AX Principle 1: predictable names over short names. The abbreviation
`pc` (PeerConnection) in local variable scope is ambiguous — renamed
to `connection` in Connect, Stop, Send, Broadcast, and handleWSUpgrade.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 1 — predictable names over short names. `ackMsg` and `ackData`
require the reader to expand the abbreviation; `acknowledgementMessage` and
`acknowledgementData` are self-describing in the handshake context.
Co-Authored-By: Charon <charon@lethean.io>
Comment restated what the function does in prose rather than showing
a concrete usage example, violating AX principle 2 (comments as usage
examples). The usage example on the preceding line is sufficient.
Co-Authored-By: Charon <charon@lethean.io>
Short name `mux` requires context to understand; `serveMux` is
self-describing per AX Principle 1 (predictable names over short names).
Co-Authored-By: Charon <charon@lethean.io>
Replace three direct json.Unmarshal calls with the package-level
UnmarshalJSON wrapper defined in bufpool.go, eliminating the
banned encoding/json import from transport.go.
Co-Authored-By: Charon <charon@lethean.io>
Removes the banned `strings` import from transport.go by extracting
a `joinVersions` helper into message.go alongside SupportedProtocolVersions,
eliminating the single `strings.Join` call in the handshake rejection path.
Co-Authored-By: Charon <charon@lethean.io>
Replace all fmt.Errorf and fmt.Sprintf calls in transport.go with
ProtocolError{} structs and string concatenation, matching the error
pattern already used throughout the node package.
Co-Authored-By: Charon <charon@lethean.io>
Single-letter parameter names w and r violate AX Principle 1
(predictable names over short names). Only i, _, t, and c are
permitted as single-letter names per the AX spec.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 1 — predictable names over short names.
The field `ttl` requires context to decode; `timeToLive` is
self-describing without a comment.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 1: predictable names over short names. The variable `u`
in the WebSocket upgrader CheckOrigin closure required context to
understand; `parsedURL` is self-describing.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 1: predictable names over short names.
`ctx` is an abbreviation that requires prior knowledge to decode;
renamed to describe intent at each call site.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments show HOW with real values, not WHAT the
type signature already says. Converted 8 prose-style comments on
type declarations (Transport, TransportConfig, PeerConnection,
PeerRateLimiter, MessageDeduplicator, DisconnectPayload, NodeRole,
NodeIdentity, Peer) to concrete call-site examples.
Co-Authored-By: Charon <charon@lethean.io>
Single-letter receiver `t` violates AX Principle 1 (predictable names
over short names). All 15 Transport methods now use `transport` as the
receiver name for unambiguous semantic navigation.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2 — comments as usage examples, not prose descriptions.
The previous comment restated what the function name already conveyed.
Co-Authored-By: Charon <charon@lethean.io>
Single-letter receiver names are banned by AX Principle 1 except for
i (range loops), _ (discards), t (tests), and c (*core.Core).
Co-Authored-By: Charon <charon@lethean.io>
Abbreviated field name `conns` violates predictable-names-over-short-names.
Renamed to `connections` throughout transport.go — 14 call sites updated.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments must show usage, not restate the signature.
Both internal methods had descriptions that duplicated the function name.
Co-Authored-By: Charon <charon@lethean.io>
Abbreviation writeMu requires a reader to infer "mutex" — violates AX
Principle 1 (predictable names over short names). writeMutex is
self-describing with no mapping overhead.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments must show HOW with real values, not restate what
the function name already says. Five prose descriptions replaced with
concrete call-site examples.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2 — comments must show HOW with real values, not restate
what the signature already says. The old comment described the return
value in prose; replaced with a concrete call-site example.
Co-Authored-By: Charon <charon@lethean.io>
Single-letter variable name violates AX Principle 1 (predictable names
over short names). peerURL is self-describing without requiring context.
Co-Authored-By: Charon <charon@lethean.io>
The comment "handleWSUpgrade handles incoming WebSocket connections" restated
the function signature without adding information. Replaced with a concrete
call-site example showing how the method is wired in via Start().
