Skip to content

feat(tft): configure packet authenticity policy#341

Draft
RCGV1 wants to merge 1 commit into
meshtastic:masterfrom
RCGV1:codex/packet-auth-policy
Draft

feat(tft): configure packet authenticity policy#341
RCGV1 wants to merge 1 commit into
meshtastic:masterfrom
RCGV1:codex/packet-auth-policy

Conversation

@RCGV1

@RCGV1 RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member

Summary

Adds the device-enforced Packet authenticity receive-policy setting to the TFT Security UI for firmware that reports XEdDSA support.

  • presents Compatible, Balanced, and Strict in explicit order
  • reads and writes SecurityConfig.packet_signature_policy directly
  • defaults unknown wire values to Balanced
  • requires a second confirmation click before entering Strict and warns that legacy unsigned traffic may disappear
  • disables and closes the policy panel if XEdDSA capability is unavailable or the radio disconnects
  • updates both maintained 320×240 and 240×320 settings extensions consistently

This is configuration UI only; packet acceptance remains enforced by firmware.

Validation

  • focused doctest suite: 2 cases / 11 assertions passed
  • focused syntax compilation passed for TFTView_320x240, MeshtasticView, ViewController, and both UI orientations against nanopb generated from protobufs#983
  • git diff --check passed

A full macOS CMake build was attempted but stops before DeviceUI compilation in existing third-party Portduino/LVGL dependencies (argp.h, xkb header discovery, and ArduinoCore case-colliding String.h/string.h). No hardware validation has been performed, so this remains a draft.

Draft dependency

Depends on meshtastic/protobufs#983. The draft pins that exact schema commit from the contributor fork for reproducible validation. Before this PR can leave draft, replace the temporary fork pin with the merged upstream protobuf release/tag and complete hardware verification.

Closes #340
Design: meshtastic/design#121

Summary by CodeRabbit

  • New Features
    • Added packet authenticity policy control with Balanced, Compatible, and Strict modes, including UI panel, dropdown, and OK/Cancel flow.
    • Enforced strict confirmation when changing to Strict, and display labels/descriptions/warnings for each selection.
    • Controls are shown only when the connected device supports the required capability and security is available.
  • Bug Fixes
    • Improved packet-auth availability/state handling across connect/disconnect and when security policy changes.
  • Tests
    • Added tests covering policy mapping, wire-value conversion, and strict-mode confirmation rules.

@RCGV1

RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

📝 Walkthrough

Walkthrough

Adds a TFT packet authenticity policy selector with Compatible, Balanced, and Strict modes, strict-transition confirmation, XEdDSA capability gating, protobuf source updates, device metadata propagation, connection-state handling, and policy mapping tests.

Changes

Packet authenticity policy

Layer / File(s) Summary
Policy contract and validation
include/graphics/view/TFT/PacketAuthPolicy.h, tests/test_PacketAuthPolicy.cpp
Defines policy wire-value conversion, labels, strict-transition detection, and focused mapping tests.
Capability and UI contracts
cmake/protobuf.cmake, include/graphics/common/MeshtasticView.h, source/graphics/common/MeshtasticView.cpp, source/graphics/common/ViewController.cpp, include/graphics/view/TFT/TFTView_320x240.h, include/graphics/view/TFT/PacketAuthUI.h
Updates the Protobuf source, propagates has_xeddsa through device metadata, and declares packet-authentication settings and LVGL controls.
TFT policy flow and lifecycle
source/graphics/TFT/TFTView_320x240.cpp
Adds policy selection UI events, strict confirmation, configuration writes, availability gating, button-label updates, and connection-state refreshes.

Estimated code review effort: 4 (Complex) | ~45 minutes

Possibly related issues

  • meshtastic/firmware#10963 — Covers TFT UI and configuration support for packet_signature_policy.
  • meshtastic/web#1260 — Implements the same policy values, capability gating, and strict confirmation in another client.
  • meshtastic/Meshtastic-Android#6176 — Implements the corresponding packet authenticity selector and confirmation behavior.
  • meshtastic/standalone-ui#39 — Provides related packet-authentication UI states and strict warnings.
  • meshtastic/protobufs#982 — Defines the policy schema and enum values consumed by this change.

