From 96a12e5576ab0ba989cee1081cebe2edea8fcf8c Mon Sep 17 00:00:00 2001
From: kryp2 <noreply@anthropic.com>
Date: Mon, 1 Jun 2026 10:04:22 +0200
Subject: [PATCH] test(brc105): make nonce-tamper test deterministic to fix
 ~1/256 flake

test_tampered_nonce_rejected built the tampered nonce as "ff" + nonce[2:],
which is a no-op when the random first byte was already 0xff (~1/256), so
the unmodified nonce verified and the test failed. This is what failed the
3.12 shard on master (135/136), not the brc105 lazy-import change.

Flip the first byte via XOR 0xff so it always differs. Verified: old logic
= 7 false-passes / 2560 runs; new logic = 0 / 600; full suite 136 passed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---
 tests/test_brc105.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/tests/test_brc105.py b/tests/test_brc105.py
index ee5c59d..a2844cf 100644
--- a/tests/test_brc105.py
+++ b/tests/test_brc105.py
@@ -40,8 +40,12 @@ def test_unknown_nonce_rejected(self):
 
     def test_tampered_nonce_rejected(self):
         nonce = self.manager.create()
-        # Flip a byte in the random part
-        tampered = "ff" + nonce[2:]
+        # Flip the first byte of the random part. XOR with 0xff guarantees a
+        # change regardless of the original value — a plain "ff" + nonce[2:]
+        # would be a no-op (and falsely pass) ~1/256 of the time, when the
+        # random first byte already happened to be 0xff.
+        flipped = f"{int(nonce[:2], 16) ^ 0xFF:02x}"
+        tampered = flipped + nonce[2:]
         # Remove from store so we test the HMAC check path
         self.manager._nonces[tampered] = self.manager._nonces.pop(nonce)
         assert not self.manager.verify(tampered)