ReviewerAudit trail for every envelope decision — which bot approved or rejected, why, and with what reason code.When: When investigating a rejection, preparing a compliance report, or replaying a failed order.

Details

What this page is forAudit trail for every envelope decision — which bot approved or rejected, why, and with what reason code.

When to use itWhen investigating a rejection, preparing a compliance report, or replaying a failed order.

Powered byrisk.killswitch exec.smartrouter

← Back to decisions

Trade trace — 01JG1Z3F2H8WK4PM

One intent walked end-to-end through the bot pipeline. Every step is one envelope on the append-only log.

All decisions Open strategy Open instrument

Why this page is new

Today the operator can see that a trade happened, but not why. This page is the full audit trail for one correlation ID: each bot's envelope in order, the inputs it read, the decision it emitted, the reason code, and the replay-hash chain that proves the log hasn't been tampered with. Any operator can answer "why did this trade fire?" in 30 seconds.

Correlation ID

01JG1Z3F2H8WK4PM

Strategy

Election Momentum

Instrument

election-2026-us-senate

Portfolio · builderCode

portfolio_main · 0xb000000000000000000000000000000000000000000000000000000000003f7a

Started

14:46:02.881 UTC

Finished

14:46:02.914 UTC (33ms)

Envelopes

5 stages · 5 envelopes

Final state

FILLED · 1,000 shares @ $0.47

Pipeline replay

Each step is one envelope, in emission order. Click any step to inspect the full envelope JSON below.

1 · Intel intel.macro_sentiment 14:46:02.881 · +0ms INTEL_MACRO_NEUTRAL SIGNAL

Read 6-hour macro tape. No risk-off cluster detected. Strategy is cleared to look for setups.

{
  "envelope_version": "v2",
  "correlation_id": "01JG1Z3F2H8WK4PM",
  "step": 1,
  "bot": "intel.macro_sentiment",
  "reads": { "tape_window_h": 6, "instruments_seen": 47 },
  "decision": "SIGNAL",
  "reason_code": "INTEL_MACRO_NEUTRAL",
  "emitted_at": "2026-05-11T14:46:02.881Z",
  "replay_hash": "0xa1b2…0001"
}

2 · Discovery disc.headline_scanner 14:46:02.884 · +3ms DISC_HEADLINE_MATCH SIGNAL

Matched keyword pack us-senate-2026 on AP wire — "Senate poll swing in PA" — 14s ago.

{
  "envelope_version": "v2",
  "correlation_id": "01JG1Z3F2H8WK4PM",
  "step": 2,
  "bot": "disc.headline_scanner",
  "reads": {
    "headline_id": "ap_2026051114457",
    "keyword_pack": "us-senate-2026",
    "instrument": "election-2026-us-senate"
  },
  "decision": "SIGNAL",
  "reason_code": "DISC_HEADLINE_MATCH",
  "emitted_at": "2026-05-11T14:46:02.884Z",
  "replay_hash": "0xa1b2…0002"
}

3 · Strategy strat.maker_tight 14:46:02.886 · +5ms STRAT_MAKER_QUOTE_INSIDE INTENT_OPEN

Quoted 20 bps inside the book on YES. Notional $250 (within max_position_pusd=500).

{
  "envelope_version": "v2",
  "correlation_id": "01JG1Z3F2H8WK4PM",
  "step": 3,
  "bot": "strat.maker_tight",
  "intent": {
    "intent_id": "intent_84218",
    "market": "election-2026-us-senate",
    "side": "BUY",
    "outcome": "YES",
    "size_pusd": 250.00,
    "limit_price": 0.47,
    "max_slippage_bps": 50
  },
  "params_applied": {
    "spread_target_bps": 20,
    "max_position_pusd": 500
  },
  "decision": "INTENT_OPEN",
  "reason_code": "STRAT_MAKER_QUOTE_INSIDE",
  "emitted_at": "2026-05-11T14:46:02.886Z",
  "replay_hash": "0xa1b2…0003"
}

4 · Risk · 5 guards in series risk.compliancegate → killswitch → markethaltguard → stalebookguard → marketqualityguard → exposureguard → drawdownguard 14:46:02.890 · +9ms RISK_ALL_GUARDS_PASS APPROVE

All seven guards passed. Book age 340ms (limit 15s). Exposure $1,820 of $5,000. Drawdown $42 of $500.

