package tools

import "time"

// BehaviorSeverity qualifies the gravity of a peer misbehavior.
type BehaviorSeverity int

const (
	// BehaviorWarn: minor inconsistency — slight trust penalty.
	BehaviorWarn BehaviorSeverity = iota
	// BehaviorFraud: deliberate data manipulation (e.g. fake peerless Ref,
	// invalid booking) — significant trust penalty.
	BehaviorFraud
	// BehaviorCritical: severe abuse (secret exfiltration, data corruption,
	// system-level attack) — heavy penalty, near-immediate blacklist.
	BehaviorCritical
)

// scorePenalties maps each severity to a trust-score deduction (out of 100).
var scorePenalties = map[BehaviorSeverity]float64{
	BehaviorWarn:     5,
	BehaviorFraud:    20,
	BehaviorCritical: 40,
}

// Penalty returns the trust-score deduction for this severity.
func (s BehaviorSeverity) Penalty() float64 {
	if p, ok := scorePenalties[s]; ok {
		return p
	}
	return 5
}

// PeerBehaviorReport is the payload carried by PEER_BEHAVIOR_EVENT.
// Any trusted service can emit it; oc-discovery is the sole consumer.
type PeerBehaviorReport struct {
	// ReporterApp identifies the emitting service (e.g. "oc-scheduler", "oc-datacenter").
	ReporterApp string `json:"reporter_app"`
	// TargetPeerID is the MongoDB DID (_id) of the offending peer.
	TargetPeerID string `json:"target_peer_id"`
	// Severity drives how much the trust score drops.
	Severity BehaviorSeverity `json:"severity"`
	// Reason is a human-readable description shown in the blacklist warning.
	Reason string `json:"reason"`
	// Evidence is an optional reference (booking ID, resource Ref, …).
	Evidence string `json:"evidence,omitempty"`
	// At is the timestamp of the observed misbehavior.
	At time.Time `json:"at"`
}