Update on Overleaf.

Appendices/SomeProof.tex

@@ -95,3 +95,90 @@ This exception model provides the following advantages:
 This exception system enables detailed introspection during fuzzing and testing while maintaining a clean abstraction between components.
 
 % \todo{add section about inital testing of nonce randomness}
+
+\section{CLI Structure}
+\label{sec:cli_structure}
+The CLI is organized around three core commands:
+\begin{itemize}
+    \item \textbf{tracing} — Interfaces with the \texttt{simtrace2} device and the \gls{lpa} to capture \gls{apdu} traffic in real time. This functionality is discussed in detail in \cref{sec:tracing}.
+    \item \textbf{lpa} — Exposes \gls{euicc} communication features such as profile management, notification handling, and remote procedure execution via the \gls{cli}.
+    \item \textbf{fuzzing} — Wraps both \gls{apdu}-level and data-level fuzzing. Additionally, it provides a \texttt{compare} command to compare multiple trace recordings and highlight structural differences in JSON format.
+\end{itemize}
+
+Each of these commands is implemented in its respective subfolder (e.g., \texttt{tracing/}, \texttt{lpa/}, \texttt{fuzz/}). The modular structure of the \gls{cli} is shown in \cref{fig:cli_structure}, which illustrates how the subcommands map to the file and folder hierarchy of the project.
+
+\begin{figure}[h]
+    \centering
+    \begin{forest}
+  for tree={
+    font=\ttfamily,
+    grow'=0,
+    child anchor=west,
+    parent anchor=south,
+    anchor=west,
+    calign=first,
+    inner sep=1pt,
+    l=1.5em,
+    s sep=3pt,
+    edge path={
+      \noexpand\path [draw, \forestoption{edge}]
+      (!u.south west) +(3.5pt,0) |- node[fill,inner sep=1.25pt] {} (.child anchor)\forestoption{edge label};
+    },
+    before typesetting nodes={
+      if n=1
+        {insert before={[,phantom]}}
+        {}
+    },
+    fit=band,
+    before computing xy={l=15pt},
+  }
+  [cli
+    [\_\_init\_\_.py]
+    [fuzzer
+      [\_\_init\_\_.py]
+      [apdu\_fuzzer.py]
+      [compare.py]
+      [data\_fuzzer.py]
+    ]
+    [trace
+      [\_\_init\_\_.py]
+      [record.py]
+      [replay.py]
+    ]
+    [lpa
+      [\_\_init\_\_.py]
+      [euicc.py]
+      [notification.py]
+      [profile.py]
+    ]
+  ]
+    \end{forest}
+    \caption{\gls{cli} folder structure and modular separation of functionality}
+    \label{fig:cli_structure}
+\end{figure}
+
+\paragraph{Dispatch and Argument Parsing}
+Each submodule implements a \texttt{run()} function that parses the subcommand’s specific arguments and dispatches execution to the appropriate internal handler. At the top level, the root \texttt{\_\_init\_\_.py} file defines the global parser, registers the subcommands via subparsers, and handles any global options. This design pattern is shown in \cref{lst:cli_parser}.
+
+
+\begin{lstlisting}[caption={Top-level CLI dispatch pattern}, label={lst:cli_parser}]
+def add_subparser(parent_parser: argparse._SubParsersAction) -> None:
+    trace_parser: argparse.ArgumentParser = parent_parser.add_parser(
+        "trace",
+        help="Trace-level operations (record, replay)",
+        formatter_class=RichHelpFormatter,
+    )
+    trace_subparsers = trace_parser.add_subparsers(dest="trace_command", required=True)
+    record.add_subparser(trace_subparsers)
+    replay.add_subparser(trace_subparsers)
+
+
+def run(args: argparse.Namespace) -> None:
+    if args.trace_command == "record":
+        record.run(args)
+    elif args.trace_command == "replay":
+        replay.run(args)
+\end{lstlisting}
+
+
+Each subcommand module (e.g., \texttt{fuzz/data\_fuzz.py}) provides its own parser configuration and encapsulated logic, adhering to a clearly defined interface.