# Phase 7 — User Acceptance Testing (Operations & Polish)

> Phase 7 is NOT YET IMPLEMENTED. This is a pre-written test plan.

## Prerequisites

- Phase 6 UAT fully passing
- ntfy server (self-hosted or ntfy.sh)
- CI/CD pipeline configured

---

## 1. ntfy Push Notifications

**Setup:**
```bash
cargo run --bin warzone-server -- --ntfy-url https://ntfy.example.com
```

**Client subscribes:**
```bash
cargo run --bin warzone-client -- notifications --enable
```

- [ ] Client registers ntfy topic (fingerprint-derived)
- [ ] When offline and message arrives, ntfy push notification sent
- [ ] Notification shows: "New message" (NO message content — E2E)
- [ ] Android: ntfy app shows notification
- [ ] iOS: ntfy app shows notification
- [ ] Desktop: ntfy web shows notification
- [ ] Self-hosted ntfy: all above work against own instance

---

## 2. DNS-over-HTTPS (Censored Networks)

**DNS blocked but HTTPS available:**
```bash
cargo run --bin warzone-client -- chat --doh https://1.1.1.1/dns-query
```

- [ ] DNS resolution via HTTPS (bypasses local DNS censorship)
- [ ] Federation discovery works through DoH
- [ ] Key transparency verification works through DoH
- [ ] Fallback to system DNS if DoH fails

---

## 3. Server-at-Rest Encryption

```bash
cargo run --bin warzone-server -- --encrypt-db
# Prompted for passphrase on startup
```

- [ ] sled database encrypted at rest
- [ ] Server restart requires passphrase
- [ ] If server seized (power off), DB is unreadable without passphrase
- [ ] Performance impact: < 10% overhead
- [ ] Without `--encrypt-db`, DB is plaintext (default)

---

## 4. Admin CLI

```bash
cargo run --bin warzone-server -- admin
```

- [ ] `admin list-users` — shows all registered fingerprints + aliases
- [ ] `admin list-groups` — shows all groups + member counts
- [ ] `admin ban <fingerprint>` — blocks user from server
- [ ] `admin unban <fingerprint>` — unblocks user
- [ ] `admin list-mules` — shows authorized mules
- [ ] `admin authorize-mule <fp>` — authorizes a mule
- [ ] `admin revoke-mule <fp>` — revokes mule authorization
- [ ] `admin stats` — shows message counts, active users, queue depth
- [ ] `admin gc` — garbage collect expired messages, tokens, aliases

---

## 5. Rate Limiting

**Spam prevention:**
- [ ] More than 100 messages/minute from one fingerprint → rate limited
- [ ] Rate limit response: HTTP 429 with retry-after header
- [ ] Client shows: "Rate limited, retry in 30 seconds"
- [ ] Group sends: limit per-member, not per-group

**Registration abuse:**
- [ ] More than 5 identities from one IP per hour → blocked
- [ ] Alias registration: max 1 per hour per fingerprint

---

## 6. Audit Logging

```bash
cargo run --bin warzone-server -- --audit-log /var/log/warzone-audit.log
```

- [ ] All authentication events logged (success + failure)
- [ ] Key registrations logged
- [ ] Group create/join/leave logged
- [ ] Alias registrations logged
- [ ] Message metadata logged (from_fp, to_fp, timestamp, size — NO content)
- [ ] Mule pickups/deliveries logged
- [ ] Log format: structured JSON, one event per line
- [ ] Log rotation compatible (logrotate)

---

## 7. Cross-Compilation CI

```bash
cargo build --target x86_64-unknown-linux-gnu
cargo build --target aarch64-unknown-linux-gnu
cargo build --target x86_64-apple-darwin
cargo build --target aarch64-apple-darwin
cargo build --target x86_64-pc-windows-msvc
wasm-pack build --target web crates/warzone-protocol
```

- [ ] Linux x86_64: static binary, runs on Ubuntu/Debian/Alpine
- [ ] Linux aarch64 (ARM): runs on Raspberry Pi / ARM servers
- [ ] macOS x86_64: runs on Intel Macs
- [ ] macOS aarch64: runs on Apple Silicon
- [ ] Windows: runs on Windows 10+
- [ ] WASM: loads in Chrome, Firefox, Safari
- [ ] All binaries < 20 MB
- [ ] CI pipeline runs tests on all platforms
- [ ] Release artifacts uploaded to GitHub/Gitea

---

## 8. Monitoring & Health

**Health check:**
```bash
curl http://localhost:7700/v1/health
```

- [ ] Returns status, version, uptime
- [ ] Queue depth included
- [ ] Active connections count
- [ ] DB size on disk

**Prometheus metrics (optional):**
```bash
curl http://localhost:7700/metrics
```

- [ ] `warzone_messages_total` counter
- [ ] `warzone_active_users` gauge
- [ ] `warzone_queue_depth` gauge
- [ ] `warzone_auth_failures_total` counter

---

## Summary

| # | Feature | Result |
|---|---------|--------|
| 1 | ntfy notifications | ☐ |
| 2 | DNS-over-HTTPS | ☐ |
| 3 | Server-at-rest encryption | ☐ |
| 4 | Admin CLI | ☐ |
| 5 | Rate limiting | ☐ |
| 6 | Audit logging | ☐ |
| 7 | Cross-compilation CI | ☐ |
| 8 | Monitoring & health | ☐ |

**Tester:** _______________
**Date:** _______________