manawenuz/featherChat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c8b51fa96b912488c683666d6c4858a1dccd91a6
featherChat/warzone/UAT/PHASE7.md
Siavash Sameni c8b51fa96b UAT test plans for all 7 phases 
UAT/PHASE1.md — 20 test scenarios, 80+ checkboxes
  Identity, encryption, messaging, TUI, web, groups, aliases,
  auth, OTP replenishment, session persistence, cross-client

UAT/PHASE2.md — 7 scenarios (WASM, receipts, files, multi-device, HW wallet, groups, history)
UAT/PHASE3.md — 6 scenarios (DNS discovery, key transparency, federation, mutual TLS, gossip)
UAT/PHASE4.md — 10 scenarios (mule identity, pickup, delivery, receipts, dedup, expiry, compression)
UAT/PHASE5.md — 6 scenarios (Bluetooth, LoRa, mDNS, Wi-Fi Direct, USB export, fallback chain)
UAT/PHASE6.md — 3 scenarios (sealed sender, traffic analysis resistance, onion routing)
UAT/PHASE7.md — 8 scenarios (ntfy, DoH, DB encryption, admin CLI, rate limiting, audit, CI, monitoring)

Each test has exact commands to run and checkboxes for pass/fail.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 08:01:36 +04:00

4.6 KiB
Raw Blame History

Phase 7 — User Acceptance Testing (Operations & Polish)

Phase 7 is NOT YET IMPLEMENTED. This is a pre-written test plan.

Prerequisites

  • Phase 6 UAT fully passing
  • ntfy server (self-hosted or ntfy.sh)
  • CI/CD pipeline configured

1. ntfy Push Notifications

Setup:

cargo run --bin warzone-server -- --ntfy-url https://ntfy.example.com

Client subscribes:

cargo run --bin warzone-client -- notifications --enable
  • Client registers ntfy topic (fingerprint-derived)
  • When offline and message arrives, ntfy push notification sent
  • Notification shows: "New message" (NO message content — E2E)
  • Android: ntfy app shows notification
  • iOS: ntfy app shows notification
  • Desktop: ntfy web shows notification
  • Self-hosted ntfy: all above work against own instance

2. DNS-over-HTTPS (Censored Networks)

DNS blocked but HTTPS available:

cargo run --bin warzone-client -- chat --doh https://1.1.1.1/dns-query
  • DNS resolution via HTTPS (bypasses local DNS censorship)
  • Federation discovery works through DoH
  • Key transparency verification works through DoH
  • Fallback to system DNS if DoH fails

3. Server-at-Rest Encryption

cargo run --bin warzone-server -- --encrypt-db
# Prompted for passphrase on startup
  • sled database encrypted at rest
  • Server restart requires passphrase
  • If server seized (power off), DB is unreadable without passphrase
  • Performance impact: < 10% overhead
  • Without --encrypt-db, DB is plaintext (default)

4. Admin CLI

cargo run --bin warzone-server -- admin
  • admin list-users — shows all registered fingerprints + aliases
  • admin list-groups — shows all groups + member counts
  • admin ban <fingerprint> — blocks user from server
  • admin unban <fingerprint> — unblocks user
  • admin list-mules — shows authorized mules
  • admin authorize-mule <fp> — authorizes a mule
  • admin revoke-mule <fp> — revokes mule authorization
  • admin stats — shows message counts, active users, queue depth
  • admin gc — garbage collect expired messages, tokens, aliases

5. Rate Limiting

Spam prevention:

  • More than 100 messages/minute from one fingerprint → rate limited
  • Rate limit response: HTTP 429 with retry-after header
  • Client shows: "Rate limited, retry in 30 seconds"
  • Group sends: limit per-member, not per-group

Registration abuse:

  • More than 5 identities from one IP per hour → blocked
  • Alias registration: max 1 per hour per fingerprint

6. Audit Logging

cargo run --bin warzone-server -- --audit-log /var/log/warzone-audit.log
  • All authentication events logged (success + failure)
  • Key registrations logged
  • Group create/join/leave logged
  • Alias registrations logged
  • Message metadata logged (from_fp, to_fp, timestamp, size — NO content)
  • Mule pickups/deliveries logged
  • Log format: structured JSON, one event per line
  • Log rotation compatible (logrotate)

7. Cross-Compilation CI

cargo build --target x86_64-unknown-linux-gnu
cargo build --target aarch64-unknown-linux-gnu
cargo build --target x86_64-apple-darwin
cargo build --target aarch64-apple-darwin
cargo build --target x86_64-pc-windows-msvc
wasm-pack build --target web crates/warzone-protocol
  • Linux x86_64: static binary, runs on Ubuntu/Debian/Alpine
  • Linux aarch64 (ARM): runs on Raspberry Pi / ARM servers
  • macOS x86_64: runs on Intel Macs
  • macOS aarch64: runs on Apple Silicon
  • Windows: runs on Windows 10+
  • WASM: loads in Chrome, Firefox, Safari
  • All binaries < 20 MB
  • CI pipeline runs tests on all platforms
  • Release artifacts uploaded to GitHub/Gitea

8. Monitoring & Health

Health check:

curl http://localhost:7700/v1/health
  • Returns status, version, uptime
  • Queue depth included
  • Active connections count
  • DB size on disk

Prometheus metrics (optional):

curl http://localhost:7700/metrics
  • warzone_messages_total counter
  • warzone_active_users gauge
  • warzone_queue_depth gauge
  • warzone_auth_failures_total counter

Summary

# Feature Result
1 ntfy notifications
2 DNS-over-HTTPS
3 Server-at-rest encryption
4 Admin CLI
5 Rate limiting
6 Audit logging
7 Cross-compilation CI
8 Monitoring & health

Tester: _______________ Date: _______________

Reference in New Issue View Git Blame Copy Permalink