History

rUv 9b126e927e harden(assist security): bound untrusted utterance (DoS); cmd-injection/ReDoS/NaN/fail-open all proven clean with evidence (#1086 ) * fix(homecore-assist): bound untrusted utterance length, fail closed (ADR-133 security) The intent recognizers accept utterances from untrusted callers (voice transcripts, the WebSocket `assist` command). Neither the regex nor the semantic path bounded utterance length, so a pathological multi-megabyte utterance forced an unbounded `to_lowercase()` clone plus a per-registered- pattern scan (and, in the semantic path, full tokenisation + feature-hash embedding) — an allocation/CPU amplification on attacker-controlled input. The `regex` crate is linear-time (no catastrophic backtracking), so this was a throughput/memory DoS rather than a hang, but it was still unbounded. Fix: introduce MAX_UTTERANCE_BYTES (4 KiB — far above any real spoken command) and check it at both recognizer boundaries BEFORE any allocation or scan. An over-length utterance fails closed: Ok(None) (no intent, no action), identical to an unrecognised phrase. No legitimate command is affected. Pinned by fails-on-old tests: - recognizer::over_length_utterance_fails_closed — an over-length utterance that contains a valid command resolves to None (would have matched before) - semantic_recognizer::over_length_utterance_fails_closed_semantic Co-Authored-By: claude-flow <ruv@ruv.net> * test(homecore-assist): pin clean security dimensions with evidence (ADR-133) Adds regression tests documenting the dimensions reviewed and found clean, so the properties cannot silently regress: - runner: no subprocess surface exists. RufloRunnerOpts.{script_path,env} are inert and never executed; even a hostile script_path/env spawns nothing. And the entity_id capture class [a-z0-9_ .] strips every shell metacharacter, so a resolved slot can never carry ; \| & $ ` / etc into a (future) argv — sanitisation by construction. (shell_metachars_never_survive_into_a_resolved_slot, runner_opts_are_inert_no_process_spawned) - recognizer: the regex crate is a linear-time finite automaton; a classic catastrophic-backtracking shape (a+)+$ on adversarial input completes in bounded time — no ReDoS. (pathological_backtracking_pattern_completes_in_bounded_time) - embedding: embeddings are structurally finite (FNV feature-hash + guarded L2 normalise, no external float input, no unguarded division), so a crafted utterance cannot inject NaN/Inf to poison cosine k-NN; cosine against the zero vector is a finite 0.0, never NaN. (embeddings_are_structurally_finite, cosine_with_zero_vector_is_finite_not_nan, empty_utterance_against_empty_index_no_panic_no_match) - pipeline: injection-shaped utterances never deliver a metacharacter into a service call; the worst case resolves to a clean entity token, and an unrecognised utterance fails closed to not_understood (no action). (pipeline_injection_shaped_utterance_carries_no_metachars_to_service) Co-Authored-By: claude-flow <ruv@ruv.net> * docs(homecore-assist): record ADR-133 security review (HC-ASSIST-01 + clean dims) CHANGELOG [Unreleased] Security entry + ADR-133 section 6 review notes for the homecore-assist voice/intent pipeline review. Co-Authored-By: claude-flow <ruv@ruv.net>		2026-06-14 21:34:38 -04:00
..
cog-ha-matter	harden(cog-ha-matter crypto): domain-separate witness signing + verify_strict (signing chain otherwise sound — P2 crypto core verified) (#1080 )	2026-06-14 19:04:09 -04:00
cog-person-count	bench(cogs): steady-state CPU infer latency benches (ADR-163 T2)	2026-06-12 08:01:50 -04:00
cog-pose-estimation	bench(cogs): steady-state CPU infer latency benches (ADR-163 T2)	2026-06-12 08:01:50 -04:00
homecore	docs(homecore): comprehensive README — state machine + event bus + registries	2026-05-25 23:09:16 -04:00
homecore-api	fix(homecore-api security): auth-gate GET /api/ (was unauthenticated) + recover WS subscription on broadcast lag (#1076 )	2026-06-14 16:48:57 -04:00
homecore-assist	harden(assist security): bound untrusted utterance (DoS); cmd-injection/ReDoS/NaN/fail-open all proven clean with evidence (#1086 )	2026-06-14 21:34:38 -04:00
homecore-automation	fix(automation security): template-bomb DoS (100MB/11s render → fuel-bounded, HIGH) + delay panic-on-config (MEDIUM) (#1083 )	2026-06-14 20:22:07 -04:00
homecore-hap	docs(homecore-hap): comprehensive README — HomeKit bridge with 11 accessory types	2026-05-25 23:11:15 -04:00
homecore-migrate	docs(adr): write ADR-165 (HOMECORE-MIGRATE), repoint migrate 134→165 — ADR-164 G3	2026-06-12 23:00:33 -04:00
homecore-plugin-example	HOMECORE: native Rust/WASM/TS port of Home Assistant — ADRs 125-134 implementation (#800 )	2026-05-25 22:47:48 -04:00
homecore-plugins	feat(homecore-plugins): enforce plugin signature + capability isolation (ADR-162 P4/P5)	2026-06-12 01:33:52 -04:00
