copper-tone-tech/mev-beta
1
0
Fork 0
Code Issues Pull Requests 7 Actions Packages Projects Releases Wiki Activity
Files
850223a953a70b906f6da8fedd2fb475d0352c62
mev-beta/AGENTS.md
Krypto Kajun 850223a953 fix(multicall): resolve critical multicall parsing corruption issues 
- Added comprehensive bounds checking to prevent buffer overruns in multicall parsing
- Implemented graduated validation system (Strict/Moderate/Permissive) to reduce false positives
- Added LRU caching system for address validation with 10-minute TTL
- Enhanced ABI decoder with missing Universal Router and Arbitrum-specific DEX signatures
- Fixed duplicate function declarations and import conflicts across multiple files
- Added error recovery mechanisms with multiple fallback strategies
- Updated tests to handle new validation behavior for suspicious addresses
- Fixed parser test expectations for improved validation system
- Applied gofmt formatting fixes to ensure code style compliance
- Fixed mutex copying issues in monitoring package by introducing MetricsSnapshot
- Resolved critical security vulnerabilities in heuristic address extraction
- Progress: Updated TODO audit from 10% to 35% complete

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-17 00:12:55 -05:00

73 lines
5.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Agent Handoff Guide
This guide keeps multi-agent work on the MEV Bot repository (`/home/administrator/projects/mev-beta`) aligned. Always follow the shared practices here first, then layer any agent-specific instructions (for example, `.qwen/QWEN.md` or `CLAUDE.md`).
## Repository Context
- Primary language Go 1.22+ with auxiliary scripts in Bash/Node; binaries land in `bin/`
- Core service: arbitrage-focused MEV bot targeting Arbitrum (see `PROJECT_SPECIFICATION.md` for architecture)
- Tests span unit, property, fuzz, math audit, integration, and profitability simulations
- CI defined under `.github/workflows/`, `harness/`, and `.drone.yml`; local equivalents exist in `scripts/` and `Makefile`
## Operating Principles (All Agents)
- Keep `go test ./...` and `make build` green before handing off; document exceptions directly in the checklist
- Maintain determinism: prefer reproducible scripts, pinned vectors, and declarative configs
- Never commit secrets from `keystore/`, `env/`, or generated artifacts; redact sample values when documenting
- Update related docs (README, `AGENTS.md`, `docs/5_development`, `docs/6_operations`) when workflows or expectations change
- Preserve or increase test coverage; extend existing suites rather than creating redundant harnesses
- Record blockers (sandbox limits, missing fixtures, approvals) in the checklist with next steps
## Agent Roles & Overlays
- **Codex (default)** infrastructure, orchestration, release engineering, cross-package fixes; see this file plus the harness README
- **Qwen** numerical correctness and performance; follow `.qwen/QWEN.md` for math tooling and audit flow
- **Claude** developer-experience alignment, documentation, and CI scaffolding; see `CLAUDE.md`
- Add new agents by checking in `<NAME>.md` at the repo root and linking it here; mirror the conventions above
## Workflow & Handoff Expectations
1. Review this guide, outstanding checklist items, and recent agent notes before starting work.
2. Log progress with status markers (`[ ]`, `[~]`, `[x]`) plus initials/date (YYYY-MM-DD) when updating any item.
3. When a task spans multiple agents, leave actionable pointers: commands run, logs produced, files touched, follow-up owners.
4. Attach artifacts (reports, coverage, simulation outputs) under `reports/` or the designated directory and reference the path.
5. Prefer deterministic scripts (e.g., `./scripts/run_audit_suite.sh`, `.qwen/scripts/math-test.sh`) over ad-hoc commands.
6. Document blockers or required approvals inline; include whether retries are needed post-approval.
7. During release phases, ensure Drone/Harness pipeline invocations are captured with run IDs and artifact paths.
## Shared Checklists
### Phase 4 Profitability & Monitoring
- [x] Profitability simulation harness (`tools/simulation`) with default vectors Qwen 2024-10-05
- [x] Prometheus profitability metrics wired (`pkg/metrics/metrics.go`) Qwen 2024-10-05
- [x] Docs updated (`docs/5_development/TESTING_BENCHMARKING.md`, `docs/6_operations/DEPLOYMENT_GUIDE.md`) Qwen 2024-10-05
### Phase 5 Agent Validation & Release
- [x] Provide keystore + secrets for smoke start (`MEV_BOT_KEYSTORE_PATH`, env vars) Codex 2025-10-05 (`env/smoke.env`, directories scaffolded)
- [~] Run full regression (`go test ./...`, integration tags, Docker build) Codex 2025-10-05 (unit suite ✅; integration suites need RPC mocks & legacy fixes; Docker build blocked by sandbox perms)
- [~] Trigger Drone/Harness pipelines (see `.drone.yml`, `harness/pipelines/staging.yaml`) and attach artifacts; GitHub workflows now manual-only backups Codex 2025-10-05 (Drone `test-suite`/`security-suite`/`integration-opt-in` triggered via local `bin/drone`; lint & gosec blocked by toolchain mismatches, logs in `reports/ci/`; Harness CLI built locally but staging run blocked by missing Harness API credentials/permissions)
- [x] Confirm Prometheus alerts configured (error rate, profit factor) Codex 2025-10-05 (`monitoring/alerts.yml`, `pkg/metrics/metrics.go` export)
- [x] Final release summary in `docs/8_reports/` Codex 2025-10-05 (`docs/8_reports/2024-10-05_final_release_summary.md`)
### Outstanding Follow-ups
- [ ] Decide on secrets management strategy (Vault / SSM / local `.env`) before production deployment
- [ ] Evaluate additional real-world vector captures for profitability simulator
- [ ] Repair integration test harness (update arbitrage config structs, import paths, and RPC fixtures) before release gating Codex 2025-10-05 (core suite now passes with `go test -tags=integration ./...`; legacy RPC/fork suites gated behind `legacy`/`forked` for follow-up hardening)
### Code Audit Plan
- [ ] Work through `docs/8_reports/subsystem_audit_checklist.md` module by module
- [ ] Log findings/issues per package (open PRs/issues) and update status table
Add new items as work emerges; remove or archive completed entries once signed off.
## Reference Commands
- `go test ./...` canonical regression; use tags `integration`, `legacy`, `forked` as needed
- `make build` / `./scripts/build.sh` produce binaries for `bin/`
- `./scripts/run_audit_suite.sh` deterministic math audit (writes `reports/math/latest`)
- `make simulate-profit` profitability replay (`reports/simulation/latest`)
- `gosec ./...`, `golangci-lint run` security & lint gates
## Supporting Docs & Directories
- `PROJECT_SPECIFICATION.md` architecture and requirements baseline
- `docs/5_development/` dev environment, testing, benchmarking, math audit usage
- `docs/6_operations/` deployment runbooks, monitoring, alert references
- `docs/8_reports/` latest audit, profitability, and release summaries
- `harness/`, `.drone.yml`, `.github/workflows/` CI/CD definitions
- `@prompts/continuous-dev.md` full iterative development contract
Reference in New Issue View Git Blame Copy Permalink