#!/usr/bin/env bash
# Local end-to-end testbed for auditors — no Tor / no network needed.
#
# Spins up an oblivious RELAY plus two profiles (alice, bob) on localhost, runs the async-onboarding +
# offline store-and-forward flow (which exercises: invite/X3DH first contact, one-time hybrid prekeys/PCS,
# the relay deposit/poll with rotating tokens, and recording into the SQLCipher history DB), then prints
# how to open each side's GUI. Run from the repo root:  bash scripts/audit/local-testbed.sh
#
# Env knobs: PVTCOMS_RELAY_POW (hashcash difficulty; we set 8 here for speed — production default is 20).
set -euo pipefail

BIN=${BIN:-target/release/pvtcoms-client}
if [ ! -x "$BIN" ]; then
  echo "building pvtcoms-client (release)…"
  cargo build --release -p pvtcoms-client
  BIN=target/release/pvtcoms-client
fi
BIN=$(realpath "$BIN")

export PVTCOMS_RELAY_POW=8         # low PoW so the demo runs fast on any machine
RELAY=127.0.0.1:9990
WORK=$(mktemp -d)
export PVTCOMS_DATA_DIR="$WORK"    # keep ALL profile data in the workdir — 0.1.36+ defaults to the
                                   # per-user app data dir; the testbed must stay hermetic
echo "workdir: $WORK   (per-profile data files + the relay store live here)"
cd "$WORK"

"$BIN" relay "$RELAY" >relay.log 2>&1 &
RPID=$!
trap 'kill "$RPID" 2>/dev/null || true' EXIT
sleep 2

echo "── alice creates an invite ───────────────────────────────"
INV=$(PVTCOMS_PROFILE=alice "$BIN" invite-create | grep -oE '[0-9a-f]{200,}' | head -1)
echo "── bob uses the invite (async first contact) ─────────────"
PVTCOMS_PROFILE=bob   "$BIN" invite-request "$RELAY" "$INV" Alice
echo "── alice accepts the friend request ──────────────────────"
PVTCOMS_PROFILE=alice "$BIN" invite-accept "$RELAY"
echo "── alice polls once to publish one-time prekeys (PCS) ────"
PVTCOMS_PROFILE=alice "$BIN" offline-poll "$RELAY"
echo "── bob sends an OFFLINE message (store-and-forward) ──────"
PVTCOMS_PROFILE=bob   "$BIN" offline-send "$RELAY" Alice "audit testbed message — $(date -u +%H:%M:%S)Z"
echo "── alice polls and receives it (recorded to SQLCipher) ───"
PVTCOMS_PROFILE=alice "$BIN" offline-poll "$RELAY"

CONTACT=$(PVTCOMS_PROFILE=alice "$BIN" contacts | grep -oE '[0-9a-f]{4} [0-9a-f]{4} [0-9a-f]{4} [0-9a-f]{4}' | head -1)
echo "── alice's stored history with $CONTACT ──────────────────"
PVTCOMS_PROFILE=alice "$BIN" history "$CONTACT" || true

cat <<EOF

Done. Inspect the workdir: $WORK
  - pvtcoms-alice-history.db        SQLCipher (encrypted; header is NOT "SQLite format 3")
  - pvtcoms-alice-oskey.bin / -devkey.bin   device key (DPAPI-wrapped on Windows; keyring/dev-file elsewhere)
  - relay-store.bin                 the relay's opaque blob store (no plaintext, rotating tokens)

Open each side's GUI in a browser (separate terminals; keep the relay running):
  PVTCOMS_RELAY_POW=8 PVTCOMS_PROFILE=alice $BIN gui 127.0.0.1:8090
  PVTCOMS_RELAY_POW=8 PVTCOMS_PROFILE=bob   $BIN gui 127.0.0.1:8091
The relay is still running (pid $RPID); it stops when this script exits.
EOF