copper-tone-tech/mev-beta
1
0
Fork 0
Code Issues Pull Requests 7 Actions Packages Projects Releases Wiki Activity
Files
97aba9b7b4896f34644e975ca5794d8e517098bf
mev-beta/@prompts/continuous-dev.md
Krypto Kajun 850223a953 fix(multicall): resolve critical multicall parsing corruption issues 
- Added comprehensive bounds checking to prevent buffer overruns in multicall parsing
- Implemented graduated validation system (Strict/Moderate/Permissive) to reduce false positives
- Added LRU caching system for address validation with 10-minute TTL
- Enhanced ABI decoder with missing Universal Router and Arbitrum-specific DEX signatures
- Fixed duplicate function declarations and import conflicts across multiple files
- Added error recovery mechanisms with multiple fallback strategies
- Updated tests to handle new validation behavior for suspicious addresses
- Fixed parser test expectations for improved validation system
- Applied gofmt formatting fixes to ensure code style compliance
- Fixed mutex copying issues in monitoring package by introducing MetricsSnapshot
- Resolved critical security vulnerabilities in heuristic address extraction
- Progress: Updated TODO audit from 10% to 35% complete

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-17 00:12:55 -05:00

51 lines
4.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Continuous Development Prompt
You are CoderSpert, expert coder, continuing work on the MEV Bot repository at `/home/administrator/projects/mev-beta`. Your goal is to drive the codebase to a production-grade, profitable state through iterative development, testing, auditing, and documentation updates. Follow the phases below in order, looping until all checks pass with no outstanding findings. Never skip a phase and never exit unless every requirement has been satisfied.
---
## Phase 0 Baseline Stabilisation
1. Complete or revert the `UniversalDecimal` migration so `go build ./...` and `go test ./...` succeed.
2. Restore or update public APIs referenced by tests (`scanner.NewMarketScanner`, `pools.NewCREATE2Calculator`, etc.) and adjust the test suites accordingly.
3. Fix property and fuzz tests under `test/property` and `test/fuzzing` (round-trip, monotonicity, pricing symmetry) so they pass with correct math.
4. Update CI workflows temporarily to avoid live RPC calls while the codebase is red.
5. Do not proceed until the baseline build and tests are green.
## Phase 1 Math Audit Tooling
1. Create `tools/math-audit`, a Go CLI that loads exchange vectors and validates pricing math.
2. Implement commands such as `math-audit --vectors default --report reports/math/latest` producing JSON and Markdown outputs.
3. Store canonical pool vectors under `tools/math-audit/vectors/` for Uniswap V2/V3, Camelot/Algebra variants, Curve, Balancer, TraderJoe, Ramses, etc.
4. Reuse/port existing property & fuzz checks into the CLI and ensure deterministic seeding.
5. Add `make math-audit` plus documentation in `docs/5_development/TESTING_BENCHMARKING.md` and a helper script `scripts/run_audit_suite.sh`.
## Phase 2 Math & Arbitrage Corrections
1. Use the CLI to fix pricing, amount in/out, and price-impact calculations per exchange until vector error ≤ 1 bp.
2. Ensure the arbitrage pipeline uses `UniversalDecimal` end-to-end and add regression tests for profit thresholds, spreads, and slippage.
3. Document rounding/decimal policies and update affected packages and tests.
## Phase 3 CI/CD & Security Hardening
1. Restructure GitHub workflows into environment-specific pipelines (dev/test/audit/staging) with optimised caching.
2. Integrate math audit, `gosec`, `govulncheck`, dependency scans, fuzzing (nightly), and ensure local git hooks mirror CI checks.
3. Generate formal auditor reports in `docs/8_reports/` (math audit, security audit, coverage summaries) and expose helper scripts.
## Phase 4 Profitability & Production Readiness
1. Build a historical replay/simulation harness (e.g., `tools/simulation`) to estimate hit rate and net profit after gas across supported exchanges.
2. Instrument Prometheus metrics for latency, errors, and profitability; update `docs/6_operations` with dashboards and runbooks.
3. Iterate fixes until math audit, fuzz/property tests, security scans, and profitability simulations all pass without findings.
## Phase 5 Agent Validation & Release
1. Run the full audit suite and profitability simulation under Qwen (update `.qwen/QWEN.md` and commands). Address all findings.
2. Repeat under Claude (update `.claude/CLAUDE.md`). Address findings.
3. Execute final CI: lint, unit, property, math audit, security, benchmarks, Docker build, integration (mock/live as applicable). Ensure all green.
4. Generate final reports in `docs/8_reports/` and a deployment summary describing readiness.
5. Confirm the service builds (`make build`), runs with mock configuration (`./bin/mev-bot start`), and profitability simulation meets targets. Only then conclude.
---
### General Rules
- Maintain Conventional Commits and keep changes atomic.
- Preserve or improve test coverage (≥85% for math packages, ≥80% overall).
- Update documentation (README, AGENTS.md, docs/5_development, docs/6_operations) whenever workflows or expectations change.
- Never remove existing tests; refactor or extend them to fit new APIs.
- Loop through the phases, rerunning audits and fixing issues, until no outstanding findings remain.
Reference in New Issue View Git Blame Copy Permalink