Where do I store the VaR limits?

In the `agents` table or config JSON under `risk_params`. The Brain loads them per cycle and surfaces them in SessionManager + Boss prompts.

How fast do alerts fire?

ErrorWatcher tails logs in near real time. Slack/webhook posts land within 2 seconds of a breach, and SES email follows for compliance copies.

Can we pause the bot automatically?

Yes. When drawdown or VaR is breached, the Brain transitions to WAIT mode, flips `agent_state` to `HALT_PENDING`, and notifies ops to re-enable after review.

Risk Guardrails & VaR Alerts | HyperAgent Knowledge Base | HyperAgent

1. ErrorWatcher setup

Configure `monitoring/error_watcher.py` to tail `backend_run_new.log`, flagging execution errors, stale signers, or reduce-only rejections. Point it at Slack/SES.

2. VaR thresholds

Define per-agent VaR (daily %, notional) in the DB. Boss prompts include the limits and Executor enforces them (skip trades when projected loss > VaR).

3. Drawdown circuit breakers

Set `drawdown_limit_pct` and `cooldown_minutes` in config; when triggered, the Brain flips to WAIT until ops clear the flag.

4. Alerting runbook

Slack channel for ops, SES email for compliance, plus `hyperalpha_daily.py` summary so stakeholders see PnL/risk snapshots each morning.

5. Intraday VaR computation

Use `cron_strategy.py` to pull Hyperliquid L2 data and compute rolling volatility. Multiply by exposure to estimate 95%/99% VaR and persist to `risk_snapshots` so dashboards show live breach indicators.

6. Ticketing integration

When ErrorWatcher raises a severity HIGH alert, post to the ticketing queue (Postgres `support_tickets`) with contextual log lines and assign to the on-call rotation.

7. Regulatory evidence

Archive VaR breaches, alert acknowledgments, and mitigation steps as PDFs (or SES threads) for SOC2 / MiCA evidence. Include SHA of relevant logs for tamper-proofing.