groove-dev 0.27.77 → 0.27.78

package/moe-training/test/server/ingest-security.test.js

@@ -0,0 +1,166 @@
+// FSL-1.1-Apache-2.0 — see LICENSE
+
+import { describe, it, beforeEach, afterEach } from 'node:test';
+import assert from 'node:assert/strict';
+import { mkdtempSync, rmSync } from 'node:fs';
+import { join } from 'node:path';
+import { tmpdir } from 'node:os';
+import { generateECDHKeypair, signEnvelope } from '../../shared/crypto.js';
+import { SessionRegistry } from '../../server/session-registry.js';
+import { EnvelopeVerifier } from '../../server/verifier.js';
+import { EnvelopeStorage } from '../../server/storage.js';
+
+const VALID_CONTRIBUTOR = 'c'.repeat(32);
+const VALID_APP_HASH = 'b'.repeat(64);
+
+function makeSignedEnvelope(sessionId, sequence, sharedSecret, overrides = {}) {
+  const envelope = {
+    envelope_id: `env_test_${sequence}`,
+    session_id: sessionId,
+    chunk_sequence: sequence,
+    contributor_id: VALID_CONTRIBUTOR,
+    metadata: { model_engine: 'claude-opus-4-6', provider: 'claude-code', agent_role: 'backend', agent_id: 'backend-1' },
+    trajectory_log: [{ step: 1, type: 'thought', timestamp: Date.now() / 1000, content: 'test', token_count: 10 }],
+    ...overrides,
+  };
+
+  const forHmac = { ...envelope };
+  const envelopeBytes = JSON.stringify(forHmac);
+  const hmac = signEnvelope(sharedSecret, envelopeBytes, sequence);
+
+  envelope.attestation = {
+    session_hmac: hmac,
+    sequence,
+    app_version_hash: VALID_APP_HASH,
+  };
+
+  return envelope;
+}
+
+describe('Ingest Security', () => {
+  let registry;
+  let verifier;
+  let storage;
+  let tmpDir;
+  let sharedSecret;
+  const sessionId = 'sess_ingest_sec_001';
+
+  beforeEach(() => {
+    tmpDir = mkdtempSync(join(tmpdir(), 'ingest-sec-'));
+    registry = new SessionRegistry(join(tmpDir, 'sessions.db'));
+    storage = new EnvelopeStorage(join(tmpDir, 'envelopes'));
+    verifier = new EnvelopeVerifier(registry);
+
+    const clientKeypair = generateECDHKeypair();
+    registry.openSession(
+      sessionId, clientKeypair.publicKey, 'claude-code', 'claude-opus-4-6',
+      'fp_ingest', 'hash_ingest', '0.27.77'
+    );
+
+    const session = registry.getSession(sessionId);
+    sharedSecret = session.shared_secret;
+  });
+
+  afterEach(() => {
+    registry.close();
+    rmSync(tmpDir, { recursive: true, force: true });
+  });
+
+  it('rejects envelope with > 500 steps', () => {
+    const steps = Array.from({ length: 501 }, (_, i) => ({
+      step: i, type: 'thought', timestamp: Date.now() / 1000,
+    }));
+    const envelope = makeSignedEnvelope(sessionId, 0, sharedSecret, { trajectory_log: steps });
+    const result = verifier.verify(envelope);
+    assert.equal(result.valid, false);
+    assert.ok(result.reason.includes('schema'));
+  });
+
+  it('rejects envelope when session has > 200 envelopes', () => {
+    // Simulate 200 envelopes already received
+    for (let i = 0; i < 200; i++) {
+      registry.incrementEnvelopeCount(sessionId);
+    }
+
+    const withinLimit = registry.checkEnvelopeCount(sessionId, 200);
+    assert.equal(withinLimit, false);
+  });
+
+  it('server generates envelope_id (client value ignored)', () => {
+    const envelope = makeSignedEnvelope(sessionId, 0, sharedSecret);
+    const originalId = envelope.envelope_id;
+
+    // Verify passes
+    const result = verifier.verify(envelope);
+    assert.equal(result.valid, true);
+
+    // In the real ingest flow, server overwrites envelope_id
