Nifty Bot | Professional Trading Terminal

Archived Reports

2026-06-04-sidebar-fix.md 1.1 KB

# Code Change Report - Sidebar Overflow Fix **Date:** 2026-06-04 **Category:** UI/UX Bug Fix ## Problem The dashboard's left sidebar navigation was clipping items at the bottom (Architecture, Error L...

2026-05-29_pnl_and_headless_auth.md 2.2 KB

# Code Change Report - 2026-05-29 ## Overview Fixed Upstox PnL reporting mismatch where Gross PnL showed as ₹0.00 despite active trades. Implemented fully headless authentication using TOTP to remove...

2026-06-15 (Activity Ledger Partial Exits UI) 3 changes

**UI Enhancement**: Modified the Activity Ledger (`trade_log_table.html`) to gracefully handle partial profit booking. When a trade has `partial_booked == True`, it now displays "T1 Out" (with 50% tag) and "Final Out" (with 50% tag) instead of a single misleading "Out" price.

**Model Enhancement**: Added a dynamic `@property` called `t1_exit_price` to the `Trade` database model. This calculates the exact T1 exit price by reverse-engineering the accumulated `trade.pnl` and `trade.qty`, completely bypassing the need to run database schema migrations.

**UI Consistency**: Replicated the partial exit layout ("T1" and "Final") to the 'Exit' column in `reports.html` to maintain visual consistency across all trade ledgers.

2026-06-15 (System Flow Wiki) 3 changes

**Feature (System Wiki)**: Integrated a live documentation viewer into the Web UI. Created a `/wiki` route in `app/api/routes.py` that reads `memory/system_flow_wiki.md` and renders it via a new glassmorphic `wiki.html` template using the `markdown` library.

**Documentation**: Performed a deep codebase analysis and authored a comprehensive end-to-end system flow architecture document detailing data movement from Upstox to the DB, directory structure, and key workflows (Auth, Trade Monitoring, Adaptive Risk).

**AI Automation**: Updated `.cursorrules` to instruct the AI to automatically update `system_flow_wiki.md` whenever core logic or endpoints are modified.

2026-06-13 (Loss Analytics & Even Lot Constraint) 3 changes

**Feature (Loss Analytics)**: Extended `TradePostmortemService` to capture detailed market context (VIX trend, Donchian Zone, MACD state, slippage, time of day) on losing trades. Added an AI-driven deterministic narrative generator to explain the failure.

**Database & UI (Loss Analytics)**: Added `loss_analysis` JSON column to the `Trade` model with an Alembic migration (`20260613_01`). Created a dedicated glassmorphic `/loss-analytics` route and template accessible via the sidebar to review these post-mortems.

**Even Lot Sizing Rule**: Enforced an even-lot sizing constraint globally. Updated `BotStartConfig` schema, `/bot/execute-pending` route guards, `dashboard.html` input constraints, and the Telegram bot's inline keyboard and `setlots` command to only allow even lot numbers (2, 4, 6, 8...).

2026-06-11 (Partial Profit Booking PnL Fix) 1 changes

**BUG FIX: Fixed partial profit booking PnL accumulation in exit_trade()** (`app/services/trading_controller.py`): `trade.pnl` was being overwritten with only the final exit leg's calculated PnL instead of accumulated with previously booked partial profits (e.g. from T1 50% position close). Changed to compute `exit_leg_pnl` separately and add it to existing `trade.pnl` using `round((trade.pnl or 0) + exit_leg_pnl, 2)`, matching the correct accumulation pattern already used in `_partial_exit()`.

2026-06-04 (Sidebar Overflow Fix) 1 changes

**Fixed Sidebar Navigation Clipping** (`app/static/ui.css`): The dashboard sidebar was clipping navigation items at the bottom on smaller viewport heights because it lacked scrolling. Added `overflow-y: auto` to `.sidebar` and implemented a custom theme-consistent scrollbar (thin, indigo-colored). Also added `flex-shrink: 0` to direct children of the sidebar to prevent layout collapse when scrolling is active.

2026-06-03 (Reports Bug Fixes & New Web UI Pages) 8 changes

**Fixed Symbol Display in Trade Ledger** (`app/api/routes.py`, `app/templates/reports.html`): The Bot Trade Ledger showed raw instrument keys (e.g., `NSE_FO|NIFTY2606223050PE`) instead of human-readable symbols. Added `format_option_symbol` Jinja filter that first checks `trade.strike_price` + `trade.option_type` fields (e.g., `23050 PE`), then falls back to regex parsing of `trading_symbol`, then raw symbol.

**Fixed Duration Calculation** (`app/api/routes.py`): `_duration_label()` was using `trade.created_at` (DB insert time, UTC) instead of `trade.entry_time` (actual execution time, local). This caused inflated durations. Fixed to use `entry_time` with timezone-aware subtraction and negative-duration guard.

**Fixed Pattern Showing "None"** (`app/services/trading_controller.py`, `app/templates/reports.html`): `PremiumRenkoConfirmation.pattern_name` defaulted to the string `"None"` (truthy), which was stored in the DB and displayed literally. Changed default to `""` (empty string). Also added `!= 'None'` guard in template for existing DB records.

**New Error Logs Page** (`app/api/routes.py`, `app/templates/error_logs.html`): Created `/error-logs` route that tail-reads last 512KB of `logs/system_events.jsonl` (1GB file), parses JSONL, and displays with level filtering (ALL/ERROR/WARNING/INFO/DEBUG). Glassmorphic UI with color-coded severity badges and left-border highlights.

**New Code Archives Page** (`app/api/routes.py`, `app/templates/archives.html`): Created `/archives` route that parses `memory/progress.md` into date-grouped sections, renders as a timeline with color-coded icons (bug=red, add=green, update=yellow), and lists archived report files from `memory/reports/`.

**Sidebar Navigation** (`app/templates/base.html`): Added Error Logs (bug icon) and Archives (archive icon) links to the sidebar nav after Architecture.

**Fixed Error Logs Info Spam**: Hardcoded `/error-logs?level=ERROR` into the sidebar link and removed non-error filters from `error_logs.html` to ensure the page strictly acts as an error tracker without backend restarts.

**Fixed Archives Page 500 Crash**: Resolved a Jinja2 template engine method collision where `section.items` called the Python dictionary `.items()` method instead of accessing the key. Swapped to bracket notation `section['items']`.

2026-06-01 (PnL Accuracy and UI Tweaks) 2 changes

**Fixed Paper Trade PnL 0 Bug**: Upstox `/market-quote/ltp` API returns the trading symbol as the dictionary key for Options instead of the requested instrument token. This caused `UpstoxClient.get_ltp` to fail to extract the last price, returning `0.0`. During paper trades, if the WebSocket cache was empty, this led to the exit price falling back to the entry price, resulting in a PnL of 0. Fixed by adding a fallback iteration over the response values to match the `instrument_token`.

