search

Hu-Fi / Mr.Market

Mr. Market is the exchange oracle of HuFi, and a CeFi crypto bot on Mixin Messenger
https://mr-market-one.vercel.app
GNU Affero General Public License v3.0
1 stars 6 forks source link

Strategy modifcations #57

Closed Faouzijedidi1 closed 4 months ago

Faouzijedidi1 commented 4 months ago

User description

Strategy improvement requested as improvements by CHUNKEE

Type

enhancement, bug_fix

Description

Changes walkthrough

Relevant files
Enhancement
app.module.ts
Add SSL Support for PostgreSQL Connection                               
server/src/app.module.ts
  • Added SSL support for PostgreSQL connection based on environment
    variable POSTGRES_SSL.
    		•  +1/-0     
    logger.service.ts
    Switch Logger to Use Winston                                                         
    server/src/modules/logger/logger.service.ts
  • Switched logging mechanism to use winston instead of native file
    system operations.
  • Configured winston to log both to console and file with different
    levels.
    		•  +29/-45 
    marketdata.gateway.ts
    Modify WebSocket CORS Settings                                                     
    server/src/modules/marketdata/marketdata.gateway.ts - Modified WebSocket CORS settings to allow all origins.
    		+4/-2     
    strategy.dto.ts
    Add Ceiling and Floor Price Handling to Strategy DTO         
    server/src/modules/strategy/strategy.dto.ts
  • Added ceilingPrice and floorPrice properties to strategy DTO for
    handling order placement boundaries.
    		•  +4/-6     
    strategy.service.ts
    Improve Strategy Shutdown and Error Handling                         
    server/src/modules/strategy/strategy.service.ts
  • Implemented cancellation of all orders upon strategy shutdown.
  • Added error handling with retries for order book watching and strategy
    execution.
  • Modified market making strategy to skip orders outside of specified
    ceiling and floor prices instead of shutting down.
    		•  +116/-66
    package.json
    Add Root Directory Package.json                                                   
    package.json
  • Added root directory package.json for managing both frontend and
    server with scripts for convenience.
    		•  +13/-0   
    Documentation
    README.md
    Merge Server README to Root and Update Instructions           
    README.md
  • Merged server README content into root README.
  • Updated instructions to use yarn instead of npm.
    		•  +41/-2   

    PR-Agent usage: Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

    vercel[bot] commented 4 months ago

    The latest updates on your projects. Learn more about Vercel for Git ↗︎

    Name Status Preview Comments Updated (UTC)
    mr-market ✅ Ready (Inspect) Visit Preview 💬 Add feedback Mar 12, 2024 2:22pm
    github-actions[bot] commented 4 months ago

    PR Description updated to latest commit (https://github.com/Hu-Fi/Mr.Market/commit/adc22596d722129677ba94940804b406681efe72)

    github-actions[bot] commented 4 months ago

    PR Review

    (Review updated until commit https://github.com/Hu-Fi/Mr.Market/commit/723e3190118fe252008ff87eb783c86cfba1e8cb)