+    // Verify the dedup infrastructure works
+    const generatedId = 'env_server_generated';
+    registry.recordProcessedEnvelope(generatedId, sessionId);
+    assert.equal(registry.isEnvelopeProcessed(generatedId), true);
+    assert.equal(registry.isEnvelopeProcessed(originalId), false);
+  });
+
+  it('rejects invalid model_engine via schema validation', () => {
+    const envelope = makeSignedEnvelope(sessionId, 0, sharedSecret, {
+      metadata: { model_engine: 'gpt-5-turbo', provider: 'claude-code', agent_role: 'backend', agent_id: 'backend-1' },
+    });
+    const result = verifier.verify(envelope);
+    assert.equal(result.valid, false);
+    assert.ok(result.reason.includes('schema'));
+  });
+
+  it('rejects invalid contributor_id format', () => {
+    const envelope = makeSignedEnvelope(sessionId, 0, sharedSecret, {
+      contributor_id: 'not-a-valid-hex-id',
+    });
+    const result = verifier.verify(envelope);
+    assert.equal(result.valid, false);
+    assert.ok(result.reason.includes('schema'));
+  });
+
+  it('envelope dedup prevents double-processing', () => {
+    const envelopeId = 'env_dedup_test';
+    assert.equal(registry.isEnvelopeProcessed(envelopeId), false);
+
+    registry.recordProcessedEnvelope(envelopeId, sessionId);
+    assert.equal(registry.isEnvelopeProcessed(envelopeId), true);
+
+    // Recording again should not throw (INSERT OR IGNORE)
+    registry.recordProcessedEnvelope(envelopeId, sessionId);
+    assert.equal(registry.isEnvelopeProcessed(envelopeId), true);
+  });
+
+  it('per-session envelope count tracks correctly', () => {
+    assert.equal(registry.checkEnvelopeCount(sessionId, 200), true);
+
+    registry.incrementEnvelopeCount(sessionId);
+    const session = registry.getSession(sessionId);
+    assert.equal(session.envelope_count, 1);
+
+    registry.incrementEnvelopeCount(sessionId);
+    const session2 = registry.getSession(sessionId);
+    assert.equal(session2.envelope_count, 2);
+  });
+
+  it('atomic sequence check prevents race condition', () => {
+    // First call should succeed
+    const r1 = registry.checkAndIncrementSequence(sessionId, 0);
+    assert.equal(r1.valid, true);
+
+    // Same sequence again should fail
+    const r2 = registry.checkAndIncrementSequence(sessionId, 0);
+    assert.equal(r2.valid, false);
+    assert.ok(r2.reason.includes('sequence'));
+
+    // Next sequence should succeed
+    const r3 = registry.checkAndIncrementSequence(sessionId, 1);
+    assert.equal(r3.valid, true);
+  });
+
+  it('storage quota check works', () => {
+    const ok = storage.checkQuota();
+    assert.equal(ok, true);
+  });
+});

package/moe-training/test/server/ledger.test.js

@@ -0,0 +1,131 @@
+// FSL-1.1-Apache-2.0 — see LICENSE
+
+import { describe, it, beforeEach, afterEach } from 'node:test';
+import assert from 'node:assert/strict';
+import { mkdtempSync, rmSync } from 'node:fs';
+import { join } from 'node:path';
+import { tmpdir } from 'node:os';
+import { ContributorLedger } from '../../server/ledger.js';
+
+describe('ContributorLedger', () => {
+  let ledger;
+  let tmpDir;
+
+  beforeEach(() => {
+    tmpDir = mkdtempSync(join(tmpdir(), 'ledger-test-'));
+    ledger = new ContributorLedger(join(tmpDir, 'ledger.db'));
+  });
+
+  afterEach(() => {
+    ledger.close();
+    rmSync(tmpDir, { recursive: true, force: true });
+  });
+
+  it('credits a contributor and updates balance', () => {
+    ledger.credit('contrib_001', 'sess_001', {
