wifi-densepose/v2/crates/wifi-densepose-bfld/src
rUv a369fbe66e
fix(bfld security): close HIGH privacy-bypass in process_to_frame (identity surface leaked despite restrictive class) + JSON-injection (#1075)
* fix(bfld): route process_to_frame payload through PrivacyGate (ADR-141 privacy bypass)

BfldPipeline::process_to_frame stamped the frame header with the active
privacy class but serialized the caller-supplied BfldPayload UNCHANGED via
BfldFrame::from_payload. This let a frame labeled Anonymous(2) or
Restricted(3) carry the full identity-leaky compressed_angle_matrix
(+ amplitude/phase proxies, csi_delta) that PrivacyGate::demote is documented
and tested (privacy_gate_demote.rs) to strip at exactly those classes.

A NetworkSink accepts class >= Derived(1), so such a frame would publish the
beamforming angle matrix — the identity surface — across the node boundary
despite its restrictive class byte. The class byte lied about payload content.

Fix: after building the frame at the active class, apply PrivacyGate::demote to
the same class. demote() strips sections by target-class threshold (independent
of any class transition), so a same-class demote performs no class change but
brings the payload into policy compliance. Research classes (Raw/Derived) keep
the full payload — demote is a no-op there.

Pinned by three fails-on-old tests in pipeline_to_frame.rs:
- process_to_frame_at_anonymous_strips_identity_leaky_sections (FAILED pre-fix)
- process_to_frame_in_privacy_mode_strips_amplitude_and_phase (FAILED pre-fix)
- process_to_frame_at_derived_preserves_full_payload (guards against over-strip)
The pre-existing round-trip test is updated to assert the gated payload.

Co-Authored-By: claude-flow <ruv@ruv.net>

* fix(bfld): JSON-escape zone_id in MQTT state-topic payload

render_events emitted the zone_activity payload as format!("\"{zone}\"") with no
escaping, while ha_discovery.rs already escapes operator-controlled strings via
push_str_field. A zone name containing a double-quote or backslash therefore
produced malformed / injectable JSON on the state topic that Home Assistant
parses (e.g. zone `a"b` -> payload `"a"b"`).

Fix: add json_string_literal() mirroring ha_discovery's escaping (", \, \n, \r,
\t, control chars) and use it for the zone payload. Value-identical for normal
zone names (living_room etc.).

Pinned by zone_payload_escapes_json_metacharacters (FAILED pre-fix); the
existing zone_payload_is_json_string_with_quotes still passes unchanged.

Co-Authored-By: claude-flow <ruv@ruv.net>

* docs(adr-141): record bfld privacy+security review findings + CHANGELOG

Document the two fixed bugs (process_to_frame privacy-bypass; zone_id JSON
injection) and the dimensions confirmed clean (event-field gating, witness/hash
framing, fail-closed) in ADR-141, plus CHANGELOG [Unreleased] Security/Fixed
entries.

Co-Authored-By: claude-flow <ruv@ruv.net>
2026-06-14 16:15:42 -04:00
..
availability.rs feat(adr-118/p5.8): availability topic + LWT integration (203/203 GREEN) 2026-05-24 17:57:55 -04:00
coherence_gate.rs feat(adr-118/p3.4): SoulMatchOracle + Recalibrate exemption (93/93 GREEN) 2026-05-24 15:17:24 -04:00
embedding.rs feat(adr-118/p2.1): IdentityEmbedding newtype + zeroizing Drop — 44/44 GREEN 2026-05-24 14:27:28 -04:00
embedding_ring.rs feat(adr-118/p2.2): EmbeddingRing 64-entry FIFO buffer — 53/53 GREEN 2026-05-24 14:37:03 -04:00
emitter.rs feat(adr-118/p3.6): IdentityFeatures canonical-bytes encoder (137/137 GREEN) 2026-05-24 16:18:33 -04:00
event.rs feat(adr-118/p4.4): rf_signature_hash JSON as "blake3:<hex>" (128/128 GREEN) 2026-05-24 16:08:29 -04:00
frame.rs feat(adr-118/p1.7): reserved-flag-bits forward-compat (243/243 GREEN) 2026-05-24 18:55:04 -04:00
ha_discovery.rs feat(adr-118/p5.8): availability topic + LWT integration (203/203 GREEN) 2026-05-24 17:57:55 -04:00
identity_features.rs feat(adr-118/p3.6): IdentityFeatures canonical-bytes encoder (137/137 GREEN) 2026-05-24 16:18:33 -04:00
identity_risk.rs feat(adr-118/p3.2): identity_risk score + GateAction enum — 72/72 GREEN 2026-05-24 14:57:08 -04:00
lib.rs feat(bfld): implement §3.6 Soul Signature matcher + real SoulMatchOracle 2026-06-11 21:16:05 -04:00
mqtt_topics.rs fix(bfld security): close HIGH privacy-bypass in process_to_frame (identity surface leaked despite restrictive class) + JSON-injection (#1075) 2026-06-14 16:15:42 -04:00
payload.rs feat(adr-118/p1.5): payload section parser (BfldPayload) — 32/32 GREEN 2026-05-24 14:07:14 -04:00
pipeline.rs fix(bfld security): close HIGH privacy-bypass in process_to_frame (identity surface leaked despite restrictive class) + JSON-injection (#1075) 2026-06-14 16:15:42 -04:00
pipeline_handle.rs feat(adr-118/p6.4): spawn_with_oracle for Soul Signature deployments (227/227 GREEN) 2026-05-24 18:45:54 -04:00
privacy_gate.rs feat(adr-118/p3.1): PrivacyGate::demote monotonic class transformer (60/60 GREEN) 2026-05-24 14:48:01 -04:00
privacy_mode.rs fix(bfld): gate PrivacyAttestationProof::compute behind std 2026-05-31 10:45:38 -04:00
rumqttc_publisher.rs feat(adr-118/p5.9): RumqttPublisher::connect_with_lwt — broker auto-publishes "offline" (220/220 GREEN with mqtt) 2026-05-24 18:08:59 -04:00
signature_hasher.rs feat(adr-118/p3.5): SignatureHasher (BLAKE3-keyed) — 117/117 GREEN 2026-05-24 15:47:21 -04:00
sink.rs feat(adr-118/p1.3): Sink marker traits + PrivacyClass::try_from (17/17 GREEN) 2026-05-24 13:43:05 -04:00
soul_channels.rs feat(bfld): implement §3.6 Soul Signature matcher + real SoulMatchOracle 2026-06-11 21:16:05 -04:00
soul_match.rs feat(bfld): implement §3.6 Soul Signature matcher + real SoulMatchOracle 2026-06-11 21:16:05 -04:00