**UI Timestamp Format**: Updated the Trade Log table (`trade_log_table.html`) to display timestamps in the standard Indian datetime format (DD-MM-YYYY HH:MM:SS) and added a `to_ist` Jinja filter in `routes.py` to ensure the timezone accurately reflects Asia/Kolkata instead of the database's UTC format.

2026-05-29 (PnL Accuracy & Headless Auth) 5 changes

**Fixed Upstox PnL Reporting Mismatch**: The dashboard previously showed ₹0.00 Gross PnL when the Upstox metadata API returned zeros. Added a fallback engine that reconstructs Gross PnL from individual trade rows (`realized_pnl` or `sell - buy`). This ensures 100% calculation parity with official Upstox exports (-₹2,568 Gross / -₹4,946 Net for the provided sample).

**Expanded Charge Aggregation**: Audited the reports module and added missing charge categories (SEBI Turnover Fees, Clearing Charges, Other Fees). The UI and Telegram bot now correctly account for all statutory costs, matching the official Upstox ledger.

**Implemented Headless Authentication**: Created `UpstoxAuthHelper` to remove the browser dependency for logins. By providing a TOTP secret, PIN, and mobile number in configuration, the bot now automatically performs the OAuth flow. This is integrated into the `check_token` middleware for transparent session restoration.

**UI/UX Audit Upgrades**: Added a "Reconciliation Badge" on the reports page and overhauled the charges breakdown table for better financial transparency.

**Validation**: `python3 -m pytest` passed all relevant PnL and codebase quality tests (46/46).

2026-05-27 (Critical Trading Bug Fixes — 3 Confirmed Bugs) 7 changes

**Fixed Manual Lot Override Crushed by Quantity Multiplier** (`app/services/trading_controller.py`): `execute_pending_trade()` unconditionally applied `_apply_quantity_multiplier()` to the lot count, even when the user had manually set `config_qty`. Signal's MACD exhaustion (0.5x) + divergence (0.5x) = 0.25x multiplier was reducing 2 manually-set lots to 1 lot. Fixed by checking `self.config_qty > 0` (manual mode) to bypass the multiplier entirely. Activity messages now clearly distinguish `"manual override"` vs `"X.XXx risk multiplier"`.

**Fixed T1 Partial Booking Sending Invalid NSE Order** (`app/services/trading_controller.py`): `monitor_open_positions()` calculated `book_qty = monitor.entry_qty // 2`, which for a 1-lot position (65 qty) produced 32 — an invalid quantity on NSE where lot size is 65. Fixed by rounding down to the nearest lot boundary: `half_lots = (entry_qty // 2) // lot_size; book_qty = half_lots * lot_size`. When `book_qty <= 0` (single lot), the partial exit is skipped and the full position enters EMA40 trailing with a clear alert message.

**Fixed Force Exit PNL = ₹0 Due to WebSocket Key Mismatch** (`app/services/trading_controller.py`, `app/services/upstox_feeder.py`): Upstox WebSocket feeds use colon-separated keys (`NSE_FO:57047`) while `Trade.symbol` and REST APIs use pipe-separated keys (`NSE_FO|57047`). This mismatch caused `_fetch_ltp()` cache misses, REST fallback failures (market closed), and fallback to `entry_price` — producing ₹0 PNL. Fixed by: (1) `_fetch_ltp()` now tries the alternate key format on cache miss, (2) `UpstoxFeeder._process_feed()` now stores LTP under both colon and pipe key formats.

**Validation**: `python3 -m py_compile app/services/trading_controller.py app/services/upstox_feeder.py` passed.

**Fixed PaperBroker Key Mismatch** (`app/services/paper_broker.py`): `place_order()` did exact key lookup in `cached_ltps` — same pipe-vs-colon mismatch. Added alternate key lookup and diagnostic logging when no cached LTP is found.

**Added _fetch_ltp Diagnostic Logging** (`app/services/trading_controller.py`): When `_fetch_ltp()` exhausts both cache and REST and falls back to entry_price, it now logs a WARNING with the instrument key and available cache keys for debugging.

**Server Restart**: Killed PID 3889 (old code) and restarted via `start.sh` to load all fixes into memory.

2026-05-25 18 changes

**Prompt Baseline Upgrade (Renko v3.4 FIXED)**: Archived and standardized a new canonical analyst prompt in `memory/prompts.md` for the high-probability Nifty options workflow.

**Rule Corrections Captured**: Documented v3.4 fixes for Anchor Day (55% threshold + neutral-day score override) and Donchian blocking (flat = score 0, quantitative <20 pts/5 bricks), plus immutable hard no-trade gates.

**Execution Safety**: Added explicit minimum input contract and anti-fabrication note to require missing data instead of inventing live values.

**Migration Execution Flow Realignment**: Rolled back in-app startup Alembic execution and moved `alembic upgrade head` to operational startup commands so migration runs happen before Uvicorn process start (local `start.sh` and Docker `api` service command).

**Operational Simplicity**: Removed `AUTO_MIGRATE_ON_STARTUP` settings toggle to avoid split behavior and keep one deterministic migration path per startup script.

**Docs Sync**: Updated README migration section to reflect command-level auto-migration behavior.

**Validation**: `python -m py_compile app/main.py app/core/config.py` and `bash -n start.sh` passed.

**Startup Restore Degraded-Mode Hardening**: Refined `ProgrammingError` handling in `app/main.py` during `restore_state_from_db()` by prioritizing PostgreSQL SQLSTATE checks (`42703`, `42P01`) and using safer fallback message heuristics for undefined table/column conditions.

**Actionable Operator Diagnostics**: Startup degraded log now extracts and names the missing schema object (column/table where possible) and includes explicit migration command guidance (`alembic upgrade head`).

**Health Visibility Preserved**: Continued exposing degraded startup state through `/health` (`startup_status`, `warnings`) while keeping the controller forced to stopped state for safety.

**Validation**: `python -m compileall app/main.py app/services/trading_controller.py` and `python scripts/validate_memory_sync.py --base HEAD~1 --head HEAD` passed.

**Strategy Gate Tuning (NO-TRADE frequency control)**: Added configurable strategy-gate settings in `app/core/config.py` for Anchor and Donchian checks (`anchor_bull_threshold`, `anchor_bear_threshold`, `anchor_min_bricks`, `donchian_flat_lookback`, `donchian_flat_threshold`).