+      basePoints: 10,
+      totalPoints: 50,
+      modelMultiplier: 5,
+      correctionBonus: 0,
+      coordinationBonus: 0,
+      errorRecoveryBonus: 0,
+      complexityBonus: 0,
+      qualityBonus: 0,
+    });
+
+    const balance = ledger.getBalance('contrib_001');
+    assert.ok(balance);
+    assert.equal(balance.total_points, 50);
+    assert.equal(balance.total_sessions, 1);
+    assert.equal(balance.trust_score, 1.0);
+  });
+
+  it('accumulates multiple credits', () => {
+    const scoreResult = {
+      basePoints: 5, totalPoints: 25, modelMultiplier: 5,
+      correctionBonus: 0, coordinationBonus: 0, errorRecoveryBonus: 0,
+      complexityBonus: 0, qualityBonus: 0,
+    };
+
+    ledger.credit('contrib_002', 'sess_a', scoreResult);
+    ledger.credit('contrib_002', 'sess_b', scoreResult);
+    ledger.credit('contrib_002', 'sess_c', scoreResult);
+
+    const balance = ledger.getBalance('contrib_002');
+    assert.equal(balance.total_points, 75);
+    assert.equal(balance.total_sessions, 3);
+  });
+
+  it('returns null for unknown contributor', () => {
+    assert.equal(ledger.getBalance('nonexistent'), null);
+  });
+
+  it('returns leaderboard sorted by points', () => {
+    const score = (pts) => ({
+      basePoints: 1, totalPoints: pts, modelMultiplier: 1,
+      correctionBonus: 0, coordinationBonus: 0, errorRecoveryBonus: 0,
+      complexityBonus: 0, qualityBonus: 0,
+    });
+
+    ledger.credit('user_a', 'sess_1', score(100));
+    ledger.credit('user_b', 'sess_2', score(300));
+    ledger.credit('user_c', 'sess_3', score(200));
+
+    const board = ledger.getLeaderboard(10);
+    assert.equal(board.length, 3);
+    assert.equal(board[0].contributor_id, 'user_b');
+    assert.equal(board[0].total_points, 300);
+    assert.equal(board[1].contributor_id, 'user_c');
+    assert.equal(board[2].contributor_id, 'user_a');
+  });
+
+  it('gets credit history for a contributor', () => {
+    const scoreResult = {
+      basePoints: 5, totalPoints: 25, modelMultiplier: 5,
+      correctionBonus: 0, coordinationBonus: 0, errorRecoveryBonus: 0,
+      complexityBonus: 0, qualityBonus: 0,
+    };
+
+    ledger.credit('contrib_hist', 'sess_x', scoreResult);
+    ledger.credit('contrib_hist', 'sess_y', scoreResult);
+
+    const credits = ledger.getCreditsForContributor('contrib_hist');
+    assert.equal(credits.length, 2);
+    assert.ok(credits[0].multiplier_breakdown);
+  });
+
+  it('daily credits aggregation works', () => {
+    const scoreResult = {
+      basePoints: 10, totalPoints: 50, modelMultiplier: 5,
+      correctionBonus: 0, coordinationBonus: 0, errorRecoveryBonus: 0,
+      complexityBonus: 0, qualityBonus: 0,
+    };
+
+    ledger.credit('contrib_daily', 'sess_d1', scoreResult);
+    ledger.credit('contrib_daily', 'sess_d2', scoreResult);
+
+    const daily = ledger.getDailyCredits(7);
+    assert.ok(daily.length >= 1);
+    const today = daily.find(d => d.date === new Date().toISOString().slice(0, 10));
+    assert.ok(today);
+    assert.equal(today.totalPoints, 100);
+    assert.equal(today.totalSessions, 2);
+  });
+
+  it('adjusts trust score within bounds', () => {
+    const scoreResult = {
+      basePoints: 1, totalPoints: 1, modelMultiplier: 1,
+      correctionBonus: 0, coordinationBonus: 0, errorRecoveryBonus: 0,
+      complexityBonus: 0, qualityBonus: 0,
+    };
+    ledger.credit('trust_user', 'sess_t', scoreResult);
+
+    ledger.adjustTrustScore('trust_user', 2.5);
