Feature: Device owner anonymity guarantee As an IoT device owner I must be able to use the full transition discovery process Without APIX storing or inferring any artefact that identifies me or my device Background: Given a deprecated service "SmartHub Cloud" with locked set to false And at least one replacement candidate registered Scenario: Status polling requires no authentication When GET /services/{smartHubCloudId} is called with no Authorization header Then the response is HTTP 200 And locked and sunset_date are present in the response body Scenario: Replacement discovery requires no authentication When GET /services/{smartHubCloudId}/replacements is called with no Authorization header Then the response is HTTP 200 And the full replacement list is returned Scenario: No session state is created during polling When GET /services/{smartHubCloudId}/replacements is called twice with no shared headers Then both responses are identical in content And neither response contains a Set-Cookie header And neither response contains a session reference Scenario: Response contains no client-tracking artefacts When GET /services/{smartHubCloudId}/replacements is called Then the response headers contain no Set-Cookie And the response body contains no field that echoes client request details And the response body contains no correlation ID tied to the caller Scenario: Polling endpoint is covered by the public cache When GET /services/{smartHubCloudId}/replacements is called twice within the cache TTL Then the second response is served from cache And the cache key does not incorporate any client-identifying header