**SignalEngine Configuration Consistency**: Updated `SignalEngine.__init__` to cache `get_settings()` on `self.settings` and consume those values instead of hard-coded constants.

**Anchor Day Guardrail Refinement**: Neutral anchor mandatory block now triggers only when intraday bricks are at least `anchor_min_bricks`, reducing early-session false `NO TRADE` due to low sample sizes. Anchor reason now includes thresholds and brick count for observability.

**Donchian Flat-Band Refinement**: Flat-band lookback and threshold are now config-driven for safer runtime tuning without code changes.

**Validation**: `python -m compileall app/core/config.py app/strategy/signal_engine.py` passed. Targeted pytest run could not execute in container due to missing dependencies/import path (`pandas` absent, `app` import unresolved in current env).

**Schema Parity QA Hardening**: Reworked `tests/test_trades_schema_parity.py` to use Python AST parsing of `app/models/trade.py` instead of importing SQLAlchemy modules, preserving deterministic model-field contract checks in dependency-light CI containers.

**Validation**: `PYTHONPATH=. pytest -q tests/test_trades_schema_parity.py` passed (1/1).

2026-05-20 8 changes

**Global Auto-Logout on Token Expiry**: Implemented a global exception handler for `UpstoxApiError` in `app/main.py`. This handler catches 401 Unauthorized errors, clears the Upstox session from Redis, and redirects the user to `/login` (supporting both standard and HTMX requests). Modified `UpstoxClient.get_ltp` and `TradingController._fetch_ltp` to ensure 401 errors propagate to the global handler instead of being swallowed.

**Autonomous Option Sizing & Zero-Touch Execution**: Upgraded `TradingController` to support zero-touch execution, completely bypassing manual Telegram/UI buttons when configured in live or paper mode. Enabled automatic option lot calculation (using `RiskManager.position_size`) based on configured capital, risk fraction (default 2%), and standard Nifty lot size (65) when the user leaves the lot size empty.

**Lockout Guardrail**: Confirmed and enforced strict daily trading limit of exactly 1 trade per day, locking the execution engine after the first trade. Refactored the `_trades_today` method to calculate Indian Standard Time (IST) day boundaries timezone-safely, converting them to UTC for querying the database.

**Dynamic Trailing Stop-Loss (TSL)**: Added dynamic Trailing Stop Loss functionality. Option positions continuously monitor their live LTP; when the premium increases by `TSL_Activation_Target` (default 15 points) above the entry price, a trailed stop-loss is set at `highest_premium - TSL_Trail_Amount` (default 10 points) and adjusted upward as price moves in favor.

**Database & UI Synchronization**: Modified `Trade` model to store `highest_premium` and added automatic database startup migrations in `main.py` lifespan context. Made lot size parameter optional in schema, API endpoints, and dashboard web interface (updating start button label dynamically).

**Swing Strategy Backtester Alignment**: Rewrote the `backtest_stock` function in `screener_backtest.py` to utilize the live `ScreenerService._analyze_stock` method. This guarantees 100% calculation parity between backtesting and live scanning for RSI (Wilder's smoothing), EMA 50 slope, relative strength (Nifty 50), and sector score filters.

**Upstox Quotes Fetch Batching**: Upgraded `fetch_quotes` in `upstox_client.py` to chunk instrument keys into groups of 50 and fetch concurrently via `asyncio.gather`. This resolves the `414 URI Too Long` errors and Upstox rate limits when scanning the Nifty 500 universe.

**Test Suite Mocking**: Replaced the direct PostgreSQL `SessionLocal` dependency in `test_paper_trading_pnl.py` with an in-memory dictionary mock (`MockSession`), eliminating local database connectivity issues during testing. Mocked `upstox_client.fetch_quotes` to bypass Redis dependency. All 46 tests now pass cleanly.

2026-05-14 3 changes

**Fixed Dashboard Market Data**: Resolved an issue where "Current Nifty" failed to update in real-time. The WebSocket client was ignoring price updates if the initial UI value was `N/A` (parsing to `NaN`). Modified the JS logic to always accept the first update regardless of the placeholder's numeric validity.

**Fixed Dashboard Market Data Stutter**: Added `hx-preserve="true"` to the Current Nifty price element in `dashboard_stats.html`. This prevents HTMX's 5-second polling from destroying the element, allowing the WebSocket to provide smooth, tick-by-tick updates without visual interruption.

**UI Simplification**: Removed the redundant "Current Nifty" widget from the Strategy Performance section. It was displaying the exact same data as the top Market Pulse section, which sometimes caused a perceived sync gap due to different rendering lifecycles.

2026-05-12 28 changes

Fixed UDAPI1154 Static IP issue with clear user instructions.

Added "Reconnect" button to dashboard for auth errors.

Improved Activity Ledger with human-readable symbols, strike prices, and option types.

Implemented Upstox Market Data WebSocket for real-time price streaming.

Added frontend WebSocket pulse animations (tick-by-tick updates).

Centralized WebSocket client in `base.html` for universal real-time price support across all pages.

Fixed historical trade records in DB to populate missing strike prices and trading symbols for past trades.

Upgraded Docker configuration to production-ready standards (multi-stage build, healthchecks, restart policies).

Expanded Telegram Bot capabilities: Added /login, /pnl, /screener, and /portfolio commands.

Integrated Max Alpha v2.0 Screener into Telegram with one-click GTT/Market execution for swing trades.

Added real-time Upstox connection status indicators (🟢/🔴) to Telegram bot menu and status reports.

Upgraded Market Data Feeder to Upstox v3 WebSocket protocol (Protobuf) to resolve 410 Gone error from discontinued v2 endpoints.

Resolved discrepancy between Web UI and Telegram login status by migrating user profile and funds endpoints to v3 API.

Synchronized authentication checks across all services to ensure consistent "Connected" status.

Implemented a premium Web UI overhaul featuring Glassmorphism 2.0, Bento Grid layouts, and a modern sidebar navigation.

Integrated Tabler Icons and sophisticated dark-mode tokens for a professional trading terminal aesthetic.

Finalized UI/UX stabilization: Implemented a high-contrast label system (.premium-label) and resolved readability issues in dark mode.

Fixed Screener Scan functionality: Corrected HTMX loading indicators and spinner visibility for real-time feedback.

Implemented "Hybrid" Upstox API Versioning: Successfully balanced v3 (Market Data Feed) and v2 (User/Funds) endpoints to resolve both 410 (Gone) and 404 (Not Found) errors.

Verified mobile-first responsiveness: Added a collapsible sidebar and mobile top-nav for seamless phone/tablet trading.

Stabilized production UI: Removed conflicting Bootstrap background classes and standardized the Glassmorphism design across all dashboard modules.