+    let balance = ledger.getBalance('trust_user');
+    assert.equal(balance.trust_score, 3.5);
+
+    ledger.adjustTrustScore('trust_user', -10);
+    balance = ledger.getBalance('trust_user');
+    assert.equal(balance.trust_score, 0);
+  });
+});

package/moe-training/test/server/scoring.test.js

@@ -0,0 +1,242 @@
+// FSL-1.1-Apache-2.0 — see LICENSE
+
+import { describe, it } from 'node:test';
+import assert from 'node:assert/strict';
+import { TrajectoryScorer } from '../../server/scoring.js';
+import { MODEL_TIERS, QUALITY_MULTIPLIERS } from '../../shared/constants.js';
+
+const scorer = new TrajectoryScorer({ MODEL_TIERS, QUALITY_MULTIPLIERS });
+
+function makeTrajectory(overrides = {}) {
+  return {
+    trajectory_log: overrides.steps || [
+      { step: 1, type: 'thought', token_count: 10 },
+      { step: 2, type: 'action', token_count: 5 },
+      { step: 3, type: 'observation', token_count: 8 },
+    ],
+    metadata: overrides.metadata || {},
+  };
+}
+
+describe('TrajectoryScorer', () => {
+  it('base scoring: 1 point per step', () => {
+    const result = scorer.score(makeTrajectory());
+    assert.equal(result.basePoints, 3);
+  });
+
+  it('caps base points at 5000', () => {
+    const steps = Array.from({ length: 6000 }, (_, i) => ({ step: i, type: 'thought' }));
+    const result = scorer.score(makeTrajectory({ steps }));
+    assert.equal(result.basePoints, 5000);
+  });
+
+  it('applies model multiplier correctly (5x for opus)', () => {
+    const result = scorer.score(makeTrajectory({
+      metadata: { model_engine: 'claude-opus-4-6' },
+    }));
+    assert.equal(result.basePoints, 3);
+    assert.equal(result.modelMultiplier, 5);
+    assert.equal(result.totalPoints, 3 * 5);
+  });
+
+  it('derives correction bonus from actual trajectory steps (not outcome)', () => {
+    const result = scorer.score(makeTrajectory({
+      steps: [
+        { step: 1, type: 'thought', token_count: 10 },
+        { step: 2, type: 'correction', token_count: 5 },
+        { step: 3, type: 'action', token_count: 8 },
+        { step: 4, type: 'action', token_count: 3 },
+      ],
+    }));
+    // 4 steps, 30% cap = 1, 1 correction step * 10 = 10
+    assert.equal(result.correctionBonus, 10);
+  });
+
+  it('caps correction steps at 30% of trajectory', () => {
+    // 10 steps, 5 are corrections — only 3 should count (30% of 10)
+    const steps = [
+      { step: 1, type: 'thought' },
+      { step: 2, type: 'correction' },
+      { step: 3, type: 'correction' },
+      { step: 4, type: 'correction' },
+      { step: 5, type: 'correction' },
+      { step: 6, type: 'correction' },
+      { step: 7, type: 'action' },
+      { step: 8, type: 'action' },
+      { step: 9, type: 'action' },
+      { step: 10, type: 'action' },
+    ];
+    const result = scorer.score(makeTrajectory({ steps }));
+    assert.equal(result.correctionBonus, 3 * 10); // 3 capped corrections x 10
+  });
+
+  it('derives coordination bonus from actual trajectory steps (not outcome)', () => {
+    const result = scorer.score(makeTrajectory({
+      steps: [
+        { step: 1, type: 'thought', token_count: 10 },
+        { step: 2, type: 'coordination', token_count: 5 },
+        { step: 3, type: 'coordination', token_count: 3 },
+        { step: 4, type: 'action', token_count: 8 },
+        { step: 5, type: 'action', token_count: 4 },
+      ],
+    }));
+    // 5 steps, 20% cap = 1, but 2 coordination steps → capped at 1 * 5 = 5
