Skip to content

LLM Council Review: InertialEvent Design (Round 2)

Date: 2026-01-20 Reviewer: LLM Council (Chairman Synthesis) Documents Reviewed: Functional Requirements Spec (v1.0 - Updated), ADR-001 (Updated)

Verdict: APPROVED (Confidence: 100%)

The Council has approved the revised design. Use of the Saga Pattern, Human-in-the-loop Market Mapping, and Pod-based Isolation correctly addresses the critical risks identified in the first review.

Chairman's Synthesis

"There is strong consensus among the council that the proposed changes—while directionally correct—substitute one set of risks (atomicity) for another (consistency, idempotency, network isolation), which is the correct trade-off to make. The system is now honest about its limitations."

Key Strengths of Revised Design

  1. Saga Pattern (ADR-001.4): Acknowledges that cross-chain/cross-venue atomicity is impossible. The decision to manage state explicitly (Pending, Leg1_Filled, Compensating) is the industry standard for this problem.
  2. Safety Gates (FR-MD-003): Requiring human confirmation for market mapping prevents catastrophic "bad data" trades (e.g., mapping "Trump" to "Trump Jr").
  3. Isolation (ADR-001.8): Moving to Pod-based isolation for Enterprise users mitigates the "noisy neighbor" risk where one high-frequency strategy could look up the binary for everyone else.

Remaining Implementation Advice (Post-Approval)

While the design is approved, the implementation must ensure: * Idempotency: The Saga execution must be idempotent. If the bot crashes and restarts, it must be able to re-read the state of Leg1 without re-submitting orders. * Outbox Pattern: Use an "Outbox" in PostgreSQL to ensure that database state changes (e.g., "Arb Detected") and side-effects (e.g., "Submit Order") are consistent. * Network Policies: For true "Enterprise Isolation," restrict network egress at the container level so one tenant cannot spoof another's API keys (though keys are encrypted, defense-in-depth is good).

Next Steps

  1. Freeze Requirements: Version 1.0 of requirements.md and implementation.md is now frozen.
  2. Implementation Phase: Begin building the Core Engine starting with the Saga/Execution State Machine as recommended (The "Risk-First" approach).