test: extend yonexus integration coverage

tests/failure-path/MATRIX.md

@@ -15,13 +15,13 @@ This document defines the systematic test coverage for pairing and authenticatio
 
 | ID | Scenario | Trigger | Expected Behavior | Status |
 |----|----------|---------|-------------------|--------|
-| PF-01 | Invalid pairing code | Client submits wrong code | `pair_failed(invalid_code)`, allow retry | ⬜ |
-| PF-02 | Expired pairing code | Client submits after expiry | `pair_failed(expired)`, reset to `pair_required` | ⬜ |
-| PF-03 | Identifier not in allowlist | Unknown client tries to pair | `pair_failed(identifier_not_allowed)`, close connection | ⬜ |
-| PF-04 | Admin notification failed | Discord DM fails to send | `pair_failed(admin_notification_failed)`, abort pairing | ⬜ |
-| PF-05 | Empty pairing code | Client submits empty string | `pair_failed(invalid_code)` | ⬜ |
-| PF-06 | Malformed pair_confirm payload | Missing required fields | Protocol error, no state change | ⬜ |
-| PF-07 | Double pairing attempt | Client calls pair_confirm twice | Second attempt rejected if already paired | ⬜ |
+| PF-01 | Invalid pairing code | Client submits wrong code | `pair_failed(invalid_code)`, allow retry | ✅ |
+| PF-02 | Expired pairing code | Client submits after expiry | `pair_failed(expired)`, reset to `pair_required` | ✅ |
+| PF-03 | Identifier not in allowlist | Unknown client tries to pair | `pair_failed(identifier_not_allowed)`, close connection | ✅ |
+| PF-04 | Admin notification failed | Discord DM fails to send | `pair_failed(admin_notification_failed)`, abort pairing | ✅ |
+| PF-05 | Empty pairing code | Client submits empty string | `pair_failed(invalid_code)` | ✅ |
+| PF-06 | Malformed pair_confirm payload | Missing required fields | Protocol error, no state change | ✅ |
+| PF-07 | Double pairing attempt | Client calls pair_confirm twice | Second attempt rejected if already paired | ✅ |
 | PF-08 | Pairing during active session | Paired client tries to pair again | Reject, maintain existing trust | ⬜ |
 | PF-09 | Server restart during pairing | Server restarts before confirm | Pairing state preserved, code still valid | ⬜ |
 | PF-10 | Client restart during pairing | Client restarts before submit | Client must restart pairing flow | ⬜ |
@@ -32,17 +32,17 @@ This document defines the systematic test coverage for pairing and authenticatio
 
 | ID | Scenario | Trigger | Expected Behavior | Status |
 |----|----------|---------|-------------------|--------|
-| AF-01 | Unknown identifier | Auth from unpaired client | `auth_failed(unknown_identifier)` | ⬜ |
-| AF-02 | Not paired | Auth before pairing complete | `auth_failed(not_paired)` | ⬜ |
-| AF-03 | Invalid signature | Wrong private key used | `auth_failed(invalid_signature)` | ⬜ |
+| AF-01 | Unknown identifier | Auth from unpaired client | `auth_failed(unknown_identifier)` | ✅ |
+| AF-02 | Not paired | Auth before pairing complete | `auth_failed(not_paired)` | ✅ |
+| AF-03 | Invalid signature | Wrong private key used | `auth_failed(invalid_signature)` | ✅ |
 | AF-04 | Wrong secret | Client has outdated secret | `auth_failed(invalid_secret)` | ⬜ |
-| AF-05 | Stale timestamp | Proof timestamp >10s old | `auth_failed(stale_timestamp)` | ⬜ |
-| AF-06 | Future timestamp | Proof timestamp in future | `auth_failed(future_timestamp)` | ⬜ |
+| AF-05 | Stale timestamp | Proof timestamp >10s old | `auth_failed(stale_timestamp)` | ✅ |
+| AF-06 | Future timestamp | Proof timestamp in future | `auth_failed(future_timestamp)` | ✅ |
 | AF-07 | Nonce collision | Reused nonce within window | `auth_failed(nonce_collision)` → `re_pair_required` 🔴 | ✅ |
 | AF-08 | Rate limited | >10 attempts in 10s | `auth_failed(rate_limited)` → `re_pair_required` 🔴 | ✅ |
-| AF-09 | Wrong public key | Key doesn't match stored | `auth_failed(invalid_signature)` | ⬜ |
-| AF-10 | Malformed auth_request | Missing required fields | Protocol error | ⬜ |
-| AF-11 | Tampered proof | Modified signature | `auth_failed(invalid_signature)` | ⬜ |
+| AF-09 | Wrong public key | Key doesn't match stored | `auth_failed(invalid_signature)` | ✅ |
+| AF-10 | Malformed auth_request | Missing required fields | Protocol error | ✅ |
+| AF-11 | Tampered proof | Modified signature | `auth_failed(invalid_signature)` | ✅ |
 
 ---
 
@@ -50,7 +50,7 @@ This document defines the systematic test coverage for pairing and authenticatio
 
 | ID | Scenario | Cause | Server Action | Client Action | Status |
 |----|----------|-------|---------------|---------------|--------|
-| RP-01 | Nonce collision | Replay attack detected | Clear secret, reset state | Enter `pair_required` | ⬜ |
+| RP-01 | Nonce collision | Replay attack detected | Clear secret, reset state | Enter `pair_required` | ✅ |
 | RP-02 | Rate limit exceeded | Brute force detected | Clear secret, reset state | Enter `pair_required` | ⬜ |
 | RP-03 | Admin-initiated | Manual revocation | Mark revoked, notify | Enter `pair_required` | ⬜ |
 | RP-04 | Key rotation | Client sends new public key | Update key, keep secret | Continue with new key | ⬜ |
@@ -75,8 +75,8 @@ This document defines the systematic test coverage for pairing and authenticatio
 
 | ID | Scenario | Trigger | Expected Behavior | Status |
 |----|----------|---------|-------------------|--------|
-| HF-01 | 7-minute timeout | No heartbeat received | Status → `unstable`, notify | ⬜ |
-| HF-02 | 11-minute timeout | Still no heartbeat | Status → `offline`, disconnect | ⬜ |
+| HF-01 | 7-minute timeout | No heartbeat received | Status → `unstable`, notify | ✅ |
+| HF-02 | 11-minute timeout | Still no heartbeat | Status → `offline`, disconnect | ✅ |
 | HF-03 | Early heartbeat | Heartbeat before auth | Rejected/ignored | ⬜ |
 | HF-04 | Heartbeat from unauthenticated | Wrong state | Error, possible disconnect | ⬜ |
 
@@ -130,6 +130,11 @@ npm test -- connection-failures
 npm test -- failure-paths
 ```
 
+### Current Notes
+
+- AF-04 (`invalid_secret`) 仍未单独覆盖：现有实现把“错误 secret 导致的验签失败”统一落到 `invalid_signature`，是否拆分错误码仍待确认。
+- 本轮已补齐 AF-01/02/03/05/06/09/10/11、RP-01、HF-01/02。
+
 ### Adding New Test Cases
 
 1. Add row to appropriate table above