homecore-recorder	fix(recorder): bound history query (memory-DoS) + add missing transactional purge (disk-DoS); SQL-injection & NaN dims clean (#1084 )	2026-06-14 21:00:52 -04:00
homecore-server	fix(homecore-automation): start engine + implement time/run-mode/choose/template (ADR-161 A3-A7)	2026-06-12 00:55:34 -04:00
nvsim	fix(security): audit — fix RUSTSEC vulns, clippy warnings, dead code (#769 )	2026-05-23 05:36:13 -04:00
nvsim-server	fix(security): audit — fix RUSTSEC vulns, clippy warnings, dead code (#769 )	2026-05-23 05:36:13 -04:00
ruv-neural@1ece3afa33	chore: extract ruv-neural to ruvnet/ruv-neural, wire as submodule (#1019 )	2026-06-11 18:12:51 -04:00
ruview-swarm	fix(adr): resolve duplicate ADR numbers + close ADR-080 security + ADR-154 M1 signal backlog (#1051 )	2026-06-13 14:31:38 -04:00
wifi-densepose-bfld	fix(bfld security): close HIGH privacy-bypass in process_to_frame (identity surface leaked despite restrictive class) + JSON-injection (#1075 )	2026-06-14 16:15:42 -04:00
wifi-densepose-calibration	fix(calibration): NaN-poisoning silently disabled presence specialist (Features::from_series unguarded) + de-magic (#1077 )	2026-06-14 17:22:20 -04:00
wifi-densepose-cli	release: bump signal 0.3.4 / sensing-server 0.3.3 / cli 0.3.1 (fixes #1009 , #1004 )	2026-06-12 16:55:27 -04:00
wifi-densepose-core	Beyond-SOTA engine/signal/train improvements: mesh partition guard, FFT CIR solver, canonical frame decoder, falsifiable occupancy benchmark, governed streaming, adapter provenance (#1018 )	2026-06-11 16:08:54 -04:00
wifi-densepose-desktop	fix: revert config-dependent cargo-fix changes (kept only always-safe edits)	2026-06-12 08:56:26 -04:00
wifi-densepose-engine	fix(engine security): close witness domain-separation collision in governed-trust cycle + prove privacy monotonicity (#1074 )	2026-06-14 15:32:24 -04:00
wifi-densepose-geo	fix(geo numerical): parse_hgt underflow/inf-grid (HIGH) + haversine asin-NaN; pointcloud confirmed-robust (NaN-poisoning class, 3rd find) (#1081 )	2026-06-14 19:37:08 -04:00
wifi-densepose-hardware	feat(beyond-sota): ADR-157 M1 — constant-time HMAC compare + MEASURED 5.57x native wlanapi scan (#1054 )	2026-06-13 16:32:34 -04:00
wifi-densepose-mat	release: bump 9 crates changed in the beyond-SOTA sweep for crates.io	2026-06-11 22:41:21 -04:00
wifi-densepose-nn	refactor(beyond-sota): ADR-155 M2 — host-verifiable §8 closeout (7 de-magic, 9 boundary tests, native-conv honest-null) (#1059 )	2026-06-14 00:07:56 -04:00
wifi-densepose-occworld-candle	feat(occworld): real conv encoder/decoder forward pass + honesty flag	2026-06-11 21:47:19 -04:00
wifi-densepose-pointcloud	fix(geo numerical): parse_hgt underflow/inf-grid (HIGH) + haversine asin-NaN; pointcloud confirmed-robust (NaN-poisoning class, 3rd find) (#1081 )	2026-06-14 19:37:08 -04:00
wifi-densepose-rufield	feat(ADR-262 P3): live /api/field + /ws/field — RuView sensing speaks RuField (fail-closed egress) (#1071 )	2026-06-14 13:55:41 -04:00
wifi-densepose-ruvector	feat(ADR-261 M2): multi-bit + large-N ANN scaling study — measured, no crossover (refutes M1 prediction) (#1066 )	2026-06-14 10:31:00 -04:00
wifi-densepose-sensing-server	feat(ADR-262 P3): live /api/field + /ws/field — RuView sensing speaks RuField (fail-closed egress) (#1071 )	2026-06-14 13:55:41 -04:00
wifi-densepose-signal	refactor(beyond-sota): ADR-154 M3 — clear §7.4 P3 backlog (22 de-magic + 6 boundary tests, backlog 36→0) (#1057 )	2026-06-13 19:36:05 -04:00
wifi-densepose-train	refactor(beyond-sota): ADR-155 M2 — host-verifiable §8 closeout (7 de-magic, 9 boundary tests, native-conv honest-null) (#1059 )	2026-06-14 00:07:56 -04:00
wifi-densepose-vitals	fix(vitals safety): non-finite CSI frame permanently froze breathing+HR via IIR-state poisoning (self-heal) + noise-never-Valid pin (#1079 )	2026-06-14 18:01:47 -04:00
wifi-densepose-wasm	fix(security): audit — fix RUSTSEC vulns, clippy warnings, dead code (#769 )	2026-05-23 05:36:13 -04:00
wifi-densepose-wasm-edge	test(wasm-edge): synthetic-ground-truth validation harness for edge skills (ADR-160)	2026-06-13 00:33:51 -04:00
wifi-densepose-wifiscan	feat(beyond-sota): ADR-157 M1 — constant-time HMAC compare + MEASURED 5.57x native wlanapi scan (#1054 )	2026-06-13 16:32:34 -04:00
wifi-densepose-worldgraph	Beyond-SOTA engine/signal/train improvements: mesh partition guard, FFT CIR solver, canonical frame decoder, falsifiable occupancy benchmark, governed streaming, adapter provenance (#1018 )	2026-06-11 16:08:54 -04:00
wifi-densepose-worldmodel	feat: per-room calibration system (ADR-151) + cognitum-v0 appliance integration spec (#989 )	2026-06-10 15:21:09 -04:00
README.md	chore(repo): rename rust-port/wifi-densepose-rs → v2/ (flatten to one level) (#427 )	2026-04-25 21:28:13 -04:00

