cal/mantimon-tcg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Mantimon TCG - Monster collecting trading card game
16 Commits 2 Branches 0 Tags 20 MiB
TypeScript 46.9%
Python 43.4%
Vue 9.5%
Shell 0.1%
cbc1da3c03
Go to file
Cal Corum cbc1da3c03 Add visibility filter for client-safe game state views 
SECURITY: Implement hidden information filtering to prevent cheating.

- Create VisibleGameState, VisiblePlayerState, VisibleZone models
- get_visible_state(game, player_id): filtered view for a player
- get_spectator_state(game): filtered view for spectators

Hidden Information (NEVER exposed):
  - Opponent's hand contents (count only)
  - All deck contents and order
  - All prize card contents
  - Energy deck order

Public Information (always visible):
  - Active and benched Pokemon (full details)
  - Discard piles (full contents)
  - Energy zone (available energy)
  - Scores, turn info, phase
  - Stadium in play

- 44 security-critical tests verifying no information leakage
- Tests check JSON serialization for hidden card ID leaks
- Also adds test for configurable burn damage

Completes HIGH-008 and TEST-012 from PROJECT_PLAN.json
Updates security checklist: 4/5 items now verified
2026-01-25 13:11:06 -06:00
backend Add visibility filter for client-safe game state views 2026-01-25 13:11:06 -06:00
docs Document offline fork support architecture 2026-01-24 22:42:47 -06:00
AGENTS.md Document offline fork support architecture 2026-01-24 22:42:47 -06:00
CLAUDE.md Add RPG campaign structure inspired by GBC Pokemon TCG 2026-01-24 18:22:36 -06:00
PROJECT_PLAN.md Add RPG campaign structure inspired by GBC Pokemon TCG 2026-01-24 18:22:36 -06:00