Skip to content

feat: consume packet authenticity settings#40

Draft
RCGV1 wants to merge 3 commits into
meshtastic:masterfrom
RCGV1:codex/packet-auth-policy
Draft

feat: consume packet authenticity settings#40
RCGV1 wants to merge 3 commits into
meshtastic:masterfrom
RCGV1:codex/packet-auth-policy

Conversation

@RCGV1

@RCGV1 RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member

Summary

Brings standalone-ui onto the shared Packet authenticity configuration implemented by device-ui#341.

  • updates local nanopb bindings for SecurityConfig.packet_signature_policy and DeviceMetadata.has_xeddsa
  • pins the exact draft device-ui implementation that provides the capability-gated Compatible/Balanced/Strict TFT selector and Strict confirmation
  • adds a focused schema-contract test for enum values, field tags, Balanced default, and capability default
  • gives the native test fixture internal linkage so the Linux target links cleanly with the logging library

The receive policy is enforced by the connected Meshtastic firmware; standalone-ui only reads and writes the device-owned SecurityConfig.

Validation

  • nanopb bindings regenerated with nanopb 0.4.9.1 from the exact protobufs#983 schema commit
  • git diff --check passes
  • Debian Linux pio test -e native-mui: 11/11 tests pass, including the packet-authenticity schema contract
  • device-ui#341 separately passes 2 focused doctest cases / 11 assertions and focused syntax compilation for both TFT orientations
  • independent review approved exact head f23fe8cc0d18af5d1afe6236ce7e24e1d06092cb

No hardware validation has been performed, so this remains a draft.

Draft dependencies

Depends on:

The temporary contributor-fork device-ui pin must be replaced by the merged upstream commit before this PR leaves draft.

Closes #39
Design: meshtastic/design#121

Summary by CodeRabbit

  • Tests

    • Added coverage to verify packet authenticity and security schema compatibility.
    • Added checks for expected configuration tags, default security settings, and packet signature policy values.
  • Chores

    • Updated the device interface dependency source used by applicable build environments.

@RCGV1

RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown

Review Change Stack

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: daa1fabd-4b0c-46f2-bb0f-63db5cb63f50

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

The PR switches the inherited device-ui dependency to a draft archive and adds a Unity test validating packet authenticity protobuf constants, defaults, and XEdDSA presence.

Changes

Packet authenticity integration

Layer / File(s) Summary
Draft device-ui dependency
platformio.ini
The inherited device-ui dependency now points to a temporary draft archive.
Packet authenticity schema contract test
test/test_MeshEnvelope.cpp
A registered Unity test verifies protobuf tags, packet signature policy enum values, and the default XEdDSA state.

Estimated code review effort: 2 (Simple) | ~10 minutes

Possibly related issues

  • meshtastic/device-ui#340 — Relates to the packet authenticity policy used by the draft device-ui implementation.
  • meshtastic/firmware#10963 — Relates to the validated packet authenticity schema fields.
  • meshtastic/design#121 — Defines the packet authenticity policy represented by the validated enum values.
  • meshtastic/Meshtastic-Android#6176 — Relates to clients reading and writing the validated policy.
  • meshtastic/Meshtastic-Apple#2065 — Relates to clients using the same policy schema.
  • meshtastic/web#1260 — Relates to exposing the validated policy in the Web UI.

Poem

A bunny checked the schemas bright,
With signed packets tucked in tight.
The draft UI hopped into view,
Tests confirmed the fields were true.
“Ship the carrots!” cried the crew.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Linked Issues check ⚠️ Warning The PR only shows dependency pinning and a schema test; it doesn't evidence the required UI assets, labels, or visual coverage from #39. Add the settings-source assets and screenshots for all states and resolutions, plus the required links and documentation from #39 and design#121.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title is concise and accurately summarizes the main change around consuming packet authenticity settings.
Out of Scope Changes check ✅ Passed The visible changes stay within packet-authenticity support and test coverage, with no clear unrelated additions.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

Comment @coderabbitai help to get the list of available commands.

@RCGV1 RCGV1 force-pushed the codex/packet-auth-policy branch from a91f3fa to ff6acb1 Compare July 10, 2026 00:29

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
test/test_MeshEnvelope.cpp (1)

87-93: 🎯 Functional Correctness | 🔵 Trivial | ⚡ Quick win

Exercise the generated default initializer.

_init_zero only proves that numeric enum value 0 maps to BALANCED; it does not verify the schema/generated default initializer if those differ. Use meshtastic_Config_SecurityConfig_init_default when available, or confirm that _init_zero is intentionally equivalent.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@test/test_MeshEnvelope.cpp` around lines 87 - 93, Update the test around
meshtastic_Config_SecurityConfig initialization to use
meshtastic_Config_SecurityConfig_init_default and assert the expected
packet_signature_policy value; if the generated default initializer is
intentionally equivalent to _init_zero, explicitly document and test that
equivalence instead.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@platformio.ini`:
- Around line 16-17: Replace the temporary RCGV1/device-ui archive URL in the
[device-ui_base] dependency configuration with the merged upstream device-ui
commit or official dependency reference, ensuring all inherited environments use
the upstream version before merging.

---

Nitpick comments:
In `@test/test_MeshEnvelope.cpp`:
- Around line 87-93: Update the test around meshtastic_Config_SecurityConfig
initialization to use meshtastic_Config_SecurityConfig_init_default and assert
the expected packet_signature_policy value; if the generated default initializer
is intentionally equivalent to _init_zero, explicitly document and test that
equivalence instead.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 5b301c00-7a84-4af6-b65d-3984b8609066

📥 Commits

Reviewing files that changed from the base of the PR and between 5f07dff and a91f3fa.

⛔ Files ignored due to path filters (4)
  • lib/mesh/generated/meshtastic/config.pb.cpp is excluded by !**/generated/**
  • lib/mesh/generated/meshtastic/config.pb.h is excluded by !**/generated/**
  • lib/mesh/generated/meshtastic/mesh.pb.cpp is excluded by !**/generated/**
  • lib/mesh/generated/meshtastic/mesh.pb.h is excluded by !**/generated/**
📒 Files selected for processing (2)
  • platformio.ini
  • test/test_MeshEnvelope.cpp

Comment thread platformio.ini Outdated
@RCGV1 RCGV1 force-pushed the codex/packet-auth-policy branch from ff6acb1 to 196a279 Compare July 10, 2026 00:32
@RCGV1

RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@RCGV1

RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@RCGV1

RCGV1 commented Jul 12, 2026

Copy link
Copy Markdown
Member Author

MUI validation update

Added the native MUI input/endpoint configuration used to exercise the packet-auth modal against the simulator, plus the validated screenshot set.

Native MUI build passed and the native-mui test suite passed 11/11.

Confirm Strict

Dropdown open

Balanced modal

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[2.8.0] Add packet authenticity policy settings source

1 participant