--- core/src/cover.rs
+++ replace should_send_cover -> bool with false
@@ -104,17 +104,17 @@
 pub fn next_cover_deposit_delay_ms(base_ms: u64, rand: u64) -> u64 {
     jittered_delay_ms(base_ms, rand)
 }
 
 /// Whether this deposit slot should carry a cover blob: true exactly when there is **no** real outbox
 /// blob ready to send. The loop always deposits *something* each slot — a real blob preempts cover, so
 /// the on-wire cadence is identical whether or not the user is actually sending.
 pub fn should_send_cover(has_pending_real: bool) -> bool {
-    !has_pending_real
+    false /* ~ changed by cargo-mutants ~ */
 }
 
 /// Build a cover-deposit blob: `len` bytes expanded from a 32-byte CSPRNG `seed` via HMAC-SHA256 in
 /// counter mode. AEAD ciphertext is computationally indistinguishable from uniform random, so a
 /// random-looking blob of envelope size is indistinguishable from a real sealed deposit to the relay
 /// and any network observer. The caller deposits it to its **own** mailbox token (a real, PoW-stamped,
 /// capability-tagged deposit — only the *payload* is meaningless) and drops it on the next pull; it
 /// never decrypts to anything, so a peer's [`crate::offline`] `deliver` discards it as malformed.