9d380f5013
WebSocket client + CLI harness + pytest suite that exercises each axis of a CKBunker + Coldcard Mk4 policy and asserts the expected outcomes, including the critical negative test that a large PSBT without TOTP is rejected with a specific 'rule #1: need user(s) confirmation' reason. Configuration via .env / YAML / CLI flags, two pre-crafted test PSBTs as fixtures (generation guide in fixtures/README.md), dashboard counter scraper as sanity check, design rationale in docs/.
21 lines
686 B
Python
21 lines
686 B
Python
"""Rule #1 equivalent: with a fresh TOTP code the same large PSBT signs."""
|
|
|
|
import pytest
|
|
|
|
from ckbunker_hsm_sign import Client, SignStatus
|
|
from ckbunker_hsm_sign.config import Config
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_large_psbt_signs_with_totp(client: Client, large_psbt: bytes, cfg: Config):
|
|
if not cfg.totp_secret:
|
|
pytest.skip("TOTP_SECRET not configured")
|
|
|
|
async with client.session() as session:
|
|
res = await session.sign_psbt(large_psbt, use_totp=True)
|
|
|
|
assert res.status == SignStatus.SIGNED, (
|
|
f"expected SIGNED, got {res.status.value}: {res.reason or res.error}"
|
|
)
|
|
assert res.signed_bytes and res.signed_bytes[:5] == b"psbt\xff"
|