Modernized Trade Log & User Guide: Redesigned both pages into the Glassmorphism 2.0 system with a Bento Grid layout.

Completed Full Platform QA Audit: Verified every button, link, and label contrast across Dashboard, Screener, Portfolio, Log, and Guide.

Fixed critical visibility bugs: Replaced invisible muted text with a high-contrast (.premium-label) system.

Finalized Sentiment Contrast: Forced white text on all dynamic sentiment and status badges (BEARISH/BULLISH/PAPER/LIVE) to ensure legibility on colored backgrounds.

Added Execution Feedback: Implemented 'In Progress' states for Screener Scans and Backtests to provide immediate user feedback during long-running tasks.

**Production Merge**: Successfully merged v4.6 (v5.1 Stable) into the `main` branch.

Project Goal Achievement: Maintaining a professional, high-fidelity trading terminal (v5.1 Stable).

2026-05-13 8 changes

Fixed Portfolio UI Visibility: Resolved "hidden text" issue in badges by explicitly defining high-contrast glassmorphism styles in `ui.css`.

Standardized Badge System: Migrated all badges (Qty, Type, Status, IP Restricted) to a centralized semi-transparent system with bright, legible text.

Synchronized Project Memory: Updated all `/memory` files and rules to reflect recent UI stabilization and contrast improvements.

**Telegram Bot Fixes**: Resolved the 'no response' issue for the `positions` command by adding error handling and fixing Upstox API key lookups (`trading_symbol` vs `tradingsymbol`).

**Bot Status Visibility**: Enhanced the Telegram bot main menu to display the current **Mode** (LIVE/PAPER) and **Status** (Monitoring/Stopped) at a glance.

**Position Filtering Bug**: Fixed a bug where closed positions (quantity=0) were still displayed in the Telegram bot; added filtering to only show active trades.

**Added Status Button**: Implemented a dedicated **📡 Status** button in the Telegram bot for quick access to detailed monitoring information.

**Reliability Documentation**: Updated `README.md` with instructions for macOS `caffeinate` and VPS deployment recommendations to solve the "MacBook sleep" issue.

2026-05-13 (QA Audit Session) 7 changes

**🔴 CRITICAL BUG FIXED — Bot Auto-Stop**: `restore_state_from_db()` was hardcoding `self.is_running = False` and also resetting the DB state. Bot monitoring was lost on every restart. Fixed to properly restore `is_running` from DB.

**🔴 CRITICAL BUG FIXED — --reload in start.sh**: Removed `--reload` flag from uvicorn production start command. This was silently restarting the server on any file change, triggering the state reset bug above. Now uses `--workers 1`.

**🟠 HIGH BUG FIXED — 3PM Hard Exit repeated calls**: Added `_hard_exit_done_date` date guard to `check_time_stops()`. Previously fired `exit_all_trades()` every 30 seconds from 3:00–3:30 PM (60 redundant broker calls).

**🟡 MEDIUM BUG FIXED — _active_entry_time uninitialized**: Added `self._active_entry_time = None` and `self._hard_exit_done_date = None` to `TradingController.__init__`.

**Full code QA pass**: Reviewed `trading_controller.py`, `telegram_bot.py`, `main.py`, `start.sh`, and all UI templates.

**Portfolio UI verified**: `.badge.bg-white` is correctly defined in `ui.css` (line 276) with proper glassmorphism contrast.

**Memory synchronized**: Updated `bugs.md`, `lessons.md`, `progress.md`, `tasks.md`, `decisions.md`.

2026-05-14 12 changes

**Code Optimization & Reliability Enhancements**:

Centralized LTP fetching in `UpstoxClient.get_ltp()` to handle key normalization and errors consistently.

Fixed Manual Order logging in `TradingController` to ensure all trades have `trading_symbol`, `strike_price`, and `option_type`.

Refactored `TradingController` and `MarketDataService` to use `asyncio.gather` for concurrent I/O, significantly reducing latency in the main trading loop and chart data loading.

Standardized error handling by replacing silent `except Exception:` blocks with informative logging across `api`, `services`, and `main.py`.

**Code Optimization & QC Pass**:

Optimized `TradingController` and `portfolio_page` with `asyncio.gather` for concurrent API calls, reducing latency.

Standardized code style across the `app/` directory using `ruff format`.

Resolved 40+ linting issues including unused imports, variables, and bare except blocks.

Improved reliability by replacing bare `except:` with `except Exception:`.

Removed redundant bot state sync calls to minimize DB overhead.

Verified stability with a full pass of 38 existing strategy tests.

2026-05-15 6 changes

**Strategy audit complete**: Full codebase vs SKILL.md v3.3 — code is v3.3-compliant. Attached v3.2 prompt is outdated (Thursday expiry, no time stops). Expiry confirmed correct: `prechecks.py` uses `weekday() == 1` (Tuesday, SEBI Sep-2025). No change needed.

**Fix 1 — Backtest real data** (`app/api/routes.py`): Replaced dummy monotone OHLC with real Nifty 50 5-minute candles via `MarketDataService`. Graceful fallback if Upstox session missing.

**Fix 2 — Secondary OI levels** (`app/services/market_data.py`): `get_oi_levels()` upgraded from `tuple[float, float]` to `tuple[float, float, float, float]`. Now tracks 2nd-highest CE and PE OI strikes. `signal_engine.py` caller updated to unpack 4-tuple.

**Fix 3 — Donchian flat-band** (`app/strategy/signal_engine.py`): Replaced exact float `==` comparison with 0.05% percentage-change threshold over 5 bars. Old guard was a near-no-op.

**Tests updated** (`tests/test_signal_engine_renko_rsi.py`): Mock for `get_oi_levels` expanded to 4-tuple to match new contract.

**Branch**: `fix/strategy-gaps` pushed to GitHub.

2026-05-15 (Trade Persistence & PNL Enhancement) 13 changes

**Implemented Trade Monitoring Persistence**: Modified `Trade` database model to store `spot_sl`, `t1_spot_level`, `t1_hit`, `partial_booked`, `trailing_ema`, and `entry_time`. This ensures that active trade monitoring (Layer 1 Spot SL, T1 Targets, and EMA Trailing) is accurately restored even after a bot or server restart.

**Fixed Database Schema Sync Error**: Identified and resolved an `UndefinedColumnError` during startup. The existing PostgreSQL `trades` table lacked the newly added fields. Created and ran an `ALTER TABLE` Python scratch script to seamlessly migrate the existing database without data loss.

**Prepared Dockerfile for Render Deployment**: Updated the `Dockerfile` to use the dynamic `$PORT` environment variable required by Render.com. Also added the `TZ="Asia/Kolkata"` environment variable to ensure time-based trading logic (like 3:15 PM hard exits) operates correctly on UTC-default cloud servers.