Poem

A bunny hops through settings bright,
Three policy paths now shine with light.
Strict gets a warning, clear and fair,
XEdDSA guides the choices there.
The radio saves what users choose!

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 9.68% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
Linked Issues check ❓ Inconclusive Most acceptance criteria appear implemented, but generated orientation UI files were excluded, so focus/navigation and localization can’t be verified. Review generated/ui_240x320/ui_tabview_settings.c and generated/ui_320x240/ui_tabview_settings.c, which were excluded by !/generated/, to verify the UI criteria.
✅ Passed checks (3 passed)
Check name Status Explanation
Out of Scope Changes check ✅ Passed The changes align with the packet authenticity policy feature and supporting tests; no unrelated edits are evident.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main TFT change: adding packet authenticity policy configuration.

Comment @coderabbitai help to get the list of available commands.

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
tests/test_PacketAuthPolicy.cpp (1)

6-12: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Cover all outbound policy values.

Line 11 only protects Compatible; add Balanced and Strict so future enum changes cannot silently persist the wrong firmware policy.

Proposed test additions
   CHECK(PacketAuthPolicy::fromWireValue(99) == Selection::Balanced);
+  CHECK(PacketAuthPolicy::toWireValue(Selection::Balanced) == 0);
   CHECK(PacketAuthPolicy::toWireValue(Selection::Compatible) == 1);
+  CHECK(PacketAuthPolicy::toWireValue(Selection::Strict) == 2);
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/test_PacketAuthPolicy.cpp` around lines 6 - 12, Extend the test case
“packet authenticity wire values map to UI selections” to assert
PacketAuthPolicy::toWireValue for Selection::Balanced and Selection::Strict,
expecting their corresponding firmware wire values alongside the existing
Compatible assertion.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@source/graphics/common/ViewController.cpp`:
- Around line 874-878: Replace the invalid meta.has_xeddsa member access in the
meshtastic_FromRadio_metadata_tag handler with meta.has_xeddsa_signed when
calling view->setDeviceMetaData.

---

Nitpick comments:
In `@tests/test_PacketAuthPolicy.cpp`:
- Around line 6-12: Extend the test case “packet authenticity wire values map to
UI selections” to assert PacketAuthPolicy::toWireValue for Selection::Balanced
and Selection::Strict, expecting their corresponding firmware wire values
alongside the existing Compatible assertion.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 689e52e0-cafd-42bb-a5ce-be09c7c6b36f

📥 Commits

Reviewing files that changed from the base of the PR and between effbb92 and 6d8342a.

⛔ Files ignored due to path filters (2)
  • generated/ui_240x320/ui_tabview_settings.c is excluded by !**/generated/**
  • generated/ui_320x240/ui_tabview_settings.c is excluded by !**/generated/**
📒 Files selected for processing (9)
  • cmake/protobuf.cmake
  • include/graphics/common/MeshtasticView.h
  • include/graphics/view/TFT/PacketAuthPolicy.h
  • include/graphics/view/TFT/PacketAuthUI.h
  • include/graphics/view/TFT/TFTView_320x240.h
  • source/graphics/TFT/TFTView_320x240.cpp
  • source/graphics/common/MeshtasticView.cpp
  • source/graphics/common/ViewController.cpp
  • tests/test_PacketAuthPolicy.cpp

Comment thread source/graphics/common/ViewController.cpp
@RCGV1 RCGV1 force-pushed the codex/packet-auth-policy branch from e23cffa to b64f464 Compare July 10, 2026 00:29
@RCGV1 RCGV1 force-pushed the codex/packet-auth-policy branch from b64f464 to f9c0db8 Compare July 10, 2026 00:31
@RCGV1

RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[2.8.0] Configure packet authenticity policy

1 participant