+    assert.equal(result.coordinationBonus, 5);
+  });
+
+  it('caps coordination steps at 20% of trajectory', () => {
+    // 10 steps, 4 are coordination — only 2 should count (20% of 10)
+    const steps = [
+      { step: 1, type: 'thought' },
+      { step: 2, type: 'coordination' },
+      { step: 3, type: 'coordination' },
+      { step: 4, type: 'coordination' },
+      { step: 5, type: 'coordination' },
+      { step: 6, type: 'action' },
+      { step: 7, type: 'action' },
+      { step: 8, type: 'action' },
+      { step: 9, type: 'action' },
+      { step: 10, type: 'action' },
+    ];
+    const result = scorer.score(makeTrajectory({ steps }));
+    assert.equal(result.coordinationBonus, 2 * 5); // 2 capped coordination x 5
+  });
+
+  it('derives error recovery from actual error and resolution steps', () => {
+    const result = scorer.score(makeTrajectory({
+      steps: [
+        { step: 1, type: 'error', token_count: 5 },
+        { step: 2, type: 'resolution', token_count: 10 },
+      ],
+    }));
+    assert.equal(result.errorRecoveryBonus, 3);
+  });
+
+  it('error recovery: can not recover more than encountered', () => {
+    const result = scorer.score(makeTrajectory({
+      steps: [
+        { step: 1, type: 'error' },
+        { step: 2, type: 'resolution' },
+        { step: 3, type: 'resolution' },
+        { step: 4, type: 'resolution' },
+      ],
+    }));
+    // only 1 error, 3 resolutions → errorsRecovered = min(1,3) = 1
+    assert.equal(result.errorRecoveryBonus, 1 * 3);
+  });
+
+  it('no error recovery bonus when no resolution steps', () => {
+    const result = scorer.score(makeTrajectory({
+      steps: [{ step: 1, type: 'error', token_count: 5 }],
+    }));
+    assert.equal(result.errorRecoveryBonus, 0);
+  });
+
+  it('applies complexity bonus for heavy tasks', () => {
+    const result = scorer.score(makeTrajectory({
+      metadata: { task_complexity: 'heavy' },
+    }));
+    assert.equal(result.basePoints, 3);
+    assert.equal(result.complexityBonus, 3);
+  });
+
+  it('no complexity bonus for medium tasks', () => {
+    const result = scorer.score(makeTrajectory({
+      metadata: { task_complexity: 'medium' },
+    }));
+    assert.equal(result.complexityBonus, 0);
+  });
+
+  it('client-provided session_quality is ignored (quality is server-derived)', () => {
+    // Without resolution steps, quality bonus should be 0 regardless of metadata
+    const result = scorer.score(makeTrajectory({
+      metadata: { session_quality: 100 },
+    }));
+    assert.equal(result.qualityBonus, 0);
+  });
+
+  it('quality bonus applies when trajectory has resolution and reasonable length', () => {
+    const steps = Array.from({ length: 10 }, (_, i) => ({ step: i, type: 'thought' }));
+    steps.push({ step: 10, type: 'resolution' });
+    const result = scorer.score(makeTrajectory({ steps }));
+    assert.ok(result.qualityBonus > 0);
+  });
+
+  it('quality bonus is 0 when trajectory has no resolution', () => {
+    const steps = Array.from({ length: 10 }, (_, i) => ({ step: i, type: 'thought' }));
+    const result = scorer.score(makeTrajectory({ steps }));
+    assert.equal(result.qualityBonus, 0);
+  });
+
+  it('quality bonus is 0 when trajectory is too short (< 5 steps)', () => {
+    const result = scorer.score(makeTrajectory({
+      steps: [
+        { step: 1, type: 'thought' },
+        { step: 2, type: 'resolution' },
+      ],
+    }));
+    assert.equal(result.qualityBonus, 0);
+  });
+
