the real constraint. Orders cancel themselves only when they trigger and the funds are no longer there. What can never happen is two orders spending the same funds.