# π€ Crypto Trading Bot System
A professional, production-ready cryptocurrency trading bot platform with automated signal generation, Telegram integration, role-based access control, SIEM security monitoring, and subscription management.
## π Table of Contents
- [Overview](#overview)
- [Features](#features)
- [System Architecture](#system-architecture)
- [Installation](#installation)
- [Configuration](#configuration)
- [Database Setup](#database-setup)
- [Running the Application](#running-the-application)
- [API Documentation](#api-documentation)
- [User Guide](#user-guide)
- [Admin Guide](#admin-guide)
- [Security Features](#security-features)
- [Trading Engine](#trading-engine)
- [Telegram Bot Setup](#telegram-bot-setup)
- [Email Configuration](#email-configuration)
- [Troubleshooting](#troubleshooting)
- [Deployment](#deployment)
- [License](#license)
## π Overview
Crypto Trading Bot is a comprehensive automated trading signal platform that:
- **Analyzes** market data using technical indicators (RSI, EMA, MACD)
- **Generates** trading signals based on predefined strategies
- **Delivers** instant alerts via Telegram and Email
- **Manages** users with role-based access control (RBAC)
- **Monitors** security with built-in SIEM system
- **Tracks** all admin actions with complete audit logs
### System Capabilities
| Feature | Description |
|---------|-------------|
| **Manual Signals** | Admin creates signals, bot monitors and executes |
| **Auto Signals** | Bot generates signals using technical analysis |
| **Real-time Delivery** | Telegram alerts in < 1 second |
| **User Management** | Complete CRUD with role management |
| **Security** | 2FA, SIEM, audit logging, brute force protection |
| **Monetization** | Subscription plans with discount codes |
## β¨ Features
### π Authentication & Security
- β
User registration with email verification
- β
Login with 365-day persistent sessions
- β
Two-Factor Authentication (2FA) via Google Authenticator
- β
Password reset with email tokens
- β
Role-Based Access Control (RBAC)
- β
Session management with automatic timeout
- β
Brute force protection
### π Trading Engine
- β
Real-time market data from Binance API
- β
Technical indicators: RSI, EMA, MACD
- β
Dual signal modes: Manual & Automated
- β
Conditional signal execution
- β
Stop Loss & Take Profit support
- β
Signal history tracking
### π€ Telegram Integration
- β
Instant signal delivery to Telegram
- β
Bot commands: /start, /help, /signals, /status
- β
Account linking via verification codes
- β
Inline keyboard buttons for easy navigation
- β
Group and individual notifications
### π₯ User Management
- β
User registration and profiles
- β
Subscription plans (Demo, Basic)
- β
Demo mode (5 days free)
- β
Payment processing integration
- β
Discount code system
- β
Email notifications
### π Admin Panel
- β
Admin dashboard with statistics
- β
User management (block/unblock, role change)
- β
Signal management (create, delete, monitor)
- β
Trading pair management
- β
Payment overview
- β
Activity logs viewer
- β
SIEM security events monitoring
### π SIEM Security System
- β
Real-time security monitoring
- β
Brute force detection
- β
Suspicious activity alerts
- β
Admin action logging
- β
IP address tracking
- β
Security event dashboard
## ποΈ System Architecture
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β PRESENTATION LAYER β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β β β HTML5 β β CSS3 β β JS β β Bootstrapβ β β β Jinja2 β β Custom β β AJAX β β 5 β β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β APPLICATION LAYER (Flask) β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β β β Auth β β Users β β Trading β β Admin β β β β Module β β Module β β Module β β Module β β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β β β Payments β β Bot β β Logs β β SIEM β β β β Module β β Module β β Module β β Module β β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β DATA LAYER (SQLite) β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β β β Users β β Trades β β Payments β β Logs β β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β EXTERNAL SERVICES β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β β β Binance β βTelegram β β Gmail β β Finnhub β β β β API β β Bot β β SMTP β β API β β β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
## π» Installation
### Prerequisites
```bash
# System Requirements
- Python 3.8 or higher
- SQLite3 (built-in with Python)
- 1GB RAM minimum
- 500MB disk space
- Internet connection for API access
