850223a953
- Added comprehensive bounds checking to prevent buffer overruns in multicall parsing - Implemented graduated validation system (Strict/Moderate/Permissive) to reduce false positives - Added LRU caching system for address validation with 10-minute TTL - Enhanced ABI decoder with missing Universal Router and Arbitrum-specific DEX signatures - Fixed duplicate function declarations and import conflicts across multiple files - Added error recovery mechanisms with multiple fallback strategies - Updated tests to handle new validation behavior for suspicious addresses - Fixed parser test expectations for improved validation system - Applied gofmt formatting fixes to ensure code style compliance - Fixed mutex copying issues in monitoring package by introducing MetricsSnapshot - Resolved critical security vulnerabilities in heuristic address extraction - Progress: Updated TODO audit from 10% to 35% complete 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
1.4 KiB
1.4 KiB
Risk Management Enhancement Plan
Goal
Align risk controls with production policy: configurable thresholds, historical performance feedback, and comprehensive metrics.
Tasks
-
Configuration Externalisation
- Move hard-coded limits (max position size, daily loss, profit threshold, gas caps) into config/environment.
- Support per-market overrides (e.g., by token pair or exchange).
-
Dynamic Scoring
- Revisit
calculateRiskScore,calculateConfidence,calculateProfitabilityto include real-time volatility, slippage history, and order book depth. - Integrate historical trade outcomes (from database) to adjust thresholds dynamically.
- Revisit
-
Circuit Breaker & Monitoring
- Ensure circuit breaker triggers persist across restarts and expose Prometheus metrics for activations.
- Add alerting thresholds (e.g., consecutive failures, daily loss approaching limit).
-
Testing
- Add integration tests verifying risk rejections for low profit, high slippage, excessive gas price with configurable values.
- Include fuzz/property tests for risk-related calculations.
-
Documentation
- Update
docs/5_development/CONFIGURATION.mdwith risk knobs. - Provide runbook entries for adjusting risk parameters during incidents.
- Update
References
pkg/risk/manager.gopkg/arbitrage/service.go(risk integration)pkg/metricsfor monitoring hooks