**Fixed Deployment Dependencies**: Added `upstox-python-sdk` and `protobuf` to `requirements.txt` to resolve `ModuleNotFoundError: No module named 'upstox_client'` during cloud deployment builds.

**Enhanced Dashboard Statistics**: Updated the dashboard to display **Unrealized MTM** alongside realized PNL, providing a real-time view of open trade performance.

**Improved Telegram Status**: Enhanced the `/status` command in the Telegram bot to display detailed monitoring info for active trades, including current Spot SL and Target status.

**Refined Lifespan Logic**: Added robust error handling for Telegram bot initialization and Upstox feeder in `main.py` to prevent startup crashes when external services or tokens are missing.

**SSO Authentication Overhaul**:

Implemented a dedicated Landing Login Page (`login.html`) following Glassmorphism 2.0 aesthetics.

Integrated Upstox SSO as the primary entry point for the dashboard.

Added a secure logout mechanism that clears the session from Redis.

Enhanced the global sidebar with a logout button and authentication status visibility.

Added a custom SVG-based favicon to the dashboard for a professional terminal experience.

2026-05-15 (Logout Fix) 4 changes

**Fixed Logout "Not Found" Error**:

Resolved an issue where users encountered a 404 error during logout.

Added support for trailing slashes (`/logout/`) and implemented an explicit `/api/auth/logout` endpoint for consistency with other authentication routes.

Updated the redirect status code to `303` (See Other) to ensure proper browser behavior after clearing the session.

2026-05-15 (Security & Reliability Audit) 6 changes

**Implemented Security Hardening**:

Added `Depends(check_token)` to all sensitive POST routes in `routes.py`, including bot start/stop, mode switching, manual orders, and screener scans.

Secured the WebSocket `/ws` endpoint with a token check on connection.

**Fixed Upstox Feeder Reliability**: Resolved the "None isn't a valid URI" error by adding validation for the WebSocket authorized URL and improved error logging for API responses.

**Verified Strategy Logic**: Fixed unit test failures in `test_signal_engine_renko_rsi.py` caused by the 2:00 PM entry cutoff by properly mocking `datetime.now()` in the test suite.

**Documented Audit**: Created `memory/security_audit.md` and updated `bugs.md`, `lessons.md`, and `tasks.md`.

2026-05-16 3 changes

**Fixed Upstox Feeder WebSocket URL**: Resolved an issue where the feeder failed to connect because the Upstox API response used `authorizedRedirectUri` instead of `authorizedRedirectUrl`. Added support for multiple key variants (`Uri` vs `Url`, camelCase vs snake_case) to improve resilience.

**Fixed Upstox Feeder WebSocket Compatibility**: Resolved `ImportError` for `State` and `AttributeError: 'ClientConnection' object has no attribute 'closed'` by updating imports and replacing legacy `.closed` checks with `ws.state == State.OPEN` checks, ensuring compatibility with `websockets` library version 14.1.

**Telegram Bot Conflict Investigation**: Addressed the `telegram.error.Conflict` error. Verified that no multiple instances were running in the current environment and documented the cause (multiple bots using the same token).

2026-05-15 (Telegram Auth Improvements) 8 changes

**Enhanced Telegram Bot Authentication**:

Implemented `_ensure_login` in `TelegramBotService` to enforce authentication for sensitive commands (`/status`, `/positions`, `/pnl`, etc.).

Updated `/login` command to include `state=telegram` in the Upstox OAuth URL.

Modified `auth_callback` in `routes.py` to detect `state=telegram` and redirect users back to the Telegram bot (`https://t.me/{bot_username}`) after successful login.

Automated bot username retrieval on startup for dynamic redirect support.

Resolved an issue where users encountered a 404 error during logout.

Added support for trailing slashes (`/logout/`) and implemented an explicit `/api/auth/logout` endpoint for consistency with other authentication routes.

Updated the redirect status code to `303` (See Other) to ensure proper browser behavior after clearing the session.

2026-05-17 (Auth Middleware Hardening) 3 changes

**Replaced blacklist middleware with whitelist auth guard** (`app/main.py`): Old middleware had a `PROTECTED_PATHS` set that required every new route to be manually added. New middleware protects ALL routes by default — only explicitly listed public paths (`/login`, `/health`, `/static/*`, `/api/auth/*`) bypass auth. Any new page or API route is automatically secure without config changes.

**HTMX-aware redirects**: HTMX partial requests get an `HX-Redirect` header so the full page redirects cleanly to `/login` without breaking partial swap.

**Removed redundant token checks** from `index()` route in `routes.py` — middleware now handles this centrally (DRY principle).

2026-05-17 (v5.1 Stability Improvements) 5 changes

Implemented mandatory pre-trade lot confirmation across Web UI and Telegram so monitoring cannot start or create pending trades without a confirmed lot size.

Added live/unrealized, daily realized, and total PNL visibility to dashboard, trade log, paper trades, and Telegram `/pnl` breakdowns.

Added `/reports` analytics page and `/api/reports-data` endpoint using Trade DB data for performance summary, daily PNL chart, trade breakdown, and pattern analysis.

Hardened auth redirect handling with an HTTPException 307 handler that redirects expired Upstox sessions to `/login`.

Improved mobile responsiveness with sidebar overlay, collapsible bento grid, responsive PNL cards, mobile typography/card spacing, and horizontal table wrappers.

2026-05-17 (Auth Redirect Fix) 1 changes

Fixed auth redirect — replaced HTTPException(307) pattern with HTTP middleware for reliable login guard.

2026-05-17 (Mobile Responsive UI Hotfix) 1 changes

**Synchronized local branch & restarted server**: Pulled latest updates from `origin dev` and restarted the Uvicorn server (which runs without `--reload` for background loop stability). This successfully loaded all mobile responsiveness fixes (collapsible bento grid columns, card-like ledger row wrapping, sidebar overlays) into the active server, resolving the squeezed/broken layout on mobile screens. Verified perfect mobile responsiveness at a 400px viewport width using the browser subagent.

2026-05-18 (Telegram Parsing, Keep-Alive, & Mobile UI Improvements) 20 changes

**Fixed Telegram Markdown Entity Parsing Error**:

Created `escape_markdown` utility helper inside `telegram_bot.py` to escape Telegram special formatting characters.

Modified status command `/status` in `telegram_bot.py` to wrap active `mon.option_symbol` in backticks and pass `self.controller.last_activity` to `escape_markdown()`.

Modified signal alert trigger in `trading_controller.py` to wrap dynamic `option_symbol` in backticks.