# Create project directory
mkdir CryptoBotSystem
cd CryptoBotSystem
# Create virtual environment
python -m venv venv
# Activate virtual environment
# Windows:
venv\Scripts\activate
# Linux/Mac:
source venv/bin/activateCreate requirements.txt:
Flask==2.3.3
Flask-SQLAlchemy==3.0.5
Flask-Login==0.6.2
python-dotenv==1.0.0
requests==2.31.0
python-telegram-bot==20.6
pandas==2.0.3
numpy==1.24.3
bcrypt==4.0.1
pyotp==2.9.0
email-validator==2.0.0
schedule==1.2.0Install:
pip install -r requirements.txt# Create all directories
mkdir -p config database auth users trading bot payments logs admin utils
mkdir -p templates templates/admin templates/includes
mkdir -p static/css static/js static/images
mkdir -p instance backups
# Create empty __init__.py files
touch config/__init__.py database/__init__.py auth/__init__.py
touch users/__init__.py trading/__init__.py bot/__init__.py
touch payments/__init__.py logs/__init__.py admin/__init__.py
touch utils/__init__.pyCreate .env file in root directory:
# Flask Configuration
SECRET_KEY=your-super-secret-key-change-this-to-random-string
FLASK_ENV=production
FLASK_DEBUG=False
# Database
DATABASE_URL=sqlite:///crypto_bot.db
# Email Configuration (Gmail)
EMAIL_HOST=smtp.gmail.com
EMAIL_PORT=587
EMAIL_USER=your-email@gmail.com
EMAIL_PASSWORD=your-app-specific-password
# Telegram Bot
TELEGRAM_BOT_TOKEN=1234567890:ABCdefGHIjklMNOpqrsTUVwxyz
# Binance API (Optional, for live data)
BINANCE_API_KEY=your-binance-api-key
BINANCE_API_SECRET=your-binance-api-secret
# Session Configuration
SESSION_COOKIE_DAYS=365
SESSION_COOKIE_SECURE=True
SESSION_COOKIE_HTTPONLY=True# Run this in Python to generate a secure key
python -c "import secrets; print(secrets.token_hex(32))"- Enable 2FA on your Google account
- Generate App Password:
- Go to Google Account β Security
- App Passwords β Select "Mail" and "Other"
- Copy the 16-character password
- Use this in
EMAIL_PASSWORD
# Run the database creation script
python create_database.pyThis will create:
- 10 tables with all relationships
- 35+ indexes for performance
- Default admin user
- Sample trading pairs
- Demo data
Tables:
βββ users # User accounts and profiles
βββ trades # Trading signals
βββ trading_pairs # Supported trading pairs
βββ subscriptions # User subscriptions
βββ payments # Payment transactions
βββ discount_codes # Promotional codes
βββ admin_logs # Admin audit trail
βββ security_events # SIEM security events
βββ signal_history # Signal delivery records
βββ password_reset_tokens # Password reset tokens
# Set environment
export FLASK_APP=app.py
export FLASK_ENV=development
# Run the application
python app.py# Install gunicorn
pip install gunicorn
# Run with gunicorn
gunicorn --workers 4 --bind 0.0.0.0:5000 app:app# Install waitress
pip install waitress
# Run with waitress
waitress-serve --port=5000 app:appWeb Interface: http://localhost:5000
Default Admin: admin@cryptobot.com / Admin123!
| Endpoint | Method | Description |
|---|---|---|
/register |
POST | Create new user account |
/login |
POST | Authenticate user |
/logout |
GET | Logout user |
/verify-2fa |
POST | Verify 2FA code |
/forgot-password |
POST | Request password reset |
/reset-password/<token> |
POST | Reset password |
| Endpoint | Method | Description |
|---|---|---|
/api/market-data/<pair> |
GET | Get live market data |
/api/check-signals |
GET | Check and execute signals |
/api/user/signals |
GET | Get user's signal history |
/signals |
GET | View all signals |
| Endpoint | Method | Description |
|---|---|---|
/admin |
GET | Admin dashboard |
/admin/users |
GET | User management |
/admin/users/<id>/block |
POST | Block user |
/admin/trades |
GET | Trade management |
/admin/trades/create |
POST | Create signal |
/admin/pairs |
GET | Pair management |
/admin/logs |
GET | View activity logs |
- Navigate to
http://localhost:5000/register - Fill in username, email, and password
- Click "Register"
- Login with your credentials
- Go to Account Settings
- Click "Enable 2FA"
- Scan QR code with Google Authenticator
- Enter verification code to confirm
- Start a chat with your bot:
@YourBotUsername - Send
/start - Go to Account Settings β Get verification code
- Send
/link YOUR_CODEto the bot
- Go to Dashboard
- Scroll to "Subscription Section"
- Choose Demo (free 5 days) or Basic ($5/month)
- Enter discount code (optional)
- Complete payment
- Telegram: Instant notifications when signals trigger
- Email: Optional email alerts
- Dashboard: View signal history
URL: http://localhost:5000/login
Email: admin@cryptobot.com
Password: Admin123!