+  it('stacks all multipliers correctly (server-derived)', () => {
+    const steps = [
+      { step: 1, type: 'thought' },
+      { step: 2, type: 'correction' },
+      { step: 3, type: 'coordination' },
+      { step: 4, type: 'error' },
+      { step: 5, type: 'resolution' },
+      { step: 6, type: 'action' },
+      { step: 7, type: 'action' },
+      { step: 8, type: 'action' },
+      { step: 9, type: 'action' },
+      { step: 10, type: 'action' },
+    ];
+    const result = scorer.score(makeTrajectory({
+      steps,
+      metadata: { model_engine: 'claude-opus-4-6', task_complexity: 'heavy' },
+    }));
+
+    assert.equal(result.basePoints, 10);
+    assert.equal(result.modelMultiplier, 5);
+    // 1 correction out of 10 steps, max 3 → 1 * 10 = 10
+    assert.equal(result.correctionBonus, 10);
+    // 1 coordination out of 10 steps, max 2 → 1 * 5 = 5
+    assert.equal(result.coordinationBonus, 5);
+    // 1 error, 1 resolution → 1 recovered * 3 = 3
+    assert.equal(result.errorRecoveryBonus, 3);
+    // heavy task: basePoints * 1 = 10
+    assert.equal(result.complexityBonus, 10);
+
+    const subtotal = (10 * 5) + 10 + 5 + 3 + 10; // 78
+    // has resolution + length >= 5 → quality = floor(78 * 0.1) = 7
+    assert.equal(result.qualityBonus, Math.floor(subtotal * 0.1));
+    assert.equal(result.totalPoints, subtotal + result.qualityBonus);
+  });
+
+  it('ignores outcome.user_interventions — score derives from step count only', () => {
+    const result = scorer.score({
+      trajectory_log: [
+        { step: 1, type: 'thought', token_count: 10 },
+      ],
+      metadata: { model_engine: 'claude-opus-4-6' },
+      outcome: { user_interventions: 1_000_000 },
+    });
+    assert.equal(result.basePoints, 1);
+    assert.equal(result.modelMultiplier, 5);
+    assert.equal(result.totalPoints, 5);
+    assert.ok(result.totalPoints < 100, 'score should be small, NOT derived from user_interventions');
+  });
+
+  it('ignores outcome entirely for multiplier calculations', () => {
+    const withOutcome = scorer.score({
+      trajectory_log: [{ step: 1, type: 'thought' }],
+      metadata: {},
+      outcome: { errors_encountered: 999, errors_recovered: 999, coordination_events: 999 },
+    });
+    const withoutOutcome = scorer.score({
+      trajectory_log: [{ step: 1, type: 'thought' }],
+      metadata: {},
+    });
+    assert.equal(withOutcome.totalPoints, withoutOutcome.totalPoints);
+  });
+});

package/moe-training/test/server/session-registry.test.js

@@ -0,0 +1,125 @@
+// FSL-1.1-Apache-2.0 — see LICENSE
+
+import { describe, it, beforeEach, afterEach } from 'node:test';
+import assert from 'node:assert/strict';
+import { mkdtempSync, rmSync } from 'node:fs';
+import { join } from 'node:path';
+import { tmpdir } from 'node:os';
+import { generateECDHKeypair } from '../../shared/crypto.js';
+import { SessionRegistry } from '../../server/session-registry.js';
+
+describe('SessionRegistry', () => {
+  let registry;
+  let tmpDir;
+
+  beforeEach(() => {
+    tmpDir = mkdtempSync(join(tmpdir(), 'sess-test-'));
+    registry = new SessionRegistry(join(tmpDir, 'sessions.db'));
+  });
+
+  afterEach(() => {
+    registry.close();
+    rmSync(tmpDir, { recursive: true, force: true });
+  });
+
+  it('opens a session and returns server public key', () => {
+    const clientKeypair = generateECDHKeypair();
+    const result = registry.openSession(
+      'sess_001', clientKeypair.publicKey, 'claude-code', 'claude-opus-4-6',
