9d380f5013
WebSocket client + CLI harness + pytest suite that exercises each axis of a CKBunker + Coldcard Mk4 policy and asserts the expected outcomes, including the critical negative test that a large PSBT without TOTP is rejected with a specific 'rule #1: need user(s) confirmation' reason. Configuration via .env / YAML / CLI flags, two pre-crafted test PSBTs as fixtures (generation guide in fixtures/README.md), dashboard counter scraper as sanity check, design rationale in docs/.
28 lines
1.0 KiB
Python
28 lines
1.0 KiB
Python
"""The critical negative test: a transaction that exceeds the auto-approve
|
|
cap must be *rejected* by the Coldcard when TOTP is absent.
|
|
|
|
If this test passes, your policy is doing its job. If it fails by reporting
|
|
SIGNED, stop everything and review the policy on-device — you are running
|
|
with no 2FA gate on Rule #1-sized spends.
|
|
"""
|
|
|
|
import pytest
|
|
|
|
from ckbunker_hsm_sign import Client, SignStatus
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_large_psbt_without_totp_is_rejected(client: Client, large_psbt: bytes):
|
|
async with client.session() as session:
|
|
res = await session.sign_psbt(large_psbt, use_totp=False)
|
|
|
|
# Fail LOUDLY if the policy didn't stop this.
|
|
assert res.status != SignStatus.SIGNED, (
|
|
"POLICY NOT ENFORCED: large PSBT signed without TOTP. "
|
|
"Check the Coldcard's installed policy immediately."
|
|
)
|
|
assert res.is_expected_rejection("rule #1"), (
|
|
f"expected a 'rule #1: need user(s) confirmation' rejection, "
|
|
f"got status={res.status.value} reason={res.reason!r}"
|
|
)
|