All 10 non-gatherer bots included timestamp in the request verification
signing string but the engine (auth.go SignRequest) does not include
timestamp. Every incoming turn request failed 401 verification, bots
crashed after 10 turns, and all matches ended in stalemate.
The engine documentation in auth.go is also misleading (old comment
mentioned timestamp in signing string) but the actual implementation
never included it. Fixed all language implementations to match.
Affected: random (py), swarm (ts), hunter (java), guardian (php),
rusher (rs), assassin (rs), phalanx (rs), opportunist (go),
farmer (go), scout (py), raider (java)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Two bugs in the Opportunist bot strategy:
1. retreatMove: when a lone bot is surrounded by enemies with no nearby
allies, all passable directions scored below the -1 initial threshold
due to flat enemy penalties. Fixed by scoring distance-from-enemies
as a positive value (further = better) instead of a flat penalty,
ensuring the bot always picks the safest direction.
2. attackMove: BFS could never reach enemy targets because the passable
function excluded all enemy positions. The target IS an enemy, so the
path was unreachable. Fixed by wrapping passable to treat the target
position as passable during attack pathfinding.
All 19 tests now pass, including TestComputeMovesRetreat and
TestComputeMovesNearbyAdvantageAttack.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
