berkus
/
wifi-densepose
mirror of https://github.com/ruvnet/wifi-densepose.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
wifi-densepose/v2/crates/wifi-densepose-bfld
History
ruv ef72c00a02 docs(adr-118): root README Documentation table BFLD row (337/337 GREEN) 
Iter 51. PR-readiness pivot iter #2. Adds BFLD to the workspace-root
README.md Documentation table — closes pre-merge checklist item #3
(README.md update if scope changed). GitHub renders this; new
contributors / operators browsing ruvnet/RuView see the entry on
landing.

Added (in README.md, top-level Documentation table):
- New row right after the Home Assistant + Matter row, linking to
  v2/crates/wifi-densepose-bfld/README.md (iter-49 crate README).
- Summary covers:
    * 3 type-enforced structural invariants
      (raw BFI never exits / in-RAM-only embedding / cross-site
       cryptographically impossible)
    * Full operator surface (BfldPipeline, BfldPipelineHandle,
      SoulMatchOracle)
    * MQTT topic router + HA-DISCO + availability + LWT
    * 3 operator HA blueprints
    * Two runnable examples
    * eclipse-mosquitto:2 CI service container
    * 327+ tests
- Per-ADR links: 118 (umbrella), 119 (frame), 120 (privacy class),
  121 (risk scoring), 122 (HA/Matter), 123 (capture path)
- Research dossier pointer: docs/research/BFLD/ (11 files, 13,544 words)

Added (in v2/crates/wifi-densepose-bfld/tests/root_readme_link.rs):
- 5 named tests via include_str!:
    root_readme_links_to_bfld_crate_readme
    root_readme_mentions_bfld_acronym_and_full_name
    root_readme_cites_all_six_bfld_adrs (per-ADR substring check)
    root_readme_points_at_research_bundle
    root_readme_documents_three_structural_invariants_in_summary
      ("raw BFI never exits", "in-RAM-only", "cross-site" — three
       invariants surfaced in the short table summary)

ADR-124 status (iter step 0 sibling check):
- docs/adr/ADR-124-rvagent-mcp-ruvector-npm-integration.md unchanged
  at 431 lines. SENSE-BRIDGE scope remains orthogonal.

ACs progressed:
- Pre-merge checklist item #3 (CLAUDE.md) — root README updated to
  point at the new crate. Operator discovery path now reaches BFLD
  from the GitHub repo landing page in 1 click.
- ADR-118 §2.1 documentation surface — discovery path complete:
  GitHub README → crate README → operator examples → ADRs → research
  dossier. All hops covered by include_str + link tests.

Test config:
- cargo test --no-default-features → 101 passed (root_readme_link cfg-out)
- cargo test                       → 337 passed (332 + 5)

Out of scope (next iter target):
- Pre-merge checklist remaining: user-guide.md update (#6) if new CLI
  flags / setup steps, witness bundle regeneration (#8). External-
  resource-gated work (KIT BFId, Pi5/Nexmon) still skipped.

Co-Authored-By: claude-flow <ruv@ruv.net>
 		2026-05-24 20:07:03 -04:00
..
examples feat(adr-118/p6.13): examples/bfld_handle.rs worker-thread pattern (319/319 GREEN) 2026-05-24 19:52:59 -04:00
src feat(adr-118/p1.7): reserved-flag-bits forward-compat (243/243 GREEN) 2026-05-24 18:55:04 -04:00
tests docs(adr-118): root README Documentation table BFLD row (337/337 GREEN) 2026-05-24 20:07:03 -04:00
Cargo.toml docs(adr-118/p6.14): crate README.md + Cargo.toml readme field (327/327 GREEN) 2026-05-24 19:58:12 -04:00
README.md docs(adr-118/p6.14): crate README.md + Cargo.toml readme field (327/327 GREEN) 2026-05-24 19:58:12 -04:00

README.md

wifi-densepose-bfld

BFLD — Beamforming Feedback Layer for Detection. Privacy-gated WiFi sensing primitives derived from 802.11ac/ax Beamforming Feedback Information (BFI). See ADR-118 for the umbrella architecture decision and docs/research/BFLD/ for the full design dossier.

