QuantPilot is an AI-native quantitative trading platform built as a TypeScript monorepo. It combines a web operator console, an API gateway, background workers, shared control-plane runtimes, and workflow orchestration for research, execution, risk, scheduling, incidents, and controlled agent collaboration.
QuantPilot is not a production live-trading system. It is a platform skeleton and operating surface for controlled quantitative trading workflows, not an unattended trading bot.
| Category | Technology |
|---|---|
| Language | TypeScript 5 (TypeScript-first first-party source; no new JavaScript source files in apps, packages, or scripts) |
| Frontend | React 18 + react-router-dom 6 |
| Build | Vite 5 |
| Styling | vanilla-extract |
| Backend | Node.js ESM + tsx |
| Testing | Vitest + node --test |
| Package Manager | npm workspaces |
- A multi-workbench web console for dashboard, market, strategy, backtest, risk, execution, trading terminal, agent, notifications, and settings workflows
- An API gateway for account, auth, research, execution, risk, scheduler, incident, operations, market data, SSE push, and agent contracts
- Background workers for notification dispatch, risk scans, scheduler ticks, workflow maintenance, monitoring scans, queued workflow execution, and agent daily run operational loops
- Shared runtime packages for trading logic, control-plane fanout, workflow execution, and frontend/backend type contracts
- Control-plane persistence with
fileanddbadapter foundations — thedbadapter is backed by SQLite (WAL mode) viabetter-sqlite3, with maintenance tooling, schema manifests, and migration contracts - Event-driven backtest engine producing real Sharpe, max drawdown, and win-rate metrics
- Risk analytics layer computing Historical VaR, CVaR, Beta, and HHI concentration on live portfolio snapshots
- Optional Hono API gateway layer (
USE_HONO=true) with CORS, structured logging, and request timing - JWT authentication (
jose) and AES-256-GCM broker API key encryption for credentials at rest - Server-Sent Events push for live state updates, reducing polling to a 15-second fallback
- Verification baselines that protect closed roadmap contracts across platform, research, execution, risk, scheduler, agent, and production-readiness surfaces
QuantPilot is designed around four platform-level operating loops:
- Research loop: strategy catalog, backtest runs, evaluations, reports, governance, and execution handoff
- Execution loop: execution plans, broker-event ingestion, reconciliation, compensation, recovery, and incident linkage
- Middleware loop: risk workbench, scheduler workbench, linkage context, reviewed actions, and control-plane fanout
- Agent loop: prompt, intent, plan, read-only analysis, explanation, controlled handoff, approval, downstream workflow routing, and daily run operational cycles (pre-market brief, intraday monitor, post-market recap)
The platform also includes account scope, workspace-aware permissions, monitoring, incident response, maintenance tooling, and deployment-facing verification.
The operator-facing console for workflows, review queues, workbenches, and settings.
Primary locations:
apps/webapps/web/src/appapps/web/src/pagesapps/web/src/modulesapps/web/src/storeapps/web/src/components/charts— lightweight-charts v5 components (EquityChart, SignalBarChart, CandlestickChart)apps/web/src/components/command-palette— globalCmd+Kfuzzy-search command paletteapps/web/src/components/approval-drawer— fixed bottom drawer for pending live order approvalsapps/web/src/components/toast— toast notification system (ToastProvider/useToast)apps/web/src/hooks— useOhlcvData, useSSE
The API and orchestration layer for platform contracts, auth, workflow routing, domain services, and control-plane assembly.
Primary locations:
apps/apiapps/api/src/appapps/api/src/app/routes/hono— optional Hono router layerapps/api/src/domainsapps/api/src/modulesapps/api/src/modules/auth— JWT service, broker key encryptionapps/api/src/modules/sse— SSE connection managerpackages/control-plane-runtimepackages/llm-provider— provider-agnostic LLM abstraction (Claude, OpenAI) used by agent services
Persistence, repository contracts, adapter abstractions, and low-level storage utilities.
Primary locations:
packages/control-plane-storepackages/db— includes SQLite adapter (sqlite-adapter.ts) and Drizzle schemapackages/shared-types
Strategy registration, backtesting, evaluation, comparison, and governance.
Primary locations:
packages/trading-engine/src/strategypackages/trading-engine/src/backtest— event-driven backtest engineapps/api/src/domains/strategyapps/api/src/domains/backtestapps/api/src/modules/strategyapps/api/src/modules/backtest
Controlled collaboration workflows for session, intent, planning, analysis, explanation, and action handoff.
Primary locations:
apps/web/src/modules/agentapps/api/src/domains/agentapps/api/src/modules/agent
Risk review, approval boundaries, policy actions, risk analytics, and shared risk/scheduler middleware context.
Primary locations:
packages/trading-engine/src/risk— Historical VaR, CVaR, Beta, HHI calculatorsapps/api/src/domains/riskapps/api/src/modules/riskapps/worker/src/tasks/risk-scan-task.ts
Execution preparation, broker integration, lifecycle transitions, reconciliation, recovery, and compensation.