**Implemented Dynamic Cloud Server Keep-Alive**:

Added a generic self-pinging keep-alive background task (`keep_alive_loop`) inside FastAPI's lifespan inside `main.py` that automatically triggers a self-ping to its own `/health` endpoint every 10 minutes when running on any remote environment (detecting if `upstox_redirect_uri` does not contain `localhost` or `127.0.0.1`).

Added a silent non-blocking background wake-up ping (`_ping_server_if_needed`) triggered dynamically inside `_is_authorized()` in `telegram_bot.py` whenever a user interacts with the bot. This immediately spins up sleeping server containers (e.g. on Render.com free tier).

**Polished Mobile Web UI Headers and Alignment**:

Replaced hardcoded vertical alignments (`.align-items-end`) in the page headers of `dashboard.html` and `.text-end` in `portfolio.html` with clean responsive Bootstrap utility classes (`.align-items-lg-end` and `.text-lg-end`), ensuring items align perfectly to start on mobile and align to end on desktop screens.

Optimized the `bento-grid` layout to use a tighter `1rem` gap on small viewports (<576px) to maximize screen area and prevent squeezed content.

Removed broad and generic `.d-flex.gap-2` flexbox vertical stack rule from `ui.css` which was breaking layout alignments of small side-by-side badges/badges in other sections of the terminal.

**Fixed Telegram duplicate edit keyboard crash**:

Imported `BadRequest` from `telegram.error` in `telegram_bot.py`.

Wrapped the inline settings menu `edit_text` call and the main menu `edit_message_text` call in `try...except BadRequest` blocks.

Ignored `"Message is not modified"` errors from Telegram API, preventing bot crashes when a user double-clicks settings/menu controls or navigates without changing configurations.

**Fixed Upstox Feeder SSL Certificate Verify Failure on macOS**:

Integrated the `certifi` library to retrieve the standard Mozilla CA bundle path via `certifi.where()`.

Modified `_run_loop` in `app/services/upstox_feeder.py` to initialize `ssl_context = ssl.create_default_context(cafile=certifi.where())`.

Resolved the persistent `[SSL: CERTIFICATE_VERIFY_FAILED]` error which was crashing the WebSocket data feed connection loop every 5 seconds on macOS, successfully establishing instant, stable real-time data streaming.

Gracefully terminated the old running server process and initiated a clean reboot via `start.sh` inside a persistent terminal to load the patched service in memory.

2026-05-18 (Audited Upstox P&L and Charges Integration) 10 changes

**Implemented Official Upstox P&L Service Methods**: Created `fetch_pnl_metadata`, `fetch_pnl_charges`, and `fetch_pnl_data` in `UpstoxClient` to query the live Upstox v2 Profit & Loss endpoints.

**Created Robust Indian Fiscal Year Utility**: Added a static method `get_financial_year(dt: date)` inside `UpstoxClient` to dynamically resolve fiscal year strings (e.g., `2627` for FY 2026-2027) based on April 1st threshold boundaries.

**Created Web UI reports-api Endpoint**: Integrated `GET /api/upstox/reports` inside `routes.py`, executing concurrent fetching of metadata, charges, and transactional data logs.

**Designed Dual-Ledger Reports Dashboard**: Overhauled `reports.html` with modern glassmorphic pills allowing users to switch between the Local Bot Trade Ledger and the official audited Upstox Ledger.

**Integrated Chart.js Fees Breakdown & Transaction Table**: Enabled a dynamic Chart.js pie chart to render trading charges (Brokerage, STT, GST, Txn Fees, Stamp Duty) visually alongside a comprehensive interactive trade logs breakdown table.

**Upgraded Telegram Bot with Upstox P&L Command**: Registered a new `/upstox_pnl` command and `btn_upstox_pnl` callback. Symmetrically added an "📈 Upstox PNL" button to the main keyboard menu to deliver automated real-time profit and loss metrics and last 5 option trading details directly in chats.

**Fixed Upstox Date-Parsing Bug**: Resolved a `NameError: name 'datetime' is not defined` inside `routes.py` where a dynamic format date converter silent block failed to convert standard YYYY-MM-DD browser date picker inputs to Upstox's required DD-MM-YYYY format, causing a 400 Bad Request.

**Fixed Single-Date Selection Validation Error**: Resolved the `UDAPI1075` validation failure when a user select only a `From Date` or only a `To Date`. Added intelligent default logic: if only `From Date` is selected, `To Date` automatically defaults to today's date; if only `To Date` is selected, `From Date` automatically defaults to the start of that financial year (`01-04-YYYY`).

**Fixed Past-Date Selection & Dynamic Financial Year Calculation**: Resolved range violation errors when selecting manual start dates in previous financial years (e.g., January 2026, which belongs to FY 25-26 while the drop-down selected FY 26-27). Added backend logic to dynamically parse selected dates, automatically calculate the correct financial year code via `get_financial_year`, and cap the missing `To Date` boundary at the end of that specific financial year (`31-03-YYYY`) to avoid API boundary errors.

**Implemented Parallel Cross-Financial Year Spanning Engine**: Resolved `UDAPI1105` range violations when a user selects custom start/end date bounds that span across multiple financial years (e.g., March 1st to May 8th). Implemented a powerful segment partitioning algorithm that splits the range into sub-ranges (one per fiscal year), executes API calls concurrently in parallel, merges metadata profit and loss metrics, aggregates and breakdowns detailed charges, and concatenates and sorts combined transaction records descending by date.

2026-05-18 (Codebase Audit & Quality Control) 7 changes

**Fixed WebSocket error logging AttributeError**: Replaced `setup_logging().error(...)` with standard `logging.getLogger("app.main").error(...)` inside `app/main.py` on line 240, ensuring WebSocket disconnect exceptions are logged safely without causing AttributeErrors.

**Prevented Upstox Feeder UnboundLocalError**: Initialized `ltp = 0.0` at the beginning of each key iteration loop inside `_process_feed` in `upstox_feeder.py`, preventing crashes when incoming protobuf feed updates don't match any of the conditional data layout branches.

**Resolved T1 booking state sync race condition**: Moved `monitor.partial_booked = True` *prior* to calling `_partial_exit` inside `monitor_open_positions` in `trading_controller.py`. This ensures that when the partial exit commits to the database, it captures and saves the updated booking flags atomically, eliminating a double-booking vulnerability on mid-trade server restarts.

**Optimized Redis connection pool**: Refactored `UpstoxClient` in `upstox_client.py` to use a global cached Redis client instance rather than instantiating a new `redis.from_url` pool on every client initialization (which ran on every API request and middleware check), preventing socket and file descriptor exhaustion.

