Problem
The MUI runtime needs to read and write the configurable XEdDSA broadcast policy specified in meshtastic/design#121, using source assets from the paired standalone-ui issue.
Solution
Add a native Security settings selector bound to Config.SecurityConfig.packet_signature_policy:
- Compatible — accept unsigned.
- Balanced — prefer signed (recommended/default).
- Strict — require signed.
Strict must communicate that older/ham/no-key nodes and oversized unsigned broadcasts may disappear. PKI-encrypted direct messages remain unaffected.
Acceptance criteria
- Read/write the firmware enum without a second runtime-local policy.
- Default/zero renders as Balanced and unsupported firmware degrades safely.
- Keep the existing shield=authentic and lock=private semantics from design#113.
- Add focused tests for enum mapping, selection/save, and Strict confirmation where practical.
- Validate focus/navigation, truncation, localization, and selected/unselected states at 240×320 and 320×240.
- Link the standalone-ui source issue and keep the PR draft until tested on target MUI hardware.
Problem
The MUI runtime needs to read and write the configurable XEdDSA broadcast policy specified in meshtastic/design#121, using source assets from the paired standalone-ui issue.
Solution
Add a native Security settings selector bound to
Config.SecurityConfig.packet_signature_policy:Strict must communicate that older/ham/no-key nodes and oversized unsigned broadcasts may disappear. PKI-encrypted direct messages remain unaffected.
Acceptance criteria