- Login as Admin
- Go to Admin Panel β Manage Trades
- Fill in:
- Trading Pair (e.g., BTC/USDT)
- Signal Type (BUY/SELL)
- Entry Condition (e.g., "RSI < 30 AND EMA crossover")
- Take Profit price
- Stop Loss price
- Click "Create Signal"
# Simple conditions
"RSI < 30"
"RSI > 70"
"EMA crossover"
# Complex conditions
"RSI < 30 AND EMA crossover AND MACD bullish"
"RSI > 70 AND bearish divergence"
# Price-based
"price > 65000 AND volume > 1000"- Go to Admin Panel β Users
- View all registered users
- Block/Unblock users
- Change user roles (Super Admin only)
- Go to Admin Panel β Security Events
- View real-time security monitoring
- Filter by severity (info/warning/critical)
- Investigate suspicious activity
# Users must set up 2FA in account settings
# Login flow:
1. Enter email/password
2. Verify 6-digit code from authenticator
3. Access granted# Detects:
- Brute force attacks (5+ failed attempts)
- Suspicious admin activity (10+ actions in 5 min)
- Abnormal trading patterns (20+ trades/hour)
- API failures and system errors# Every admin action is logged:
- Who performed the action
- What action was taken
- When it happened
- IP address and user agent# Passwords are:
- Hashed using bcrypt (12 rounds)
- Never stored in plain text
- Minimum 8 characters
- Must contain uppercase, lowercase, numbers# Oversold: RSI < 30 β BUY signal
# Overbought: RSI > 70 β SELL signal# Bullish: EMA 20 crosses above EMA 50 β BUY
# Bearish: EMA 20 crosses below EMA 50 β SELL# Bullish: MACD line crosses above Signal line β BUY
# Bearish: MACD line crosses below Signal line β SELLβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 1. Admin creates signal with conditions β
β β β
β 2. Bot fetches market data every 60 seconds β
β β β
β 3. Calculates RSI, EMA, MACD β
β β β
β 4. Compares with signal conditions β
β β β
β 5. If conditions met β Execute signal β
β β β
β 6. Send to Telegram/Email β
β β β
β 7. Log to database β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Open Telegram and search for
@BotFather - Send
/newbotcommand - Choose a name (e.g., "Crypto Trading Bot")
- Choose a username (must end with 'bot')
- Copy the API token
| Command | Description |
|---|---|
/start |
Welcome message and menu |
/help |
Show all commands |
/link CODE |
Link Telegram to your account |
/signals |
Get latest trading signals |
/status |
Check subscription status |
/unlink |
Unlink Telegram account |
# Send a test message via API
curl -X POST "https://api.telegram.org/bot<YOUR_TOKEN>/sendMessage" \
-d "chat_id=<CHAT_ID>&text=Hello from CryptoBot!"- Enable 2-Factor Authentication on Google Account
- Generate App Password:
- Google Account β Security β App Passwords
- Select "Mail" and "Other"
- Copy the 16-character password
# Password Reset Email
Subject: "Reset Your CryptoBot Password"
Body: Click the link to reset your password
# 2FA Code Email
Subject: "Your 2FA Verification Code"
Body: Your code is: XXXXXX
# Signal Alert Email
Subject: "New Trading Signal: BUY BTC/USDT"
Body: Entry: $65,000, TP: $67,000, SL: $63,000# Database locked error
rm instance/crypto_bot.db
python create_database.py
# Foreign key constraint failed
PRAGMA foreign_keys = OFF;
# Run your operations
PRAGMA foreign_keys = ON;# Can't login after many attempts
# Check if user is blocked in database
UPDATE users SET is_blocked = 0 WHERE email = 'user@example.com';# Check bot token
curl https://api.telegram.org/bot<YOUR_TOKEN>/getMe
# Check webhook (if using)
curl https://api.telegram.org/bot<YOUR_TOKEN>/getWebhookInfo# Test SMTP connection
import smtplib
server = smtplib.SMTP('smtp.gmail.com', 587)
server.starttls()
server.login('your-email@gmail.com', 'app-password')# Check Binance API status
curl https://api.binance.com/api/v3/ping
# Test specific pair
curl https://api.binance.com/api/v3/ticker/price?symbol=BTCUSDT# Enable debug mode for detailed logs
export FLASK_DEBUG=1
python app.py
# Check logs
tail -f logs/app.log# Create Procfile
echo "web: gunicorn app:app" > Procfile
# Create runtime.txt
echo "python-3.9.0" > runtime.txt
# Deploy
heroku create crypto-bot-system
heroku config:set SECRET_KEY=your-secret-key
heroku config:set EMAIL_USER=your-email@gmail.com
heroku config:set TELEGRAM_BOT_TOKEN=your-token
git push heroku main# Dockerfile
FROM python:3.9-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
EXPOSE 5000
CMD ["gunicorn", "--bind", "0.0.0.0:5000", "app:app"]# Build and run
docker build -t crypto-bot .