**Implemented clean Telegram Bot shutdown**: Added a robust `stop` method in `TelegramBotService` to close updater, stop, and shutdown sessions cleanly. Integrated this method in the FastAPI lifespan `finally` block in `main.py` to prevent hanging tasks and connections on server shutdown or reload.

**Hardened Telegram Markdown Escaping**: Upgraded `escape_markdown` in `telegram_bot.py` to explicitly stringify the input object, preventing TypeError failures if non-string `last_activity` updates are sent.

**Created automated Quality Control tests**: Added `tests/test_codebase_quality.py` to verify the Redis singleton pool caching, Markdown escaping robustness, and feeder UnboundLocalError protection, resulting in **43/43 tests successfully passing**.

2026-05-18 (Fix Paper Trading P&L and Exit Price Inconsistency) 7 changes

**Implemented In-Memory WebSocket LTP Caching**: Added `cached_ltps` dictionary initialized inside `TradingController` to store incoming price updates for all options instruments and index keys streamed live over WebSockets.

**Enhanced WebSocket Feeder to Populate Cache**: Updated `_process_feed` inside `upstox_feeder.py` to continuously record raw, tick-by-tick prices of all subscribed keys to the controller's memory cache, achieving sub-millisecond real-time accuracy.

**Refactored LTP Fetcher with Cache Priority**: Patched `_fetch_ltp` inside `trading_controller.py` to prioritize reading from the local `cached_ltps` dictionary first. Only executes slow network REST API requests as a redundant backup when the cache is empty, avoiding off-market/token failures and significantly reducing latency.

**Upgraded Simulated Paper Broker**: Passed the `TradingController` reference to `PaperBroker` and modified `place_order` to dynamically consume the live cached LTP of options for simulated order fills, replacing the static `100.0` default.

**Fixed Manual Paper Trade Exit & P&L Recording**: Standardized price extraction in `place_manual_order` to directly read the executed broker fill price. Exiting paper trades now successfully fetches the real exit price from the live cache, calculating and persisting the accurate, non-zero P&L to PostgreSQL instead of defaulting to `0.0`.

**Created Comprehensive Unit Tests**: Added `tests/test_paper_trading_pnl.py` verifying full caching, LTP fallback, paper order filling, and exit P&L calculation; confirmed all 39 tests passing successfully.

**Rebooted Server for Active Memory Update**: Terminated the running Uvicorn server and performed a clean reboot in the background to update the active process memory.

2026-05-18 (Max Alpha Hybrid Institutional Swing Engine v4.0) 8 changes

**Rebuilt the screener core from technical-only v2.0 into a hybrid institutional v4.0 engine**: added data-quality normalization, duplicate candle removal, invalid OHLC rejection, stale-data warnings, and incomplete daily/weekly candle exclusion to reduce look-ahead bias and repainting risk.

**Implemented three-layer swing workflow semantics**: intraday momentum/watchlist state, daily watchlist scoring, and Friday-only weekly confirmation labels now drive signal classification rather than every candidate being treated as an immediate final breakout.

**Added institutional weighted conviction scoring**: Technical 30, Fundamental 20, Quant 25, Institutional Flow 15, and Sector Strength 10 are exposed on every trade card, with 60/70/80/90 conviction bands for WATCHLIST/BUY/STRONG BUY/ELITE ALPHA.

**Upgraded ranking logic**: candidates now require 52-week-high proximity within 3%, daily RSI > 55, price above 20 EMA and 50 SMA, positive trend alignment, liquidity/traded-value checks, volatility control through ATR%, relative strength vs Nifty across 1M/3M/6M, smart-money volume/close-range signals, and sector proxy strength.

**Expanded trade-card payloads**: every screener result now carries technical analysis, fundamental thesis, quant analysis, institutional activity, sector leadership, relative strength, risk analysis, entry/SL/targets, probability rating, smart-money signals, and volume/delivery analysis fields.

**Updated screener UI table**: the results partial now displays v4 conviction, layer, sector, weighted factor breakdown, traded value, RS and institutional activity instead of only RSI/volume/R:R.

**Added regression tests for the new screener engine**: tests cover duplicate/bad/incomplete candle filtering and full institutional trade-card/scoring payload generation.

**Environment limitation discovered**: local test execution is blocked because the active Python 3.14 environment does not have project dependencies installed and package installation is blocked by a 403 tunnel error from the package index.

2026-05-18 (Memory Synchronization and Guide Overhaul) 4 changes

**Synchronized Project Memory and Overhauled User Guide**:

Updated `README.md` to incorporate the mandatory Memory-First Development Protocol guidelines in the "Development Principles" section.

Redesigned `app/templates/guide.html` by adding a beautiful new Glassmorphism 2.0 bento-grid card at the bottom dedicated to the Memory-First Protocol (Mandatory Workflow).

Updated project memory (`progress.md` and `tasks.md`) to reflect the completion of this memory synchronization task.

2026-05-18 (UCC ID Authentication Guard) 3 changes

**Implemented Strict UCC Access Control**:

Added an authentication guard in `app/api/routes.py` (`auth_callback`) that fetches the Upstox user profile immediately after OAuth token exchange.

Hardcoded validation to only allow UCC ID `249962`. Any other Upstox account attempting to log in will have their token immediately cleared and be blocked with a 403 Unauthorized Access screen.

2026-05-18 (Screener GTT Button Fix) 6 changes

**Fixed critical bug: GTT button was completely non-functional**:

Root cause 1: `scheduleGTT()` JS function was never defined in `screener.html` — button silently failed on every click.

Root cause 2: Template passed `s.target1` but API schema expects field name `target`.

Fix: Added full `scheduleGTT()` function with a premium dark-mode confirm modal (showing symbol, qty, entry, SL, target, R:R ratio), a loading spinner, and a success/error toast notification system. The function correctly POSTs to `/api/order/gtt` with the exact schema fields.

**Fixed critical modal rendering bug**: Removed the Bootstrap `d-flex` utility class from the modal container which was overriding `style="display:none;"` due to Bootstrap's `!important` rule, causing it to display as a blank pop-up on page load.

**Bypassed Paper Trading for GTT Orders**: Modified `/api/order/gtt` endpoint to bypass the `PAPER` check so that swing trade orders triggered from the screener always place actual, live GTT orders on Upstox.

2026-05-18 (GTT Quantity & Screener Backtester Overhaul) 10 changes

**User-Editable GTT Order Quantity**:

Upgraded the GTT Confirm Modal inside `screener.html` by replacing the static Qty display with an interactive styled `<input type="number" id="gtt-qty-input">`.

