from edgemind.plan_cert import PlanCert, sign_plan_cert, verify_plan_cert, make_plan_proof, verify_plan_proof def test_plan_cert_sign_and_verify(): key = b"supersecretkey" cert = PlanCert( plan_id="plan-1", preconditions={"battery": ">=20"}, postconditions={"position": "near-target"}, invariants={"no-collision": True}, worst_case_energy=12.5, wcet_ms=500, max_actuator_exposure=0.2, criticality="normal", rollback_checkpoint={"checkpoint_hash": "h1", "revert_window": 30}, provenance={"planner_version": "v0.1", "seed": 42, "env_hash": "abc"}, ) signed = sign_plan_cert(cert, key) assert signed.signature is not None assert verify_plan_cert(signed, key) is True def test_plan_cert_tamper_detection(): key = b"k" cert = PlanCert( plan_id="p2", preconditions={}, postconditions={}, invariants={}, provenance={"planner_version": "x"}, ) signed = sign_plan_cert(cert, key) # Tamper a field signed.worst_case_energy = 999.0 assert verify_plan_cert(signed, key) is False def test_plan_proof_sign_and_verify(): key = b"k2" cert = PlanCert( plan_id="p3", preconditions={}, postconditions={}, invariants={}, provenance={"planner_version": "x"}, ) # create a proof and sign it proof = make_plan_proof(cert, accepted=True, score=0.95, verifier="test-verifier", key=key) assert proof.signature is not None assert verify_plan_proof(proof, key) is True def test_plan_cert_with_optional_fields(): key = b"k3" cert = PlanCert( plan_id="p4", preconditions={}, postconditions={}, invariants={}, provenance={"planner_version": "y"}, rollback_checkpoint={"checkpoint_hash": "c1", "revert_window": 10}, criticality="critical", ) signed = sign_plan_cert(cert, key) assert verify_plan_cert(signed, key) is True