package challenge

import "time"

const (
	// InitialTTL is the v1 lifetime of a newly created challenge before it
	// becomes expired.
	InitialTTL = 5 * time.Minute

	// ResendThrottleCooldown is the fixed Stage-17 cooldown applied to repeated
	// public send-email-code requests for the same normalized e-mail address.
	ResendThrottleCooldown = time.Minute

	// ConfirmedRetention is the v1 idempotency window kept after a successful
	// challenge confirmation.
	ConfirmedRetention = 5 * time.Minute

	// MaxInvalidConfirmAttempts is the v1 threshold after which repeated invalid
	// confirmation codes move a challenge into the failed state.
	MaxInvalidConfirmAttempts = 5
)

// V1 resend policy keeps every public send-email-code request independent:
// each call creates a fresh challenge, existing challenges are not reused or
// deduplicated, and Stage 17 adds a fixed auth-side resend cooldown that may
// record the fresh challenge as delivery_throttled.