README.md

WiFi-DensePose Rust Crates

See through walls with WiFi. No cameras. No wearables. Just radio waves.

A modular Rust workspace for WiFi-based human pose estimation, vital sign monitoring, and disaster response using Channel State Information (CSI). Built on RuVector graph algorithms and the WiFi-DensePose research platform by rUv.

Performance

Operation	Python v1	Rust v2	Speedup
CSI Preprocessing	~5 ms	5.19 us	~1000x
Phase Sanitization	~3 ms	3.84 us	~780x
Feature Extraction	~8 ms	9.03 us	~890x
Motion Detection	~1 ms	186 ns	~5400x
Full Pipeline	~15 ms	18.47 us	~810x
Vital Signs	N/A	86 us (11,665 fps)	--

Crate Overview

Core Foundation

Crate	Description	crates.io
`wifi-densepose-core`	Types, traits, and utilities (`CsiFrame`, `PoseEstimate`, `SignalProcessor`)
`wifi-densepose-config`	Configuration management (env, TOML, YAML)
`wifi-densepose-db`	Database persistence (PostgreSQL, SQLite, Redis)

Signal Processing & Sensing

Crate	Description	RuVector Integration
`wifi-densepose-signal`	SOTA CSI signal processing (6 algorithms from SpotFi, FarSense, Widar 3.0)	`ruvector-mincut`, `ruvector-attn-mincut`, `ruvector-attention`, `ruvector-solver`
`wifi-densepose-vitals`	Vital sign extraction: breathing (6-30 BPM) and heart rate (40-120 BPM)	--
`wifi-densepose-wifiscan`	Multi-BSSID WiFi scanning for Windows-enhanced sensing	--

Neural Network & Training

Crate	Description	RuVector Integration	crates.io
`wifi-densepose-nn`	Multi-backend inference (ONNX, PyTorch, Candle) with DensePose head (24 body parts)	--
`wifi-densepose-train`	Training pipeline with MM-Fi dataset, 114->56 subcarrier interpolation	All 5 crates

