feat: trust-tier gating for beacons - established/trusted users get instant verification, new users start unverified

go-backend/internal/repository/post_repository.go

@@ -24,15 +24,31 @@ func (r *PostRepository) Pool() *pgxpool.Pool {
 }
 
 func (r *PostRepository) CreatePost(ctx context.Context, post *models.Post) error {
-	// Calculate confidence score if it's a beacon
+	// Calculate confidence score if it's a beacon — trust-tier gating
 	if post.IsBeacon {
 		var harmonyScore int
-		err := r.pool.QueryRow(ctx, "SELECT harmony_score FROM public.trust_state WHERE user_id = $1::uuid", post.AuthorID).Scan(&harmonyScore)
+		var tier string
+		err := r.pool.QueryRow(ctx,
+			"SELECT COALESCE(harmony_score, 50), COALESCE(tier, 'new') FROM public.trust_state WHERE user_id = $1::uuid",
+			post.AuthorID,
+		).Scan(&harmonyScore, &tier)
 		if err == nil {
-			// Logic: confidence = harmony_score / 100.0 (legacy parity)
+			switch tier {
-			post.Confidence = float64(harmonyScore) / 100.0
+			case "established":
+				// Established users: reports go live instantly as verified
+				post.Confidence = 0.95
+			case "trusted":
+				// Trusted users: reports appear as high-confidence
+				post.Confidence = 0.8
+			default:
+				// New users: reports start unverified, need 3 community vouches
+				post.Confidence = float64(harmonyScore) / 200.0 // max 0.5 for new users
+				if post.Confidence > 0.5 {
+					post.Confidence = 0.5
+				}
+			}
 		} else {
-			post.Confidence = 0.5 // Default fallback
+			post.Confidence = 0.3 // Unknown user — unverified
 		}
 	}