Three structural invariants

The crate enforces three privacy invariants structurally (via the type system + memory hygiene), not by policy text:

ID Invariant Enforced by
I1 Raw BFI never exits the node [Sink] marker-trait hierarchy + [PrivacyClass::Raw.allows_network() == false]
I2 Identity embedding is in-RAM-only [IdentityEmbedding] has no Serialize / Clone / Copy + Drop zeroizes storage
I3 Cross-site identity correlation is cryptographically impossible [SignatureHasher] per-site BLAKE3-keyed hash with daily epoch rotation

Quickstart

Minimal in-process consumer (see examples/bfld_minimal.rs):

use wifi_densepose_bfld::{
    BfldConfig, BfldPipeline, IdentityEmbedding, SensingInputs,
    SignatureHasher, EMBEDDING_DIM, SITE_SALT_LEN,
};

let mut pipeline = BfldPipeline::new(
    BfldConfig::new("seed-01")
        .with_signature_hasher(SignatureHasher::new([0xAB; SITE_SALT_LEN])),
);

let event = pipeline
    .process(
        SensingInputs { /* timestamp, presence, motion, ... */
            timestamp_ns: 1_700_000_000_000_000_000, presence: true,
            motion: 0.42, person_count: 1, sensing_confidence: 0.91,
            sep: 0.2, stab: 0.2, consist: 0.2, risk_conf: 0.2,
            rf_signature_hash: None,
        },
        Some(IdentityEmbedding::from_raw([0.05; EMBEDDING_DIM])),
    )
    .expect("low-risk emit");

println!("{}", event.to_json().unwrap());

Production worker-thread + HA-DISCO publishing (see examples/bfld_handle.rs):

use wifi_densepose_bfld::{
    publish_availability_online, publish_discovery, BfldConfig, BfldPipeline,
    BfldPipelineHandle, PipelineInput, PrivacyClass, SignatureHasher,
};

// Bootstrap: retained "online" + 6 retained HA-DISCO config payloads.
publish_availability_online(&mut publisher, "seed-01")?;
publish_discovery(&mut publisher, "seed-01", PrivacyClass::Anonymous)?;

// Spawn worker. Per-frame: handle.send(PipelineInput { inputs, embedding }).
let handle = BfldPipelineHandle::spawn(
    BfldPipeline::new(BfldConfig::new("seed-01")
        .with_signature_hasher(SignatureHasher::new(salt))),
    publisher,
);
handle.send(PipelineInput { inputs, embedding })?;

Feature flags

Feature Default Pulls in Enables
std (no extra deps) BfldFrame, BfldPayload, BfldPipeline, BfldPipelineHandle, BfldEvent, BfldEmitter, PrivacyGate, MQTT topic router, HA discovery
serde-json serde + serde_json BfldEvent::to_json(), custom rf_signature_hash: "blake3:<hex>" serializer, privacy_class string encoding
mqtt rumqttc 0.24 (use-rustls) RumqttPublisher, connect_with_lwt, live broker integration
soul-signature --features gate signaling Soul Signature deployment (ADR-118 §1.4, ADR-120 §2.7, ADR-121 §2.6)

Stripping to --no-default-features keeps the no_std-compatible core (BfldFrameHeader, PrivacyClass, Sink traits, CoherenceGate, SignatureHasher, IdentityEmbedding, EmbeddingRing, risk-score function + GateAction).

Examples

cargo run -p wifi-densepose-bfld --example bfld_minimal    # in-process consumer
cargo run -p wifi-densepose-bfld --example bfld_handle     # worker-thread + HA-DISCO

Companion artifacts

Path Purpose
docs/adr/ADR-118 through ADR-123 Architecture decisions
docs/research/BFLD/ 13,544-word design bundle (11 files)
v2/crates/cog-ha-matter/blueprints/bfld/ Three HA operator blueprints (presence-lighting, motion-HVAC, identity-risk-anomaly)
.github/workflows/bfld-mqtt-integration.yml CI matrix incl. live mosquitto Docker service

ADR cross-reference

ADR Scope
118 Umbrella + invariants I1/I2/I3
119 Wire format (86-byte header + payload sections + CRC-32/ISO-HDLC)
120 4 privacy classes + per-site keyed hash with daily rotation
121 Multiplicative risk score + coherence-gate hysteresis + Soul Signature exemption
122 HA-DISCO + Matter cluster boundary + MQTT topic routing
123 Pi 5 / Nexmon capture adapter + ESP32 self-only mode

Testing

cargo test -p wifi-densepose-bfld --no-default-features  # no_std-compatible core
cargo test -p wifi-densepose-bfld                        # default std + serde-json
cargo test -p wifi-densepose-bfld --features mqtt        # incl. rumqttc smoke

A BFLD_MQTT_BROKER=tcp://localhost:1883 env var unlocks the live-broker mosquitto_integration test suite (see tests/mosquitto_integration.rs).

License

MIT — same as the wifi-densepose workspace.