Disaster Response

Crate	Description	RuVector Integration	crates.io
`wifi-densepose-mat`	Mass Casualty Assessment Tool -- survivor detection, triage, multi-AP localization	`ruvector-solver`, `ruvector-temporal-tensor`

Hardware & Deployment

Crate	Description	crates.io
`wifi-densepose-hardware`	ESP32, Intel 5300, Atheros CSI sensor interfaces (pure Rust, no FFI)
`wifi-densepose-wasm`	WebAssembly bindings for browser-based disaster dashboard
`wifi-densepose-sensing-server`	Axum server: ESP32 UDP ingestion, WebSocket broadcast, sensing UI

Applications

Crate	Description	crates.io
`wifi-densepose-api`	REST + WebSocket API layer
`wifi-densepose-cli`	Command-line tool for MAT disaster scanning

Architecture

                          wifi-densepose-core
                         (types, traits, errors)
                                  |
              +-------------------+-------------------+
              |                   |                   |
    wifi-densepose-signal   wifi-densepose-nn   wifi-densepose-hardware
    (CSI processing)        (inference)         (ESP32, Intel 5300)
    + ruvector-mincut       + ONNX Runtime          |
    + ruvector-attn-mincut  + PyTorch (tch)   wifi-densepose-vitals
    + ruvector-attention    + Candle          (breathing, heart rate)
    + ruvector-solver            |
              |                  |             wifi-densepose-wifiscan
              +--------+---------+            (BSSID scanning)
                       |
          +------------+------------+
          |                         |
  wifi-densepose-train    wifi-densepose-mat
  (training pipeline)     (disaster response)
  + ALL 5 ruvector        + ruvector-solver
                          + ruvector-temporal-tensor
                                |
              +-----------------+-----------------+
              |                 |                 |
    wifi-densepose-api  wifi-densepose-wasm  wifi-densepose-cli
    (REST/WS)           (browser WASM)       (CLI tool)
              |
    wifi-densepose-sensing-server
    (Axum + WebSocket)

RuVector Integration

All RuVector crates at v2.0.4 from crates.io:

RuVector Crate	Used In	Purpose
`ruvector-mincut`	signal, train	Dynamic min-cut for subcarrier selection & person matching
`ruvector-attn-mincut`	signal, train	Attention-weighted min-cut for antenna gating & spectrograms
`ruvector-temporal-tensor`	train, mat	Tiered temporal compression (4-10x memory reduction)
`ruvector-solver`	signal, train, mat	Sparse Neumann solver for interpolation & triangulation
`ruvector-attention`	signal, train	Scaled dot-product attention for spatial features & BVP

Signal Processing Algorithms

Six state-of-the-art algorithms implemented in wifi-densepose-signal:

Algorithm	Paper	Year	Module
Conjugate Multiplication	SpotFi (SIGCOMM)	2015	`csi_ratio.rs`
Hampel Filter	WiGest	2015	`hampel.rs`
Fresnel Zone Model	FarSense (MobiCom)	2019	`fresnel.rs`
CSI Spectrogram	Standard STFT	2018+	`spectrogram.rs`
Subcarrier Selection	WiDance (MobiCom)	2017	`subcarrier_selection.rs`
Body Velocity Profile	Widar 3.0 (MobiSys)	2019	`bvp.rs`

Quick Start

As a Library

use wifi_densepose_core::{CsiFrame, CsiMetadata, SignalProcessor};
use wifi_densepose_signal::{CsiProcessor, CsiProcessorConfig};

// Configure the CSI processor
let config = CsiProcessorConfig::default();
let processor = CsiProcessor::new(config);

// Process a CSI frame
let frame = CsiFrame { /* ... */ };
let processed = processor.process(&frame)?;

Vital Sign Monitoring

use wifi_densepose_vitals::{
    CsiVitalPreprocessor, BreathingExtractor, HeartRateExtractor,
    VitalAnomalyDetector,
};

let mut preprocessor = CsiVitalPreprocessor::new(56); // 56 subcarriers
let mut breathing = BreathingExtractor::new(100.0);    // 100 Hz sample rate
let mut heartrate = HeartRateExtractor::new(100.0);

