CopyGrade
← Guides
Due diligence

The copy-bot safety checklist: vet the wallet, then lock down the bot

Updated July 5, 2026 · CopyGrade

Before you connect a copy-bot to a Polymarket wallet, two separate things have to be true: the wallet is actually worth copying, and the bot can't do more damage than the trade itself. Most copiers verify neither — they find a green PnL on a leaderboard, paste the address into a bot, and hand over a wallet's keys to automate trades they never checked. This is the pre-flight checklist that closes both gaps, in order: vet the source wallet first, then shrink everything the bot can touch.

The two halves fail differently. A bad wallet loses you money one copied trade at a time. A bad bot can lose you everything at once — in January 2026 a popular copy-trading bot was drained of about $230,000 because of how it stored keys, no trade required. You have to clear both.

Part 1 — Vet the wallet first (the non-negotiable gate)

A copy-bot is an amplifier: it makes a good decision bigger and a bad one bigger just the same. So the wallet has to clear the bar before automation enters the picture, because only about 1.3% of active Polymarket wallets survive a full vetting pass — and roughly 74% have negative edge before you add a cent of copying cost. If you skip this step, the most efficient thing your bot will do is lose money faster.

Four checks decide it, and all four are pass/fail:

  1. Farming-clean. Does the record show patterns consistent with farming — wash-like self-trading, decoy clusters, copy-bait? A farming flag is a documented read of public on-chain behaviour, not an accusation, but about 60% of active wallets carry one — and a flagged wallet is built to attract copiers, not reward them. A flag here ends the evaluation. See farming detection.
  2. Real post-fee edge. Not the headline return — what a copier actually keeps after fees, slippage, and latency. A wallet with no edge net of its own costs has nothing to copy.
  3. Survivable drawdown. The worst historical stretch, and whether you could hold through it without bailing at the bottom.
  4. Edge where you want it. A wallet whose edge lives in categories your bot can target — and that you don't already copy elsewhere.

The full method, with thresholds and base rates, is in how to vet a Polymarket trader; the per-wallet Copy Verdict runs all four at a glance. If the wallet fails, stop here — nothing in Part 2 rescues a bad copy target.

Part 2 — Lock down the bot (the Polycule lesson)

Once the wallet clears, the question flips from who do I copy? to what can this bot do to me? Polymarket has no native copy-trading feature, so every copy-bot is third-party software that needs some power over your funds to act — and the amount of power varies enormously.

The cautionary tale is structural, not a scam. In January 2026 the copy-trading bot Polycule was hacked for roughly $230,000; the reported cause was that it stored users' private keys server-side in a recoverable form, which an attacker reached through a server-side request forgery flaw and forged copy-trade events. The team took it offline and said it would reimburse users via Polygon — but the lesson stands: a bot that holds your keys concentrates every user's funds into one server, so a single breach drains everyone at once. The blast radius, not any one trade, is the real exposure. The deeper write-up is in the copy-bot custody trap.

So interrogate the bot before it touches anything:

  • Where do the keys live? Prefer non-custodial designs where you keep custody and grant the bot only a scoped permission to place trades — never an architecture that uploads or stores your private key.
  • What is it actually allowed to do? Least privilege. A bot that needs withdrawal rights to copy trades is asking for more than the job requires.
  • What's your recourse if it's breached? Reimbursement is a promise, not a guarantee. Assume anything the bot can access can be lost, and size accordingly.

The selection criteria — fees, latency, controls, custody model — are covered in choosing a Polymarket copy-trading bot. This guide is about the safety floor underneath that choice.

Before you install: is the bot itself the scam?

Vetting the wallet is only half the job — the bot's own code can be the threat. Through the first half of 2026, researchers at StepSecurity documented fake "Polymarket copy-trading bots" on GitHub built to steal wallet keys — including one hidden inside a hijacked verified organization (dev-protocol, itself a victim) with hundreds of bot-inflated stars; independent researchers tie the broader wave to a suspected DPRK operation. Copy bots are the perfect lure because they legitimately need wallet access, so a "paste your private key" prompt looks like setup.

Three rules before you run any repo:

  • Stars and a verified badge aren't provenance. Check the account's real commit history; treat a trading feature that "just appeared" as a red flag.
  • Never paste a raw private key or seed phrase into a CLI — "it stays encrypted" was close to the exact line researchers found in these installers.
  • Copy from a dedicated, minimally-funded wallet and prefer non-custodial, least-privilege bots. Full write-up: fake Polymarket copy bots are stealing wallets.

Set hard limits before you fund anything

Caps are the cheapest protection you have, and the only one that works whether the risk comes from a bad wallet or a compromised bot. Decide all of them before money moves, not after the first drawdown:

  • Per-trade cap — the most a single copied position can stake.
  • Total-exposure cap — the most the bot can have at risk across all open copies at once.
  • Per-category budget — so one market type can't quietly become your whole book.
  • Max open positions — a ceiling that keeps a runaway copy loop from fanning out.

Size these from the wallet's worst historical drawdown, not its best month — the arithmetic is in position sizing for copy trading.

Build a kill-switch and monitor

A vetted wallet is a snapshot, and records decay. Wire up the exit before you need it: an alert on a new farming flag or a falling Copy Score, a clear plan for how you'll pull the bot fast, and a standing date to re-vet. The wallet you cleared last month is not the wallet you're copying today unless you keep checking.

The pre-flight checklist

Run both columns top to bottom. If any line in the left column fails, you don't reach the right column at all.

Wallet gate (vet first)Bot & execution lockdown
☐ Farming-clean — no flag☐ Non-custodial / you keep the keys
☐ Positive realistic post-fee edge☐ Least-privilege permissions (no withdrawal rights)
☐ Drawdown you can hold through☐ Per-trade and total-exposure caps set
☐ Edge in categories you want☐ Per-category budget + max-open-positions cap
☐ Cleared the full Copy Verdict☐ Alert + kill-switch + re-vet date in place

Prove it before you scale

Even after both columns clear, fund small and prove it. Stress-test the wallet under your stake, fees, and latency in the Copy Simulator before you let a bot run it at size — the realistic copy of a record is always worse than its headline, and you want to learn that on a small position, not your whole bankroll. Scale only after the live result matches the homework.

CopyGrade is analysis-only — it never executes trades and never holds your funds or keys, and a Copy Score is a documented research opinion, not a statement of fact about any trader or financial advice.

Read the methodology← All guides