    ⏱️ Estimated effort to review [1-5] 4, due to the comprehensive changes across multiple files, including significant logic adjustments in strategy handling, logging, and server configuration. The introduction of new features and the switch to a different logging mechanism increase the complexity of the review. Additionally, the modifications in error handling and strategy shutdown procedures require careful consideration to ensure reliability and robustness.
    🧪 Relevant tests No
    🔍 Possible issues Possible Bug: In `server/src/modules/strategy/strategy.service.ts`, the retry mechanism in error handling could potentially lead to infinite retries if the error persists. This could cause the system to hang or consume excessive resources.
    Performance Concern: The use of synchronous `await` inside loops, for example in `cancelAllStrategyOrders` and `manageMarketMakingOrdersWithLayers`, could lead to performance bottlenecks. Asynchronous batch processing or parallel execution strategies might be more efficient.
    🔒 Security concerns No
    Code feedback:
    relevant fileserver/src/modules/logger/logger.service.ts
    suggestion       Consider adding a file rotation mechanism or log cleanup strategy to prevent the log files from growing indefinitely, especially for long-running applications. This can be achieved by integrating `winston-daily-rotate-file` transport or implementing a custom cleanup mechanism. [important]
    relevant linenew winston.transports.File({
    relevant fileserver/src/modules/marketdata/marketdata.gateway.ts
    suggestion       For production readiness, ensure that the CORS configuration is updated to restrict origins to known and trusted sources instead of allowing all origins. This is crucial for preventing unwanted cross-origin requests. [important]
    relevant lineorigin: '*', // Allow all origins, Temporary to be changed and restricted.
    relevant fileserver/src/modules/strategy/strategy.service.ts
    suggestion       Implement a maximum retry limit for error handling in methods like `watchSymbols` and `manageMarketMakingOrdersWithLayers` to prevent infinite loops in case of persistent errors. This could be done by adding a retry counter and a condition to break out of the loop after reaching the limit. [important]
    relevant lineawait new Promise((resolve) => setTimeout(resolve, 2000)); // Wait for 2 seconds before retrying or moving on
    relevant fileserver/src/app.module.ts
    suggestion       Validate the `POSTGRES_SSL` environment variable to ensure it contains a valid boolean string ('true' or 'false'). Incorrect values could lead to unexpected behavior. Consider adding a utility function for boolean environment variables parsing. [medium]
    relevant linessl: process.env.POSTGRES_SSL === 'true',
    ✨ Review tool usage guide:
    **Overview:** The `review` tool scans the PR code changes, and generates a PR review. The tool can be triggered [automatically](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#github-app-automatic-tools) every time a new PR is opened, or can be invoked manually by commenting on any PR. When commenting, to edit [configurations](https://github.com/Codium-ai/pr-agent/blob/main/pr_agent/settings/configuration.toml#L19) related to the review tool (`pr_reviewer` section), use the following template: ``` /review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=... ``` With a [configuration file](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#working-with-github-app), use the following template: ``` [pr_reviewer] some_config1=... some_config2=... ```
    Utilizing extra instructions
    The `review` tool can be configured with extra instructions, which can be used to guide the model to a feedback tailored to the needs of your project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify the relevant sub-tool, and the relevant aspects of the PR that you want to emphasize. Examples for extra instructions: ``` [pr_reviewer] # /review # extra_instructions=""" In the 'possible issues' section, emphasize the following: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ ``` Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.
    How to enable\disable automation
    - When you first install PR-Agent app, the [default mode](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#github-app-automatic-tools) for the `review` tool is: ``` pr_commands = ["/review", ...] ``` meaning the `review` tool will run automatically on every PR, with the default configuration. Edit this field to enable/disable the tool, or to change the used configurations
    Auto-labels
    The `review` tool can auto-generate two specific types of labels for a PR: - a `possible security issue` label, that detects possible [security issues](https://github.com/Codium-ai/pr-agent/blob/tr/user_description/pr_agent/settings/pr_reviewer_prompts.toml#L136) (`enable_review_labels_security` flag) - a `Review effort [1-5]: x` label, where x is the estimated effort to review the PR (`enable_review_labels_effort` flag)
    Extra sub-tools
    The `review` tool provides a collection of possible feedbacks about a PR. It is recommended to review the [possible options](https://github.com/Codium-ai/pr-agent/blob/main/docs/REVIEW.md#enabledisable-features), and choose the ones relevant for your use case. Some of the feature that are disabled by default are quite useful, and should be considered for enabling. For example: `require_score_review`, `require_soc2_ticket`, and more.
    Auto-approve PRs
    By invoking: ``` /review auto_approve ``` The tool will automatically approve the PR, and add a comment with the approval. To ensure safety, the auto-approval feature is disabled by default. To enable auto-approval, you need to actively set in a pre-defined configuration file the following: ``` [pr_reviewer] enable_auto_approval = true ``` (this specific flag cannot be set with a command line argument, only in the configuration file, committed to the repository) You can also enable auto-approval only if the PR meets certain requirements, such as that the `estimated_review_effort` is equal or below a certain threshold, by adjusting the flag: ``` [pr_reviewer] maximal_review_effort = 5 ```
    More PR-Agent commands
    > To invoke the PR-Agent, add a comment using one of the following commands: > - **/review**: Request a review of your Pull Request. > - **/describe**: Update the PR title and description based on the contents of the PR. > - **/improve [--extended]**: Suggest code improvements. Extended mode provides a higher quality feedback. > - **/ask \**: Ask a question about the PR. > - **/update_changelog**: Update the changelog based on the PR's contents. > - **/add_docs** 💎: Generate docstring for new components introduced in the PR. > - **/generate_labels** 💎: Generate labels for the PR based on the PR's contents. > - **/analyze** 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. >See the [tools guide](https://github.com/Codium-ai/pr-agent/blob/main/docs/TOOLS_GUIDE.md) for more details. >To list the possible configuration parameters, add a **/config** comment.
    See the [review usage](https://github.com/Codium-ai/pr-agent/blob/main/docs/REVIEW.md) page for a comprehensive guide on using this tool.
    github-actions[bot] commented 4 months ago

