Initial commit: add .gitignore and README

docs/EMERGENCY_PROCEDURES.md

@@ -0,0 +1,141 @@
+# Emergency Procedures
+
+## Overview
+
+This document outlines emergency procedures for the Strategic executor system.
+
+## Emergency Contacts
+
+- **Technical Lead**: [Contact Info]
+- **Security Team**: [Contact Info]
+- **Operations**: [Contact Info]
+
+## Emergency Response Procedures
+
+### 1. Immediate Actions
+
+#### Pause Executor
+```bash
+# Via multi-sig or owner account
+forge script script/Pause.s.sol --rpc-url $RPC_MAINNET --broadcast
+```
+
+Or via contract:
+```solidity
+executor.pause();
+```
+
+#### Revoke Allow-List
+```solidity
+// Remove problematic address
+executor.setAllowedTarget(problematicAddress, false);
+
+// Or disable allow-list entirely (if configured)
+executor.setAllowListEnabled(false);
+```
+
+### 2. Incident Assessment
+
+1. **Identify Issue**: What went wrong?
+2. **Assess Impact**: How many users/transactions affected?
+3. **Check Logs**: Review transaction logs and monitoring
+4. **Notify Team**: Alert relevant team members
+
+### 3. Containment
+
+1. **Pause System**: Pause executor immediately
+2. **Block Addresses**: Revoke problematic protocol addresses
+3. **Stop New Executions**: Prevent new strategies from executing
+4. **Preserve Evidence**: Save logs, transactions, state
+
+### 4. Recovery
+
+1. **Fix Issue**: Address root cause
+2. **Test Fix**: Verify on testnet/fork
+3. **Gradual Resume**: Unpause and monitor closely
+4. **Document**: Record incident and resolution
+
+## Common Scenarios
+
+### Flash Loan Attack
+
+**Symptoms**: Unauthorized flash loan callbacks
+
+**Response**:
+1. Pause executor immediately
+2. Review `allowedPools` mapping
+3. Remove unauthorized pools
+4. Verify flash loan callback security
+5. Resume after verification
+
+### Allow-List Bypass
+
+**Symptoms**: Unauthorized contract calls
+
+**Response**:
+1. Pause executor
+2. Review allow-list configuration
+3. Remove problematic addresses
+4. Verify allow-list enforcement
+5. Resume with stricter controls
+
+### High Gas Usage
+
+**Symptoms**: Transactions failing due to gas
+
+**Response**:
+1. Review gas estimates
+2. Optimize strategies
+3. Adjust gas limits
+4. Monitor gas prices
+
+### Price Oracle Failure
+
+**Symptoms**: Stale or incorrect prices
+
+**Response**:
+1. Pause strategies using affected oracles
+2. Switch to backup oracle
+3. Verify price feeds
+4. Resume after verification
+
+## Recovery Procedures
+
+### After Incident
+
+1. **Post-Mortem**: Document what happened
+2. **Root Cause**: Identify root cause
+3. **Prevention**: Implement prevention measures
+4. **Testing**: Test fixes thoroughly
+5. **Communication**: Notify stakeholders
+
+### System Restoration
+
+1. **Verify Fix**: Confirm issue is resolved
+2. **Testnet Testing**: Test on testnet first
+3. **Gradual Rollout**: Resume with small limits
+4. **Monitoring**: Monitor closely for 24-48 hours
+5. **Normal Operations**: Resume normal operations
+
+## Prevention
+
+### Regular Checks
+
+- Weekly: Review transaction logs
+- Monthly: Verify protocol addresses
+- Quarterly: Security review
+- Annually: Comprehensive audit
+
+### Monitoring
+
+- Real-time alerts for failures
+- Daily health checks
+- Weekly metrics review
+- Monthly security scan
+
+## Contact Information
+
+- **Emergency Hotline**: [Number]
+- **Security Email**: security@example.com
+- **Operations**: ops@example.com
+