Skip to main content

updateStrategyWithPassphrase

Strict / airgapped strictness only. Full-field strict-mode save — supersedes updateStrategyCodeWithPassphrase, which only handled the code column and silently dropped UI Builder / Freqtrade config / name / description changes.

Mechanism mirrors createStrategyWithPassphrase: derive an ephemeral KEK from the supplied passphrase, inject it on ctx via peraction.WithEphemeralKEK, then call the standard UpdateStrategy resolver under the scoped ctx. The existing encrypt hooks on code, config, ui_builder_config, and analysis pick up the KEK and produce passphrase-v1 envelopes on every encrypted column; the in-place fields (name, description, builderMode, etc.) round-trip unchanged. The cache is zeroed and detached on Save return.

Audit event: secrets.passphrase.encrypt_with_action keyed on resourceType="Strategy" + resourceID=<strategyID>.

updateStrategyWithPassphrase(
strategyID: ID!
input: UpdateStrategyInput!
passphrase: String!
): Strategy!

Arguments

updateStrategyWithPassphrase.strategyID ● ID! non-null scalar

Strategy ID to update.

updateStrategyWithPassphrase.input ● UpdateStrategyInput! non-null input

Same shape as UpdateStrategyInput on the regular mutation.

updateStrategyWithPassphrase.passphrase ● String! non-null scalar

Plaintext passphrase. Never logged. Zeroed after the operation.

Type

Strategy object