    PR Code Suggestions

    CategorySuggestions                                                                                                                                                       
    Enhancement
    Improve security and reliability by using a configuration service for environment variables. ___ **Consider using a more secure method for configuring SSL in production environments. Using
    environment variables directly can be prone to errors and might not be secure. A better
    approach would be to use a configuration service or module that validates and sanitizes
    all environment variables before they are used in the application.** [server/src/app.module.ts [48]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-4e8033eb0f9fd87924c445b7ac0f1c1192d4890fc1589b2fad2679797d4f4ce0R48-R48) ```diff -ssl: process.env.POSTGRES_SSL === 'true', +ssl: configService.get('POSTGRES_SSL') === 'true', ```
    Implement log file rotation to manage disk space and log file sizes. ___ **Implement a mechanism to handle log file rotation to prevent log files from growing
    indefinitely. This can be achieved by using the winston-daily-rotate-file transport
    instead of the basic File transport. This will help in managing disk space more
    effectively and ensure that the log files are easier to manage and review.** [server/src/modules/logger/logger.service.ts [28-34]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-fe4be3a82b6895fc7a5ea6b903fc41dd6b40ea08412f72a46ca9a3dd3962046fR28-R34) ```diff -new winston.transports.File({ - filename: path.join(logsDir, 'error.log'), +new winston.transports.DailyRotateFile({ + filename: path.join(logsDir, '%DATE%-error.log'), + datePattern: 'YYYY-MM-DD', level: 'error', }), -new winston.transports.File({ - filename: path.join(logsDir, 'combined.log'), +new winston.transports.DailyRotateFile({ + filename: path.join(logsDir, '%DATE%-combined.log'), + datePattern: 'YYYY-MM-DD', }), ```
    Implement an exponential backoff strategy for retries to improve performance and reliability. ___ **Using a fixed delay for retry mechanisms (setTimeout(resolve, 2000)) can lead to
    suboptimal performance under varying network conditions or load. Implementing an
    exponential backoff strategy for retries can be more effective, as it adapts to the
    situation by gradually increasing the delay between retries, reducing the load on the
    server and increasing the chance of recovery in case of temporary issues.** [server/src/modules/strategy/strategy.service.ts [177]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-413cb1b28e0d47a46768f97d10145a8e14d9e46b0a195768786127305916d944R177-R177) ```diff -await new Promise((resolve) => setTimeout(resolve, 2000)); // Wait for 2 seconds before retrying or moving on +await this.exponentialBackoffRetry(exchange, symbol); ```
    Add logic to handle scenarios where the price source is outside the specified ceiling and floor prices. ___ **The current implementation does not handle the scenario where the price source is outside
    the specified ceiling and floor prices. It's crucial to add logic to handle this scenario
    to prevent placing orders that do not align with the strategy's constraints. This could
    involve logging a warning or error and skipping the order placement for that cycle.** [server/src/modules/strategy/strategy.service.ts [257]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-413cb1b28e0d47a46768f97d10145a8e14d9e46b0a195768786127305916d944R257-R257) ```diff -// Fetch the current market price based on the specified price source type +if (priceSource > ceilingPrice || priceSource < floorPrice) { + this.logger.warn(`Price source ${priceSource} is outside the specified range (Floor: ${floorPrice}, Ceiling: ${ceilingPrice}). Skipping order placement.`); + return; +} ```
    Security
    Enhance security by restricting CORS to specific origins. ___ **Restricting CORS to allow all origins ('*') can expose the service to unnecessary security
    risks. It's recommended to specify a list of allowed origins or to configure CORS
    dynamically based on the request. This can prevent unwanted cross-origin requests and