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments must show how to call the function with real
values, not restate what the type signature already says.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 1: predictable names over short names. The abbreviated
struct field `dedup` requires a reader to mentally expand it; the
full name `deduplicator` is self-describing.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments must show HOW with real values, not restate what
the type signature already says. "returns sensible defaults" adds zero
information — the concrete call pattern teaches agents exactly how to use it.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 1: predictable names over short names. The comment example
used `n` which requires context to understand; `connectionCount` is
self-documenting.
Co-Authored-By: Charon <charon@lethean.io>
Single-letter variable `d` requires a reader to infer its type from
context. Rename to `deduplicator` — predictable names over short names
(RFC-CORE-008 §1).
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments must show HOW with real values, not restate what
the signature already says. "Close closes the connection." adds zero
information; a usage example shows call site and error handling pattern.
Co-Authored-By: Charon <charon@lethean.io>
Four functions in Transport had comments that restated the signature
("sets the handler", "establishes a connection", "sends a message to all
connected peers") rather than showing concrete call examples. Converted
to AX Principle 2 style — usage examples with realistic values.
Co-Authored-By: Charon <charon@lethean.io>
Transport.Start and Transport.Stop had prose comments that restated
the function name — the pattern AX Principle 2 explicitly bans.
Replaced with concrete call-site examples showing how callers use them.
Co-Authored-By: Charon <charon@lethean.io>
Abbreviated field name `mu` is ambiguous — rename to `mutex` to satisfy
AX-025 §1 (predictable names over short names).
Co-Authored-By: Charon <charon@lethean.io>
Abbreviated field name `mu` violated AX Principle 1 (predictable names over
short names). Renamed to `mutex` to match the convention already used in the
sibling `PeerRateLimiter` struct in the same file.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments show HOW with real values, not WHAT the type
signature already says. "Send sends an encrypted message over the
connection." adds zero information.
Co-Authored-By: Charon <charon@lethean.io>
ConnectedPeers() had a comment that restated the function name ("returns
the number of connected peers"), violating AX Principle 2. Replaced with
a concrete usage example showing the guard pattern.
Co-Authored-By: Charon <charon@lethean.io>
'wg' is an abbreviation requiring mental mapping; 'waitGroup' names what
it IS — an explicit sync.WaitGroup, predictable across all call sites.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments that restate the type signature add zero
information. Replaced "Send sends a message to a specific peer." with a
concrete call-site example showing error handling.
Co-Authored-By: Charon <charon@lethean.io>
Move module declaration and all internal imports from
github.com/Snider/Mining to forge.lthn.ai/Snider/Mining. Also updates
Borg, Enchantrix, and Poindexter dependency paths to forge.lthn.ai.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- P2P-HIGH-1: Add peer scoring system with success/failure/timeout tracking
- PERF-HIGH-2: Add JSON encoding buffer pool for hot paths
- API-HIGH-1: Standardize error responses using APIError struct
- RESIL-MED-5: Add graceful disconnect with reason/code messages
All verified items (SQL indexes, keepalive) were already implemented.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add GenerateChallenge() for random 32-byte challenge generation
- Add SignChallenge() using HMAC-SHA256 with shared secret
- Add VerifyChallenge() with constant-time comparison
- Update performHandshake() to send challenge and verify response
- Update handleWSUpgrade() to sign incoming challenges
- Add comprehensive tests for challenge-response flow
The challenge-response authentication proves the peer has the matching
private key for their public key by signing a random challenge with
the ECDH-derived shared secret. This prevents impersonation attacks.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add PeerAuthMode to control peer registration:
- PeerAuthOpen: Allow all peers (backward compatible default)
- PeerAuthAllowlist: Only allow pre-registered peers or allowlisted public keys
New features:
- PeerRegistry.SetAuthMode/GetAuthMode for mode control
- PeerRegistry.AllowPublicKey/RevokePublicKey for key management
- PeerRegistry.IsPeerAllowed check before connection acceptance
- Transport rejects unauthorized peers with proper handshake rejection
New API endpoints:
- GET/PUT /peers/auth/mode - Get/set authentication mode
- GET/POST/DELETE /peers/auth/allowlist - Manage allowlisted keys
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
