From 5bf7509268e3aeeb79a4fb600f13702b1014d2cf Mon Sep 17 00:00:00 2001
From: Claude <developers@lethean.io>
Date: Thu, 2 Apr 2026 13:14:08 +0100
Subject: [PATCH] ax(node): rename nm/nm1/nm2 to
 nodeManager/nodeManager1/nodeManager2 in identity test

AX Principle 1: predictable names over short names. `nm` requires a
comment to explain; `nodeManager` is self-documenting.

Co-Authored-By: Charon <charon@lethean.io>
---
 pkg/node/identity_test.go | 64 +++++++++++++++++++--------------------
 1 file changed, 32 insertions(+), 32 deletions(-)

diff --git a/pkg/node/identity_test.go b/pkg/node/identity_test.go
index 5d9ba92..ad20991 100644
--- a/pkg/node/identity_test.go
+++ b/pkg/node/identity_test.go
@@ -16,7 +16,7 @@ func setupTestNodeManager(t *testing.T) (*NodeManager, func()) {
 	keyPath := filepath.Join(tmpDir, "private.key")
 	configPath := filepath.Join(tmpDir, "node.json")
 
-	nm, err := NewNodeManagerWithPaths(keyPath, configPath)
+	nodeManager, err := NewNodeManagerWithPaths(keyPath, configPath)
 	if err != nil {
 		os.RemoveAll(tmpDir)
 		t.Fatalf("failed to create node manager: %v", err)
@@ -26,33 +26,33 @@ func setupTestNodeManager(t *testing.T) (*NodeManager, func()) {
 		os.RemoveAll(tmpDir)
 	}
 
-	return nm, cleanup
+	return nodeManager, cleanup
 }
 
 func TestIdentity_NodeManager_Good(t *testing.T) {
 	t.Run("NewNodeManager", func(t *testing.T) {
-		nm, cleanup := setupTestNodeManager(t)
+		nodeManager, cleanup := setupTestNodeManager(t)
 		defer cleanup()
 
-		if nm.HasIdentity() {
+		if nodeManager.HasIdentity() {
 			t.Error("new node manager should not have identity")
 		}
 	})
 
 	t.Run("GenerateIdentity", func(t *testing.T) {
-		nm, cleanup := setupTestNodeManager(t)
+		nodeManager, cleanup := setupTestNodeManager(t)
 		defer cleanup()
 
-		err := nm.GenerateIdentity("test-node", RoleDual)
+		err := nodeManager.GenerateIdentity("test-node", RoleDual)
 		if err != nil {
 			t.Fatalf("failed to generate identity: %v", err)
 		}
 
-		if !nm.HasIdentity() {
+		if !nodeManager.HasIdentity() {
 			t.Error("node manager should have identity after generation")
 		}
 
-		identity := nm.GetIdentity()
+		identity := nodeManager.GetIdentity()
 		if identity == nil {
 			t.Fatal("identity should not be nil")
 		}
@@ -85,30 +85,30 @@ func TestIdentity_NodeManager_Good(t *testing.T) {
 		configPath := filepath.Join(tmpDir, "node.json")
 
 		// First, create an identity
-		nm1, err := NewNodeManagerWithPaths(keyPath, configPath)
+		nodeManager1, err := NewNodeManagerWithPaths(keyPath, configPath)
 		if err != nil {
 			t.Fatalf("failed to create first node manager: %v", err)
 		}
 
-		err = nm1.GenerateIdentity("persistent-node", RoleWorker)
+		err = nodeManager1.GenerateIdentity("persistent-node", RoleWorker)
 		if err != nil {
 			t.Fatalf("failed to generate identity: %v", err)
 		}
 
-		originalID := nm1.GetIdentity().ID
-		originalPubKey := nm1.GetIdentity().PublicKey
+		originalID := nodeManager1.GetIdentity().ID
+		originalPubKey := nodeManager1.GetIdentity().PublicKey
 
 		// Create a new manager - should load existing identity
-		nm2, err := NewNodeManagerWithPaths(keyPath, configPath)
+		nodeManager2, err := NewNodeManagerWithPaths(keyPath, configPath)
 		if err != nil {
 			t.Fatalf("failed to create second node manager: %v", err)
 		}
 
-		if !nm2.HasIdentity() {
+		if !nodeManager2.HasIdentity() {
 			t.Error("second node manager should have loaded existing identity")
 		}
 
-		identity := nm2.GetIdentity()
+		identity := nodeManager2.GetIdentity()
 		if identity.ID != originalID {
 			t.Errorf("expected ID '%s', got '%s'", originalID, identity.ID)
 		}
@@ -126,38 +126,38 @@ func TestIdentity_NodeManager_Good(t *testing.T) {
 		defer os.RemoveAll(tmpDir2)
 