// Feed CSI frames and extract vitals
for frame in csi_stream {
    let residuals = preprocessor.update(&frame.amplitudes);
    if let Some(bpm) = breathing.push_residuals(&residuals) {
        println!("Breathing: {:.1} BPM", bpm);
    }
}

Disaster Response (MAT)

use wifi_densepose_mat::{DisasterResponse, DisasterConfig, DisasterType};

let config = DisasterConfig {
    disaster_type: DisasterType::Earthquake,
    max_scan_zones: 16,
    ..Default::default()
};

let mut responder = DisasterResponse::new(config);
responder.add_scan_zone(zone)?;
responder.start_continuous_scan().await?;

Hardware (ESP32)

use wifi_densepose_hardware::{Esp32CsiParser, CsiFrame};

let parser = Esp32CsiParser::new();
let raw_bytes: &[u8] = /* UDP packet from ESP32 */;
let frame: CsiFrame = parser.parse(raw_bytes)?;
println!("RSSI: {} dBm, {} subcarriers", frame.metadata.rssi, frame.subcarriers.len());

Training

# Check training crate (no GPU needed)
cargo check -p wifi-densepose-train --no-default-features

# Run training with GPU (requires tch/libtorch)
cargo run -p wifi-densepose-train --features tch-backend --bin train -- \
    --config training.toml --dataset /path/to/mmfi

# Verify deterministic training proof
cargo run -p wifi-densepose-train --features tch-backend --bin verify-training

Building

# Clone the repository
git clone https://github.com/ruvnet/wifi-densepose.git
cd wifi-densepose/v2

# Check workspace (no GPU dependencies)
cargo check --workspace --no-default-features

# Run all tests
cargo test --workspace --no-default-features

# Build release
cargo build --release --workspace

Feature Flags

Crate	Feature	Description
`wifi-densepose-nn`	`onnx` (default)	ONNX Runtime backend
`wifi-densepose-nn`	`tch-backend`	PyTorch (libtorch) backend
`wifi-densepose-nn`	`candle-backend`	Candle (pure Rust) backend
`wifi-densepose-nn`	`cuda`	CUDA GPU acceleration
`wifi-densepose-train`	`tch-backend`	Enable GPU training modules
`wifi-densepose-mat`	`ruvector` (default)	RuVector graph algorithms
`wifi-densepose-mat`	`api` (default)	REST + WebSocket API
`wifi-densepose-mat`	`distributed`	Multi-node coordination
`wifi-densepose-mat`	`drone`	Drone-mounted scanning
`wifi-densepose-hardware`	`esp32`	ESP32 protocol support
`wifi-densepose-hardware`	`intel5300`	Intel 5300 CSI Tool
`wifi-densepose-hardware`	`linux-wifi`	Linux commodity WiFi
`wifi-densepose-wifiscan`	`wlanapi`	Windows WLAN API async scanning
`wifi-densepose-core`	`serde`	Serialization support
`wifi-densepose-core`	`async`	Async trait support

Testing

# Unit tests (all crates)
cargo test --workspace --no-default-features

# Signal processing benchmarks
cargo bench -p wifi-densepose-signal

# Training benchmarks
cargo bench -p wifi-densepose-train --no-default-features

# Detection benchmarks
cargo bench -p wifi-densepose-mat

Supported Hardware

Hardware	Crate Feature	CSI Subcarriers	Cost
ESP32-S3 Mesh (3-6 nodes)	`hardware/esp32`	52-56	~$54
Intel 5300 NIC	`hardware/intel5300`	30	~$50
Atheros AR9580	`hardware/linux-wifi`	56	~$100
Any WiFi (Windows/Linux)	`wifiscan`	RSSI-only	$0

Architecture Decision Records

Key design decisions documented in docs/adr/:

ADR	Title	Status
ADR-014	SOTA Signal Processing	Accepted
ADR-015	MM-Fi + Wi-Pose Training Datasets	Accepted
ADR-016	RuVector Training Pipeline	Accepted (Complete)
ADR-017	RuVector Signal + MAT Integration	Accepted
ADR-021	Vital Sign Detection Pipeline	Accepted
ADR-022	Windows WiFi Enhanced Sensing	Accepted
ADR-024	Contrastive CSI Embedding Model	Accepted

WiFi-DensePose -- Main repository (Python v1 + Rust v2)
RuVector -- Graph algorithms for neural networks (5 crates, v2.0.4)
rUv -- Creator and maintainer

License

All crates are dual-licensed under MIT OR Apache-2.0.