    enhance the security of the WebSocket service.** [server/src/modules/marketdata/marketdata.gateway.ts [24-25]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-b4e30f06d92840d9d06da90af5ce24ca44d2081a7d3cdcd17cd785ab5269e3edR24-R25) ```diff cors: { - origin: '*', // Allow all origins, Temporary to be changed and restricted. + origin: ['https://example.com', 'https://anotherdomain.com'], // Specify allowed origins }, ```
    ✨ Improve tool usage guide:
    **Overview:** The `improve` tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered [automatically](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#github-app-automatic-tools) every time a new PR is opened, or can be invoked manually by commenting on a PR. When commenting, to edit [configurations](https://github.com/Codium-ai/pr-agent/blob/main/pr_agent/settings/configuration.toml#L69) related to the improve tool (`pr_code_suggestions` section), use the following template: ``` /improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=... ``` With a [configuration file](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#working-with-github-app), use the following template: ``` [pr_code_suggestions] some_config1=... some_config2=... ```
    Enabling\disabling automation
    When you first install the app, the [default mode](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#github-app-automatic-tools) for the improve tool is: ``` pr_commands = ["/improve --pr_code_suggestions.summarize=true", ...] ``` meaning the `improve` tool will run automatically on every PR, with summarization enabled. Delete this line to disable the tool from running automatically.
    Utilizing extra instructions
    Extra instructions are very important for the `improve` tool, since they enable to guide the model to suggestions that are more relevant to the specific needs of the project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify relevant aspects that you want the model to focus on. Examples for extra instructions: ``` [pr_code_suggestions] # /improve # extra_instructions=""" Emphasize the following aspects: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ ``` Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.
    A note on code suggestions quality
    - While the current AI for code is getting better and better (GPT-4), it's not flawless. Not all the suggestions will be perfect, and a user should not accept all of them automatically. - Suggestions are not meant to be simplistic. Instead, they aim to give deep feedback and raise questions, ideas and thoughts to the user, who can then use his judgment, experience, and understanding of the code base. - Recommended to use the 'extra_instructions' field to guide the model to suggestions that are more relevant to the specific needs of the project, or use the [custom suggestions :gem:](https://github.com/Codium-ai/pr-agent/blob/main/docs/CUSTOM_SUGGESTIONS.md) tool - With large PRs, best quality will be obtained by using 'improve --extended' mode.
    More PR-Agent commands
    > To invoke the PR-Agent, add a comment using one of the following commands: > - **/review**: Request a review of your Pull Request. > - **/describe**: Update the PR title and description based on the contents of the PR. > - **/improve [--extended]**: Suggest code improvements. Extended mode provides a higher quality feedback. > - **/ask \**: Ask a question about the PR. > - **/update_changelog**: Update the changelog based on the PR's contents. > - **/add_docs** 💎: Generate docstring for new components introduced in the PR. > - **/generate_labels** 💎: Generate labels for the PR based on the PR's contents. > - **/analyze** 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. >See the [tools guide](https://github.com/Codium-ai/pr-agent/blob/main/docs/TOOLS_GUIDE.md) for more details. >To list the possible configuration parameters, add a **/config** comment.
    See the [improve usage](https://github.com/Codium-ai/pr-agent/blob/main/docs/IMPROVE.md) page for a more comprehensive guide on using this tool.
    github-actions[bot] commented 4 months ago

