"""Tests for DerivedKey zeroing in muse/cli/commands/agent.py.

_sub_seed_to_public derives an Ed25519 key from a sub-seed via derive_identity_key(),
then calls dk.zero() to overwrite the private scalar and chain code before returning.
DerivedKey fields are bytearray, so dk.zero() genuinely overwrites the live buffer.

Coverage
--------
I   _sub_seed_to_public zeroes DerivedKey
    I1  DerivedKey.private_bytes is zeroed after _sub_seed_to_public returns
    I2  DerivedKey.chain_code is zeroed after _sub_seed_to_public returns
"""

from __future__ import annotations

from unittest.mock import patch

from muse.core import hdkeys as _hdkeys
from muse.core.bip39 import mnemonic_to_seed
from muse.core.hdkeys import derive_agent_sub_seed, DOMAIN_IDENTITY
from muse.core.slip010 import DerivedKey

_MNEMONIC = (
    "abandon abandon abandon abandon abandon abandon abandon abandon "
    "abandon abandon abandon about"
)
_SEED = mnemonic_to_seed(_MNEMONIC)
_SUB_SEED = derive_agent_sub_seed(_SEED, domain=DOMAIN_IDENTITY, agent_id=0)


class TestSubSeedToPublicZeroesDerivedKey:
    def test_I1_private_bytes_zeroed(self) -> None:
        """I1: DerivedKey.private_bytes is zeroed after _sub_seed_to_public returns."""
        from muse.cli.commands.agent import _sub_seed_to_public

        captured: list[DerivedKey] = []
        original_derive = _hdkeys.derive_identity_key

        def capturing_derive(*args: int | bytes, **kwargs: int) -> DerivedKey:
            dk = original_derive(*args, **kwargs)
            captured.append(dk)
            return dk

        with patch.object(_hdkeys, "derive_identity_key", side_effect=capturing_derive):
            _sub_seed_to_public(bytes(_SUB_SEED))

        assert captured, "derive_identity_key was not called"
        dk = captured[0]
        assert dk.private_bytes == bytearray(32), (
            "DerivedKey.private_bytes must be zeroed after _sub_seed_to_public"
        )

    def test_I2_chain_code_zeroed(self) -> None:
        """I2: DerivedKey.chain_code is zeroed after _sub_seed_to_public returns."""
        from muse.cli.commands.agent import _sub_seed_to_public

        captured: list[DerivedKey] = []
        original_derive = _hdkeys.derive_identity_key

        def capturing_derive(*args: int | bytes, **kwargs: int) -> DerivedKey:
            dk = original_derive(*args, **kwargs)
            captured.append(dk)
            return dk

        with patch.object(_hdkeys, "derive_identity_key", side_effect=capturing_derive):
            _sub_seed_to_public(bytes(_SUB_SEED))

        assert captured, "derive_identity_key was not called"
        dk = captured[0]
        assert dk.chain_code == bytearray(32), (
            "DerivedKey.chain_code must be zeroed after _sub_seed_to_public"
        )