 		// Node 1
-		nm1, err := NewNodeManagerWithPaths(
+		nodeManager1, err := NewNodeManagerWithPaths(
 			filepath.Join(tmpDir1, "private.key"),
 			filepath.Join(tmpDir1, "node.json"),
 		)
 		if err != nil {
 			t.Fatalf("failed to create node manager 1: %v", err)
 		}
-		err = nm1.GenerateIdentity("node1", RoleDual)
+		err = nodeManager1.GenerateIdentity("node1", RoleDual)
 		if err != nil {
 			t.Fatalf("failed to generate identity 1: %v", err)
 		}
 
 		// Node 2
-		nm2, err := NewNodeManagerWithPaths(
+		nodeManager2, err := NewNodeManagerWithPaths(
 			filepath.Join(tmpDir2, "private.key"),
 			filepath.Join(tmpDir2, "node.json"),
 		)
 		if err != nil {
 			t.Fatalf("failed to create node manager 2: %v", err)
 		}
-		err = nm2.GenerateIdentity("node2", RoleDual)
+		err = nodeManager2.GenerateIdentity("node2", RoleDual)
 		if err != nil {
 			t.Fatalf("failed to generate identity 2: %v", err)
 		}
 
 		// Derive shared secrets - should be identical
-		secret1, err := nm1.DeriveSharedSecret(nm2.GetIdentity().PublicKey)
+		secret1, err := nodeManager1.DeriveSharedSecret(nodeManager2.GetIdentity().PublicKey)
 		if err != nil {
 			t.Fatalf("failed to derive shared secret from node 1: %v", err)
 		}
 
-		secret2, err := nm2.DeriveSharedSecret(nm1.GetIdentity().PublicKey)
+		secret2, err := nodeManager2.DeriveSharedSecret(nodeManager1.GetIdentity().PublicKey)
 		if err != nil {
 			t.Fatalf("failed to derive shared secret from node 2: %v", err)
 		}
@@ -175,24 +175,24 @@ func TestIdentity_NodeManager_Good(t *testing.T) {
 	})
 
 	t.Run("DeleteIdentity", func(t *testing.T) {
-		nm, cleanup := setupTestNodeManager(t)
+		nodeManager, cleanup := setupTestNodeManager(t)
 		defer cleanup()
 
-		err := nm.GenerateIdentity("delete-me", RoleDual)
+		err := nodeManager.GenerateIdentity("delete-me", RoleDual)
 		if err != nil {
 			t.Fatalf("failed to generate identity: %v", err)
 		}
 
-		if !nm.HasIdentity() {
+		if !nodeManager.HasIdentity() {
 			t.Error("should have identity before delete")
 		}
 
-		err = nm.Delete()
+		err = nodeManager.Delete()
 		if err != nil {
 			t.Fatalf("failed to delete identity: %v", err)
 		}
 
-		if nm.HasIdentity() {
+		if nodeManager.HasIdentity() {
 			t.Error("should not have identity after delete")
 		}
 	})
@@ -375,17 +375,17 @@ func TestIdentity_ChallengeResponse_Good(t *testing.T) {
 		defer os.RemoveAll(tmpDir1)
 		defer os.RemoveAll(tmpDir2)
 
-		nm1, _ := NewNodeManagerWithPaths(
+		nodeManager1, _ := NewNodeManagerWithPaths(
 			filepath.Join(tmpDir1, "private.key"),
 			filepath.Join(tmpDir1, "node.json"),
 		)
-		nm1.GenerateIdentity("challenger", RoleDual)
+		nodeManager1.GenerateIdentity("challenger", RoleDual)
 
-		nm2, _ := NewNodeManagerWithPaths(
+		nodeManager2, _ := NewNodeManagerWithPaths(
 			filepath.Join(tmpDir2, "private.key"),
 			filepath.Join(tmpDir2, "node.json"),
 		)
-		nm2.GenerateIdentity("responder", RoleDual)
+		nodeManager2.GenerateIdentity("responder", RoleDual)
 
 		// Challenger generates challenge
 		challenge, err := GenerateChallenge()
@@ -394,8 +394,8 @@ func TestIdentity_ChallengeResponse_Good(t *testing.T) {
 		}
 
 		// Both derive the same shared secret
-		secret1, _ := nm1.DeriveSharedSecret(nm2.GetIdentity().PublicKey)
-		secret2, _ := nm2.DeriveSharedSecret(nm1.GetIdentity().PublicKey)
+		secret1, _ := nodeManager1.DeriveSharedSecret(nodeManager2.GetIdentity().PublicKey)
+		secret2, _ := nodeManager2.DeriveSharedSecret(nodeManager1.GetIdentity().PublicKey)
 
 		// Responder signs challenge with their derived secret
 		response := SignChallenge(challenge, secret2)