{
  "envelope_version": "v2",
  "correlation_id": "01JG1Z3F2H8WK4PM",
  "step": 4,
  "bot": "risk.pipeline",
  "guards": [
    { "bot": "risk.compliancegate",    "ok": true },
    { "bot": "risk.killswitch",        "ok": true },
    { "bot": "risk.markethaltguard",   "ok": true, "halt_flag": false },
    { "bot": "risk.stalebookguard",    "ok": true, "book_age_ms": 340 },
    { "bot": "risk.marketqualityguard","ok": true, "spread_bps": 18 },
    { "bot": "risk.exposureguard",     "ok": true, "used_pusd": 1820, "cap_pusd": 5000 },
    { "bot": "risk.drawdownguard",     "ok": true, "drawdown_pusd": 42, "limit_pusd": 500 }
  ],
  "decision": "APPROVE",
  "reason_code": "RISK_ALL_GUARDS_PASS",
  "emitted_at": "2026-05-11T14:46:02.890Z",
  "replay_hash": "0xa1b2…0004"
}

5 · Execution exec.smartrouter 14:46:02.914 · +33ms EXEC_ROUTE_CTFV2_ACCEPTED FILLED

Signed EIP-712 v2, attached builderCode, submitted to CTFExchangeV2. Full fill at $0.4700 (slippage 0 bps).

{
  "envelope_version": "v2",
  "correlation_id": "01JG1Z3F2H8WK4PM",
  "step": 5,
  "bot": "exec.smartrouter",
  "order": {
    "order_id": "ord_84218",
    "exchange": "CTFExchangeV2",
    "contract": "0xAcb1…4f29",
    "signer_scheme": "EIP-712 v2",
    "builder_code": "0xb000000000000000000000000000000000000000000000000000000000003f7a",
    "settlement_asset": "pUSD",
    "side": "BUY",
    "outcome_token": "0x6a3f…b921",
    "size_pusd": 250.00,
    "fill_price": 0.4700,
    "slippage_bps": 0,
    "tx_hash": "0xa1…dc41"
  },
  "decision": "FILLED",
  "reason_code": "EXEC_ROUTE_CTFV2_ACCEPTED",
  "emitted_at": "2026-05-11T14:46:02.914Z",
  "replay_hash": "0xa1b2…0005"
}

Resulting order

Order ID	`ord_84218`
Side	BUY YES
Fill price	$0.4700
Filled (pUSD)	$250.00
Slippage	0 bps
builderCode	`0xb000000000000000000000000000000000000000000000000000000000003f7a`
Tx hash	`0xa1…dc41`
Exchange	`CTFExchangeV2`

Open in Orders

Replay-hash chain

Each envelope's replay_hash covers the previous one. Tampering breaks the chain.

step 1  intel.macro_sentiment      0xa1b2…0001
step 2  disc.headline_scanner      0xa1b2…0002  (covers 0001)
step 3  strat.maker_tight          0xa1b2…0003  (covers 0002)
step 4  risk.pipeline              0xa1b2…0004  (covers 0003)
step 5  exec.smartrouter           0xa1b2…0005  (covers 0004)

verifier: chain intact ✓
seal:     0x9c4e…ff21

The chain is verified on read by the operator UI and on disk by the audit reaper.

What this proves

No copy-trading. Every input is a public market state or a keyword-matched headline.
No insider feeds. Reads enumerated above; nothing else.
pUSD only · V2 only. No USDC.e, no CTFExchangeV1, no V1 codepaths.
builderCode attached. Required and present at exec time.
Replay-deterministic. Same inputs → same envelopes → same hashes.

Where this lives in the codebase

The runner already writes one envelope per decide() call to the append-only log under packages/auditlog/. This page is a read-only view over that log, joined by correlation_id. Phase 3 work: ship the audit reaper that seals chunks every hour and exports them.

Locked rule

Trade traces are read-only forever. The UI must never offer an edit or delete action on envelope data — only filter, share, and export. Tampering with the log fails verification and trips SEC_AUDITLOG_BROKEN.

Polytraders Operator UX Mock · INTERNAL · demo-wired ≠ production-live · the plan · reason codes · shadow-mode pipeline