docker run -d -p 5000:5000 --env-file .env crypto-bot# SSH into EC2
ssh -i key.pem ec2-user@your-instance
# Install dependencies
sudo yum install python3 git
git clone your-repo
cd CryptoBotSystem
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
# Run with supervisor
sudo pip install supervisor
echo_supervisord_conf > supervisord.conf
# Configure and run
supervisord -c supervisord.confserver {
listen 80;
server_name your-domain.com;
location / {
proxy_pass http://127.0.0.1:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /static {
alias /path/to/CryptoBotSystem/static;
}
}# Automatic backup script
#!/bin/bash
BACKUP_DIR="/backups"
DB_PATH="instance/crypto_bot.db"
DATE=$(date +%Y%m%d_%H%M%S)
sqlite3 $DB_PATH ".backup" "$BACKUP_DIR/crypto_bot_$DATE.db"
gzip "$BACKUP_DIR/crypto_bot_$DATE.db"
# Keep only last 30 days
find $BACKUP_DIR -name "*.gz" -mtime +30 -delete# Add to app.py
import logging
from logging.handlers import RotatingFileHandler
handler = RotatingFileHandler('logs/app.log', maxBytes=10000000, backupCount=5)
handler.setLevel(logging.INFO)
app.logger.addHandler(handler)-- Check database size
SELECT page_count * page_size as size_bytes
FROM pragma_page_count(), pragma_page_size();
-- Check index usage
SELECT name, sql FROM sqlite_master WHERE type='index';
-- Analyze query performance
EXPLAIN QUERY PLAN SELECT * FROM users WHERE email = 'test@example.com';# Use PostgreSQL instead of SQLite
DATABASE_URL = postgresql://user:pass@localhost/crypto_bot
# Add Redis for caching
# Add Celery for background tasks
# Use multiple workers
gunicorn --workers 4 --threads 2 app:app# Docker Compose with services:
services:
web: gunicorn with 8 workers
worker: celery for signal processing
redis: message broker
postgres: production database
nginx: load balancer# Fork and clone
git clone https://github.com/yourusername/CryptoBotSystem.git
cd CryptoBotSystem
# Create feature branch
git checkout -b feature/new-feature
# Make changes and commit
git add .
git commit -m "Add new feature"
# Push and create PR
git push origin feature/new-feature# Follow PEP 8
# Use type hints
def get_user(user_id: int) -> User:
return User.query.get(user_id)
# Write docstrings
def calculate_rsi(prices: list, period: int = 14) -> float:
"""Calculate Relative Strength Index
Args:
prices: List of price values
period: RSI period (default 14)
Returns:
RSI value between 0-100
"""
passMIT License - See LICENSE file for details
Trading cryptocurrencies involves substantial risk of loss and is not suitable for every investor. Past performance does not guarantee future results. This bot is for educational purposes. Use at your own risk.
- Issues: GitHub Issues
- Email: support@cryptobot.com
- Telegram: @CryptoBotSupport
- Binance API for market data
- Python Telegram Bot library
- Flask ecosystem
- SQLAlchemy ORM
# 1. Clone/Setup
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activate
# 2. Install
pip install -r requirements.txt
# 3. Configure
cp .env.example .env
# Edit .env with your credentials
# 4. Database
python create_database.py
# 5. Run
python app.py
# 6. Access
# Open http://localhost:5000
# Login: admin@cryptobot.com / Admin123!Built with β€οΈ using Python, Flask, and SQLite
This README provides complete documentation for your Crypto Trading Bot System including installation, configuration, usage, and deployment instructions. Save this as `README.md` in your project root directory.