Skip to content

SR-AUDIT — Phase 7.4 System Readiness Audit

To: Vesper (she/her), Orion (he/him) From: Atlas (he/him) CC: Katja (Captain) Date: 2026-04-19

Purpose: Formal audit gate before scaling, automation, or extended runtime. Objective: verify that the engine is truth-aligned, fully wired, observable, and fails safely. This is NOT exploratory. This is a pass/fail readiness gate with evidence.

Audit Preconditions (must be true before starting)

  • Wallet truth reconciliation active and stable
  • Anchor Saturation Guard implemented
  • Directional Drift Guard implemented
  • Inventory Corridor Guard implemented
  • At least 1–2 clean live sessions completed with guards active
  • No active DEGRADED/HALT at session end

If these are not met → do not run SR-AUDIT.

Domain 1 — Truth & State Integrity (CRITICAL)

Goal: System state MUST match on-chain reality at all times.

Checks:

  1. Startup reconciliation — Expected: status=ok, deltas ~0. Evidence: logs + inventory_truth_snapshots
  2. Runtime reconciliation stability — Expected: no drift accumulation beyond tolerance. Evidence: periodic checks across full session
  3. Shutdown reconciliation — Expected: final state matches on-chain. Evidence: end-of-session snapshot vs API
  4. Restart determinism — Restart engine → balances identical. Evidence: before/after restart comparison
  5. Realignment safety — Realignment does not break basis accounting, PnL, or capital events. Evidence: DB + metrics consistency

Pass criteria: No unexplained delta. No drift accumulation. Restart produces identical state.

Domain 2 — Execution & Lifecycle Wiring (CRITICAL)

Goal: No silent failures in order lifecycle.

Checks:

  1. Order lifecycle completeness — submit → active → fill/cancel → reconcile. Evidence: orders table + logs
  2. No dropped orders — Every order ends in a terminal state. Evidence: no orphan states
  3. Cancel paths — Manual + automatic cancel verified. Evidence: cancel_tx_hash + ledger confirmation
  4. DEGRADED transitions — Trigger → cancel → stop quoting. Recovery path works. Evidence: logs + engine_state
  5. Session lifecycle — start → run → close_session → ended_at written. Evidence: valuation_snapshots + sessions table

Pass criteria: No silent transitions. No missing states. No lifecycle gaps.

Domain 3 — Metrics & Calculations (CRITICAL)

Goal: All reported numbers are correct and internally consistent.

Checks:

  1. VW spread — Matches fill-level calculations. Evidence: recompute from fills table
  2. Fill attribution — session_id correct, no NULL-session leakage. Evidence: fills table
  3. PnL — realized vs unrealized consistent, matches inventory + price. Evidence: DB vs dashboard
  4. Inventory valuation — matches on-chain + pricing. Evidence: reconciliation + valuation_snapshots
  5. Anchor error — computed correctly per tick. Evidence: system_metrics
  6. Summary vs raw data — session summary = aggregated raw data. Evidence: cross-check

Pass criteria: All metrics recompute cleanly from raw data. No mismatches between layers.

Domain 4 — Strategy Signal Validity (IMPORTANT)

Goal: Signals reflect market reality, not artifacts.

Checks:

  1. Anchor behavior — matches CLOB vs AMM conditions. Evidence: anchor_error distribution
  2. Bias detection — positive/negative regimes correctly visible. Evidence: session stats
  3. Fill distribution — matches expected skew + offsets. Evidence: fills by side + timing
  4. Distance-to-touch (if available) — consistent with market spread. Evidence: per-tick telemetry
  5. Skew behavior — responds correctly to inventory. Evidence: order placement vs wallet state

Pass criteria: Signals explain observed behavior. No contradictions between signal and fills.

Domain 5 — Safeguards & Failure Modes (CRITICAL)

Goal: System fails safely, not silently.

Checks:

  1. Anchor Saturation Guard — triggers under sustained bias, enters DEGRADED. Evidence: forced test or session behavior
  2. Directional Drift Guard — detects burst fills / imbalance, triggers DEGRADED. Evidence: fill sequence test
  3. Inventory Corridor Guard — prevents extreme wallet skew. Evidence: threshold enforcement
  4. DEGRADED behavior — cancels orders, stops quoting, recovers cleanly. Evidence: logs + engine_state
  5. HALT behavior — blocks execution, requires intervention. Evidence: startup/pre-trade gate
  6. Reconciler anomaly logging — logs all anomalies, no silent phantom fills. Evidence: reconciler_anomaly_log
  7. FLAG-037 behavior (if implemented) — young vs old order logic correct. Evidence: anomaly classification

Pass criteria: All safeguards trigger correctly. No silent failure paths.

Audit Output Format

For each check: - Expected: - Observed: - Evidence (logs / DB query / metric): - Status: PASS / FAIL - Notes:

Severity Classification

  • CRITICAL → blocks Phase 8 (must fix now)
  • IMPORTANT → schedule next phase
  • OBSERVATION → track, no immediate action

Final Gate

SR-AUDIT passes ONLY if: - All CRITICAL checks = PASS - No unresolved truth or lifecycle inconsistencies - Safeguards verified in live or controlled conditions

Final Note

This audit is not about perfection. It is about confidence.

If SR-AUDIT passes: the system can be trusted to operate → Phase 8 (scaling, longer runs, automation) unlocks. If it fails: we fix with precision, not guesswork.

— Atlas