Wired the "Confirm GTT" click handler to dynamically read, validate, and assign the user's custom quantity to `_gttPending.qty` before placing the live GTT order on Upstox.

Ensured the success toast dynamically reflects the user's custom quantity.

**Optimized v4.0 Resampled Screener Backtest Engine**:

Investigated why the screener backtest returned 0 trades. Found that daily data was limited to 730 days while weekly data spanned 2200 days, creating a data length mismatch that discarded historical candles.

Found that legacy filters (`pct_from_high < -0.5` and `vol_ratio < 2.5`) were extremely restrictive, rejecting every historical candle.

Completely overhauled `backtest_stock` in `app/services/screener_backtest.py` to resample weekly candles directly from daily candles using `_weekly_from_daily(dfd)`. This enables sub-second execution speeds (under 2 seconds for the entire 15-stock portfolio!).

Aligned all indicators and criteria to match the live v4.0 Hybrid Institutional Swing Screener strategy (daily RSI > 55, 52W high proximity within 3%, daily/weekly volume surge, traded value check, and ATR volatility protection).

Verified that the backtest generates high-quality realistic trades (approx 10 trades with realistic win-rate and profit factor statistics) over the 15 large-caps.

2026-05-18 (Screener Visibility & Performance Optimization) 9 changes

**Eliminated Upstox API 429 Rate Limits**: Implemented thread-safe class-level daily candle cache (`_candle_cache`) with a 2-hour TTL inside `ScreenerService` to prevent Cloudflare blocks.

**In-Memory Weekly Resampling**: Bypassed weekly candle broker API requests by resampling weekly candles directly from daily candles in memory, reducing API overhead by 50%.

**Watchlist Engine Performance**: Scans now complete in under 2 seconds on the first run, and resolve instantly (under 100ms) on subsequent runs using cached candles.

**Dynamic Watchlist Selection**: Added support for Nifty 50 and Nifty 500 options scan. Created a premium glassmorphic selector in `screener.html` next to the "Run Market Scan" button, automatically serialized in the HTMX POST request using `hx-include`.

**Dynamic Results Header**: Rendered the scanned universe name dynamically in `screener_results.html` (e.g. `Nifty 50 • Institutional v4.0` vs `Nifty 500 • Institutional v4.0`).

**Anti-Blocking Batch Processing**: Implemented batching of 25 with 0.2s pause between batches for large Nifty 500 scans to completely bypass Cloudflare security limits.

**Single Source of Truth Watchlist Mappings**: Created `nifty50_instruments.py` which dynamically filters the Nifty 50 tickers from the validated `NIFTY500_INSTRUMENTS` dictionary, preventing stale ISIN mapping failures.

**Aligned & Relaxed Strategy Indicators**: Updated `screener.py` and `screener_backtest.py` with matched relaxed indicators (52W high proximity within 8%, daily RSI > 50, ATR protection, relative strength, daily/weekly volume surge) to accurately surface high-conviction swing setups.

**Verified Codebase Quality**: Ran pytest and successfully passed 45/45 tests with 100% success rate.

2026-05-24 9 changes

**Memory-First Reinforcement**: Re-read project memory state and formalized the operational requirement that every code change must be archived in memory artifacts. Synchronized task tracking and lessons to ensure no change is left undocumented.

**Dashboard Auto-Logout Fix (2026-05-24)**: Updated `/api/dashboard` MTM LTP exception loop to re-raise `UpstoxApiError(401)` instead of swallowing it inside `asyncio.gather(return_exceptions=True)` fallback flow. This now triggers the global exception handler which clears token and sends redirect (`HX-Redirect` for HTMX), so users are moved to `/login` automatically after token expiry.

**Self-Learning Risk Adaptation (2026-05-24)**: Added adaptive risk-fraction logic in `TradingController` that reviews recent closed-trade PnL window and automatically reduces risk after loss-heavy streaks (or increases slightly in strong win regimes) within configured min/max bounds; autonomous lot sizing now uses this learned risk fraction and logs reason tags (`loss-defense`, `win-confidence`, `neutral`, `adaptive-warmup`).

**Lifespan Logger Scope Fix**: Removed function-local `import logging` statements inside `lifespan` and nested loops in `app/main.py`, and centralized to a single `logger` instance. This fixes `UnboundLocalError: local variable 'logging' referenced before assignment` during degraded startup handling after DB restore exceptions.

**Validation**: `python -m compileall app/main.py` passed.

**SignalEngine v3.4 Logic Alignment**: Updated `app/strategy/signal_engine.py` to match fixed v3.4 execution semantics: neutral anchor is no longer an immediate hard block, flat Donchian contributes score 0 only, and RSI hard blocks are absolute (removed override gate).

**Anchor Scoring Bug Fix**: Corrected bear-anchor detection to use bear brick ratio (not inverse bull ratio), and improved anchor diagnostics to include bull/bear percentages.

**Decision Threshold Alignment**: Enforced anchor-aware mid-tier entries (`+4/+5` CE only when bull anchor, `-4/-5` PE only when bear anchor) while retaining strong-tier `±6..±9` decisions for any anchor type.

**Validation**: `python -m py_compile app/strategy/signal_engine.py` passed.

2026-05-26 (Fix NameError Trading Bugs & Architecture Web UI) 10 changes

**Resolved Stuck Bot in "Monitoring" State**:

Identified and fixed three runtime `NameError` bugs that caused exceptions within `eval_and_trade` or `monitor_open_positions` loops, causing the trading bot to get stuck in a "Monitoring" state without executing trades or logging proper warnings:

**`zone_reason` Bug**: Initialized `zone_reason = "Flat or Mid-zone"` in `app/strategy/signal_engine.py` to prevent referencing it before assignment when `_bands_flat` is true or certain indicator paths are taken.

**`override_gate` Bug**: Replaced stale variable reference `override_gate` with `False` (matching current strategy spec where RSI override gate is disabled) in the `SignalEngine` return payload in `app/strategy/signal_engine.py`.

**`vix` NameError Bug**: Replaced uninitialized reference to `vix` in `monitor_open_positions` inside `app/services/trading_controller.py` with `float(pt.expiry_decision_metadata.get("vix_value", 16.0))` to safely extract VIX from the option target payload metadata.

**System Architecture Web UI Page**:

Drafted a full architecture wireframe (`project_wireframe.md`) mapping core components, data layers, external API interactions, and core trade loop execution sequences.

Implemented `/architecture` route in `app/api/routes.py` serving a dedicated premium Jinja2 template (`app/templates/architecture.html`).

Rendered high-fidelity interactive flowcharts and sequence diagrams on the client side using Mermaid.js.

Added navigation links in `app/templates/base.html` for easy accessibility.