    PR Description updated to latest commit (https://github.com/Hu-Fi/Mr.Market/commit/723e3190118fe252008ff87eb783c86cfba1e8cb)

    github-actions[bot] commented 4 months ago

    Persistent review updated to latest commit https://github.com/Hu-Fi/Mr.Market/commit/723e3190118fe252008ff87eb783c86cfba1e8cb

    github-actions[bot] commented 4 months ago

    PR Code Suggestions

    CategorySuggestions                                                                                                                                                       
    Enhancement
    Set a default value for ssl connection option based on the environment variable. ___ **Consider setting ssl to false by default if the POSTGRES_SSL environment variable is not
    set. This ensures that your application can still connect to the database in environments
    where SSL is not required or not supported, without requiring explicit configuration.** [server/src/app.module.ts [48]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-4e8033eb0f9fd87924c445b7ac0f1c1192d4890fc1589b2fad2679797d4f4ce0R48-R48) ```diff -ssl: process.env.POSTGRES_SSL === 'true', +ssl: process.env.POSTGRES_SSL ? process.env.POSTGRES_SSL === 'true' : false, ```
    Ensure the logs directory exists before writing logs. ___ **Implement a mechanism to ensure that the logs directory exists before attempting to write
    logs to it. This can prevent runtime errors when the specified directory does not exist.** [server/src/modules/logger/logger.service.ts [11-13]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-fe4be3a82b6895fc7a5ea6b903fc41dd6b40ea08412f72a46ca9a3dd3962046fR11-R13) ```diff const logsDir = process.env.IS_DEV ? path.join(__dirname, '..', '..', 'logs') : path.join(__dirname, '..', 'logs'); +if (!fs.existsSync(logsDir)) { + fs.mkdirSync(logsDir, { recursive: true }); +} ```
    Implement exponential backoff for retrying operations after an error. ___ **Instead of using a fixed delay for retrying operations after an error, consider
    implementing an exponential backoff strategy. This approach can help to reduce the load on
    the server and improve the chances of recovery in case of temporary issues.** [server/src/modules/strategy/strategy.service.ts [177]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-413cb1b28e0d47a46768f97d10145a8e14d9e46b0a195768786127305916d944R177-R177) ```diff -await new Promise((resolve) => setTimeout(resolve, 2000)); // Wait for 2 seconds before retrying or moving on +await new Promise((resolve) => setTimeout(resolve, Math.pow(2, retryAttempt) * 1000)); // Exponential backoff ```
    Security
    Restrict CORS origins to specific domains for enhanced security. ___ **Replace the wildcard CORS origin with specific origins to enhance security. Allowing all
    origins ('*') can expose your service to cross-site request forgery (CSRF) attacks.** [server/src/modules/marketdata/marketdata.gateway.ts [24]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-b4e30f06d92840d9d06da90af5ce24ca44d2081a7d3cdcd17cd785ab5269e3edR24-R24) ```diff -origin: '*', // Allow all origins, Temporary to be changed and restricted. +origin: ['http://example.com', 'https://anotherdomain.com'], // Specify allowed origins ```
    Maintainability
    Use descriptive variable names for better code readability. ___ **Use a more descriptive variable name than priceSource for the variable that holds the
    price used to calculate buy and sell prices. This will improve code readability and
    maintainability.** [server/src/modules/strategy/strategy.service.ts [258-262]](https://github.com/Hu-Fi/Mr.Market/pull/57/files#diff-413cb1b28e0d47a46768f97d10145a8e14d9e46b0a195768786127305916d944R258-R262) ```diff -const priceSource = await this.getPriceSource( +const referencePrice = await this.getPriceSource( ```
    ✨ Improve tool usage guide:
    **Overview:** The `improve` tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered [automatically](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#github-app-automatic-tools) every time a new PR is opened, or can be invoked manually by commenting on a PR. When commenting, to edit [configurations](https://github.com/Codium-ai/pr-agent/blob/main/pr_agent/settings/configuration.toml#L69) related to the improve tool (`pr_code_suggestions` section), use the following template: ``` /improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=... ``` With a [configuration file](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#working-with-github-app), use the following template: ``` [pr_code_suggestions] some_config1=... some_config2=... ```
    Enabling\disabling automation
    When you first install the app, the [default mode](https://github.com/Codium-ai/pr-agent/blob/main/Usage.md#github-app-automatic-tools) for the improve tool is: ``` pr_commands = ["/improve --pr_code_suggestions.summarize=true", ...] ``` meaning the `improve` tool will run automatically on every PR, with summarization enabled. Delete this line to disable the tool from running automatically.
    Utilizing extra instructions
    Extra instructions are very important for the `improve` tool, since they enable to guide the model to suggestions that are more relevant to the specific needs of the project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify relevant aspects that you want the model to focus on. Examples for extra instructions: ``` [pr_code_suggestions] # /improve # extra_instructions=""" Emphasize the following aspects: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ ``` Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.
    A note on code suggestions quality
    - While the current AI for code is getting better and better (GPT-4), it's not flawless. Not all the suggestions will be perfect, and a user should not accept all of them automatically. - Suggestions are not meant to be simplistic. Instead, they aim to give deep feedback and raise questions, ideas and thoughts to the user, who can then use his judgment, experience, and understanding of the code base. - Recommended to use the 'extra_instructions' field to guide the model to suggestions that are more relevant to the specific needs of the project, or use the [custom suggestions :gem:](https://github.com/Codium-ai/pr-agent/blob/main/docs/CUSTOM_SUGGESTIONS.md) tool - With large PRs, best quality will be obtained by using 'improve --extended' mode.
    More PR-Agent commands
    > To invoke the PR-Agent, add a comment using one of the following commands: > - **/review**: Request a review of your Pull Request. > - **/describe**: Update the PR title and description based on the contents of the PR. > - **/improve [--extended]**: Suggest code improvements. Extended mode provides a higher quality feedback. > - **/ask \**: Ask a question about the PR. > - **/update_changelog**: Update the changelog based on the PR's contents. > - **/add_docs** 💎: Generate docstring for new components introduced in the PR. > - **/generate_labels** 💎: Generate labels for the PR based on the PR's contents. > - **/analyze** 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. >See the [tools guide](https://github.com/Codium-ai/pr-agent/blob/main/docs/TOOLS_GUIDE.md) for more details. >To list the possible configuration parameters, add a **/config** comment.
    See the [improve usage](https://github.com/Codium-ai/pr-agent/blob/main/docs/IMPROVE.md) page for a more comprehensive guide on using this tool.