berkus
/
wifi-densepose
mirror of https://github.com/ruvnet/wifi-densepose.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
wifi-densepose/v2
History
ruv d25e331bbf feat(adr-115): P9 — security audit (mqtt::security) + criterion benchmarks (15 tests) 
## Security audit (`mqtt::security`)

New module enforcing the ADR-115 §3.9 / §7 wire-level invariants as
pure functions, callable from both the publisher hot path and the
unit-test suite:

- **Topic safety** — reject `+`, `#`, `\0`, `/` in segment-level
  identifiers (node_id, client_id, zone tag). Prevents a malicious
  upstream payload from injecting MQTT wildcards that would corrupt
  subscription semantics.
- **Path safety** — reject NUL / newline in TLS cert / CA paths.
- **Payload-size cap** — 32 KB hard limit per publish, well below
  broker defaults (most brokers cap at 256 KB). Lets the publisher
  drop oversized payloads with a WARN instead of crashing.
- **Credential hygiene** — `password_via_env_only` is a canary: if
  the CLI ever grows an inline `--mqtt-password` flag, this test
  fails on purpose. Today we only accept `--mqtt-password-env <VAR>`.
- **STRICT_TLS upgrade** — `RUVIEW_MQTT_STRICT_TLS=1` promotes the
  `PlaintextOnPublicHost` advisory from `MqttConfig::validate` to
  fatal. This is the planned v0.8.0 default per ADR §9.5.
- **Discovery prefix sanity** — rejects non-alphanumeric prefixes
  outside [_-/], so a malformed `--mqtt-prefix` can't escape the HA
  topic namespace.

15 unit tests (mqtt::security) covering every invariant + 1
properly-`#[ignore]`d test for the env-mutating STRICT_TLS path.

## Criterion benchmarks (`benches/mqtt_throughput.rs`)

Micro-benchmarks for the MQTT + semantic hot paths:
- discovery payload generation (presence / heart_rate / fall event)
- state encoders (boolean / numeric / event)
- rate-limiter `allow()` decisions (first sample + within-gap)
- privacy `decide()` (strip HR vs keep presence)
- full bus tick across all 10 semantic primitives

Bench targets (laptop-class release build):
- discovery payload: <5 µs    state encode: <2 µs
- rate limit: <100 ns          privacy decide: <50 ns
- bus tick (10 prim): <10 µs

Run with `cargo bench -p wifi-densepose-sensing-server --bench
mqtt_throughput --features mqtt`. Numbers will be captured into the
witness bundle in P10.

`criterion` 0.5 added as dev-dep. `[[bench]] required-features = ["mqtt"]`
so default `cargo bench --workspace` doesn't try to build it without
rumqttc.

Lib test count: **372 passed** (357 → 372, +15 security tests).

Refs #776.

Co-Authored-By: claude-flow <ruv@ruv.net>
 		2026-05-23 14:17:55 -04:00
..
.cargo fix(security): audit — fix RUSTSEC vulns, clippy warnings, dead code (#769) 2026-05-23 05:36:13 -04:00
.claude-flow chore(repo): rename rust-port/wifi-densepose-rs → v2/ (flatten to one level) (#427) 2026-04-25 21:28:13 -04:00
crates feat(adr-115): P9 — security audit (mqtt::security) + criterion benchmarks (15 tests) 2026-05-23 14:17:55 -04:00
data chore(repo): rename rust-port/wifi-densepose-rs → v2/ (flatten to one level) (#427) 2026-04-25 21:28:13 -04:00
docs chore(repo): rename rust-port/wifi-densepose-rs → v2/ (flatten to one level) (#427) 2026-04-25 21:28:13 -04:00
examples chore(repo): rename rust-port/wifi-densepose-rs → v2/ (flatten to one level) (#427) 2026-04-25 21:28:13 -04:00
patches/ruvector-crv chore(repo): rename rust-port/wifi-densepose-rs → v2/ (flatten to one level) (#427) 2026-04-25 21:28:13 -04:00
Cargo.lock fix(security): audit — fix RUSTSEC vulns, clippy warnings, dead code (#769) 2026-05-23 05:36:13 -04:00
Cargo.toml fix(security): audit — fix RUSTSEC vulns, clippy warnings, dead code (#769) 2026-05-23 05:36:13 -04:00
rust-toolchain.toml v2: pin Rust 1.89 and fix sensing-server UI path when run from v2 (#523) 2026-05-17 18:00:36 -04:00