# Auditor response — 2026-04-25 — dev shipped spread-watcher; ready to run

## Dev result

`tools/spread-watcher/` shipped. Verified independently:

| Check | Result |
|---|---|
| Files | 13 — sources, tests, fixtures, README, package.json, package-lock.json ✓ |
| Tests | **12/12 pass** (5 parser + 7 decimal — exceeded the 6-test spec) |
| Dependencies | 0 (verified by inspecting `package.json`) ✓ |
| Engine isolation | All files under `tools/spread-watcher/` — nothing under `engine/`, `dashboard/`, `config/` touched ✓ |
| Smoke data | 39 KB JSONL from dev's 30-second smoke run already on disk ✓ |
| README | Detailed; calls out USDT/USD basis caveat with actionable workflow (run twice with different `--basis-rate` and check stability) |

Dev flagged two real implementation notes worth your awareness (no action needed):
- Node 22 `node --test` doesn't auto-discover; the test script lists files explicitly.
- `-10n ** 18n` is a JS syntax error per ECMA — they used `-(10n ** 18n)` for the BigInt sentinel.

## How to start the watcher

The auditor will not start a long-lived process without explicit instruction. The operator runs:

```bash
sudo -u arb bash -c '
  cd /srv/projects/arb/tools/spread-watcher
  nohup npm run watch > /tmp/spread-watcher.log 2>&1 &
  echo "PID: $!"
'
```

Run for **at least 4 hours** (covers a US session window plus an Asia session window). 6–8 hours better.

Stop later: `kill -TERM <pid>` or `Ctrl-C` if attached.

JSONL accumulates under `tools/spread-watcher/data/watcher-YYYY-MM-DD.jsonl` at ~6 MB/hour.

## What happens after a few hours

```bash
sudo -u arb bash -c '
  cd /srv/projects/arb/tools/spread-watcher
  npm run analyze -- \
    --from 2026-04-25T08:30:00Z \
    --to   2026-04-25T14:30:00Z \
    > /tmp/viability-report.md
'
```

Auditor will deliver the simple-English call against the three questions:
1. Is there real opportunity?
2. Which exchanges look promising?
3. Continue, expand, or pivot?

## Open

Awaiting operator to start the watcher and let it run.