+      'fp_abc123', 'hash_xyz', '0.27.77'
+    );
+    assert.ok(result.serverPublicKey);
+    assert.equal(typeof result.serverPublicKey, 'string');
+    assert.ok(result.serverPublicKey.length > 10);
+  });
+
+  it('gets a session with all fields stored', () => {
+    const clientKeypair = generateECDHKeypair();
+    registry.openSession(
+      'sess_002', clientKeypair.publicKey, 'codex', 'o3',
+      'fp_def456', 'hash_abc', '0.27.77'
+    );
+
+    const session = registry.getSession('sess_002');
+    assert.ok(session);
+    assert.equal(session.session_id, 'sess_002');
+    assert.equal(session.provider, 'codex');
+    assert.equal(session.model, 'o3');
+    assert.equal(session.machine_fingerprint, 'fp_def456');
+    assert.equal(session.app_version_hash, 'hash_abc');
+    assert.equal(session.groove_version, '0.27.77');
+    assert.equal(session.status, 'active');
+    assert.equal(session.expected_sequence, 0);
+    assert.ok(session.server_public_key);
+    assert.ok(session.server_private_key);
+    assert.ok(session.shared_secret);
+    assert.ok(session.created_at);
+  });
+
+  it('returns null for unknown session', () => {
+    assert.equal(registry.getSession('nonexistent'), null);
+  });
+
+  it('increments sequence atomically and monotonically', () => {
+    const clientKeypair = generateECDHKeypair();
+    registry.openSession(
+      'sess_003', clientKeypair.publicKey, 'claude-code', 'claude-opus-4-6',
+      'fp_seq', 'hash_seq', '0.27.77'
+    );
+
+    const seq1 = registry.incrementSequence('sess_003');
+    assert.equal(seq1, 1);
+
+    const seq2 = registry.incrementSequence('sess_003');
+    assert.equal(seq2, 2);
+
+    const seq3 = registry.incrementSequence('sess_003');
+    assert.equal(seq3, 3);
+
+    const session = registry.getSession('sess_003');
+    assert.equal(session.expected_sequence, 3);
+  });
+
+  it('closes a session with status and timestamp', () => {
+    const clientKeypair = generateECDHKeypair();
+    registry.openSession(
+      'sess_004', clientKeypair.publicKey, 'gemini', 'gemini-2.5-pro',
+      'fp_close', 'hash_close', '0.27.77'
+    );
+
+    registry.closeSession('sess_004');
+    const session = registry.getSession('sess_004');
+    assert.equal(session.status, 'closed');
+    assert.ok(session.closed_at);
+  });
+
+  it('rate limits at 20 sessions per fingerprint per hour', () => {
+    const clientKeypair = generateECDHKeypair();
+    const fp = 'fp_ratelimit';
+
+    for (let i = 0; i < 20; i++) {
+      const result = registry.openSession(
+        `sess_rl_${i}`, clientKeypair.publicKey, 'claude-code', 'claude-opus-4-6',
+        fp, 'hash_rl', '0.27.77'
+      );
+      assert.ok(result.serverPublicKey, `session ${i} should succeed`);
+    }
+
+    const result = registry.openSession(
+      'sess_rl_21', clientKeypair.publicKey, 'claude-code', 'claude-opus-4-6',
+      fp, 'hash_rl', '0.27.77'
+    );
+    assert.equal(result.rateLimited, true);
+  });
+
+  it('returns active sessions', () => {
+    const clientKeypair = generateECDHKeypair();
+    registry.openSession('sess_a1', clientKeypair.publicKey, 'claude-code', 'claude-opus-4-6', 'fp1', 'h1', '0.27.77');
+    registry.openSession('sess_a2', clientKeypair.publicKey, 'codex', 'o3', 'fp2', 'h2', '0.27.77');
+    registry.closeSession('sess_a1');
+
+    const active = registry.getActiveSessions();
+    assert.equal(active.length, 1);
+    assert.equal(active[0].session_id, 'sess_a2');
+  });
+});