Primary locations:
packages/trading-engine/src/executionapps/api/src/domains/executionapps/api/src/modules/executionapps/api/src/gateways/alpaca.ts
quantpilot/
├── apps/
│ ├── api/
│ ├── web/
│ └── worker/
├── packages/
│ ├── control-plane-runtime/
│ ├── control-plane-store/
│ ├── db/
│ ├── llm-provider/
│ ├── shared-types/
│ ├── task-workflow-engine/
│ └── trading-engine/
├── docs/
├── scripts/
├── package.json
└── tsconfig.base.json
- Strategy catalog with research context
- Backtest runs, result versions, evaluations, and reports
- Event-driven daily-frequency backtest engine with real Sharpe, max drawdown, win-rate, and turnover metrics
- Governance actions, baselines, champions, comparison, and replay
- Structured handoff from research into execution preparation
- Execution plans, runtime events, broker-event ingestion, and account snapshots
- Lifecycle progression through approval, submission, reconciliation, recovery, and compensation
- Queue-oriented execution operations console with incident linkage
- Trading terminal with BUY/SELL order submission wired to the execution candidate handoff flow
- Unified risk workbench and scheduler workbench snapshots
- Shared risk/scheduler linkage context
- Reviewed middleware actions that write audit, notifications, and incident-aware control-plane state
- Risk analytics on live positions: Historical VaR (95%), CVaR (95%), Beta, and HHI concentration index
GET /api/market/ohlcvendpoint for OHLCV bar history (Alpaca-backed or deterministic simulation)- lightweight-charts v5 components replacing hand-drawn Canvas: EquityChart, SignalBarChart, CandlestickChart
useOhlcvDatahook for symbol/timeframe-driven chart data with automatic refetch
- Persisted
session / intent / plan / analysis run / action request / daily runcontracts - Backend-driven workbench aggregation with AI daily summary card on the Dashboard
- Controlled action handoffs that stay inside approval and risk boundaries
- Daily run operational loop: pre-market brief, intraday monitoring with authority downgrade, and post-market recap with authority reset
- Ask-first queue for agent-initiated actions: trim, exit, cancel, and risk-reduce
GET /api/sse/stateServer-Sent Events endpoint for live state updatesuseSSEhook with exponential-backoff reconnect- Frontend polling drops to 15-second fallback while SSE connection is alive
POST /api/auth/loginendpoint issuing HS256 JWT tokens (8-hour expiry,jose)- Optional Bearer token validation in
getSession— backward compatible with the existing static session - AES-256-GCM encryption for broker API keys at rest (
BROKER_KEY_ENCRYPTION_KEY) - API key masked to last 4 characters on all read endpoints
- Monitoring snapshots, alerts, incidents, audit trail, operator actions, and workflow history
- Workspace-aware account scope and access policy resolution
- Backup, restore dry-run, integrity checks, repair tooling, and persistence posture visibility
- SQLite WAL storage for the embedded control-plane DB (replaces flat-file JSON in
dbadapter) - Optional Hono gateway layer (
USE_HONO=true) with CORS, request logging, and timing middleware
- Node.js 20+
- npm 10+
npm installnpm run dev
npm run gateway
npm run workerDefault local ports:
- Web:
http://127.0.0.1:8080 - API:
http://127.0.0.1:8787
Before starting a real gateway profile, validate the runtime configuration:
npm run check:runtime-env -- --env-file .envThis validates supported storage adapters, provider combinations, and required environment variables. The checked template lives in .env.example.
Key environment variables added in the platform upgrade:
| Variable | Purpose | Default |
|---|---|---|
JWT_SECRET |
HS256 signing key for issued tokens (min 32 chars) | dev-secret-change-in-prod |
BROKER_KEY_ENCRYPTION_KEY |
64-char hex key (32 bytes) for AES-256-GCM broker key encryption | 000...0 (dev only) |
DEMO_USERNAME / DEMO_PASSWORD |
Credentials for POST /api/auth/login |
admin / changeme |
USE_HONO |
Set true to start the Hono gateway instead of the native HTTP server |
unset |
npm run check:runtime-env
npm run test:control-plane
npm run test:runtime
npm run test:engine
npm run test:api
npm run test:worker
npm run test:web
npm run typecheck
npm run build
npm run verifyAfter dependency installation, repository git hooks are automatically pointed at .githooks. The default pre-push hook runs npm run verify before a push.
npm run verify runs:
- Workspace integrity checks
- Lockfile sync checks
- Documentation consistency checks
- Runtime environment checks
- Lint (Biome)
- Control-plane tests
- Runtime tests
- Workflow-engine tests
- API tests
- Worker tests
- Web tests
- Web typecheck
- Production web build
Primary operator and deployment documentation:
- Contributing Guide
- Operations Handbook
- Deployment Guide
- Control-Plane Migration Runbook
- Project Structure
Persistence and maintenance tooling supports:
- Backup export
- Restore dry runs
- Integrity checks
- Workflow retry repair
- Persistence status and migration posture inspection
The staged delivery roadmap is closed. The stage documents remain as architecture history and contract references:
- Stage 1 Closeout
- Stage 2 Closeout
- Stage 3 Closeout
- Stage 4 Closeout
- Stage 5 Closeout
- Stage 6 Closeout
- Stage 7 Closeout
These documents define the closed capability boundaries and the baseline expectations still enforced by verify.
apps/web/src/app/App.tsxapps/web/src/pages/console/DashboardConsole.tsxapps/web/src/store/trading-system/TradingSystemProvider.tsxapps/api/src/main.tsapps/api/src/app/index.tsapps/worker/src/main.tspackages/trading-engine/src/runtime.tspackages/trading-engine/src/backtest/index.tspackages/control-plane-runtime/src/index.tspackages/control-plane-store/src/index.tspackages/task-workflow-engine/src/index.ts
- The browser must not hold real broker credentials
- Remote order placement must go through the server gateway
- Agents must not place real trades directly
- Risk and approval controls must not be bypassed by frontend, agent, or execution code
- The current repository should not be treated as a production unattended live-trading deployment