Skip to content

feat: add packet authenticity policy setting#1261

Draft
RCGV1 wants to merge 2 commits into
meshtastic:mainfrom
RCGV1:codex/packet-auth-policy
Draft

feat: add packet authenticity policy setting#1261
RCGV1 wants to merge 2 commits into
meshtastic:mainfrom
RCGV1:codex/packet-auth-policy

Conversation

@RCGV1

@RCGV1 RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member

Summary

Adds the Packet authenticity selector to Security settings for firmware that reports XEdDSA support.

The selector exposes the design-aligned receive policies in explicit product order:

  • Compatible — verify signatures when present and accept unsigned traffic
  • Balanced — protect known signing broadcasters from unsigned downgrade while retaining legacy interoperability
  • Strict — accept only XEdDSA-verified or PKI-authenticated decryptable remote traffic

Strict requires an explicit confirmation explaining that legacy unsigned nodes disappear and that authentication does not prove the truth or freshness of content such as positions.

Implementation

  • adds the protobuf enum and has_xeddsa capability to the local generated SDK surface pending protobuf publication
  • gates the control on both an active/configured connection and reported firmware capability
  • cancels an in-flight Strict confirmation if the device disconnects or capability disappears
  • preserves all three enum values through config read, form state, payload conversion, and setRadioSection("security", ...)
  • adds localized English copy and accessible confirmation behavior

Validation

  • 19 focused Security tests pass
  • oxlint passes for the changed TypeScript files
  • oxfmt passes for the changed TypeScript and localization files
  • full workspace typecheck reaches only existing SDK preview / ErrorBoundary incompatibilities; it reports no errors in the changed Security files
  • independent focused review approved the connection race, persistence path, copy, and repository hygiene

Hardware-connected browser verification is intentionally pending, so this PR remains a draft.

Depends on meshtastic/protobufs#983.

Closes #1260
Design: meshtastic/design#121

Summary by CodeRabbit

  • New Features
    • Added packet authenticity policy controls to Security settings (Compatible, Balanced, Strict), including detailed descriptions.
    • Introduced a Strict-mode confirmation dialog with user-facing explanatory copy.
    • Added UI availability handling based on device capability, plus new localized strings for the Strict dialog and labels.
  • Bug Fixes
    • Improved persistence and end-to-end mapping of the selected packet authenticity policy through config validation and updates.
  • Tests
    • Added coverage for policy ordering/labels, default behavior, validation, capability gating, and Strict-mode confirmation flows.

@vercel

vercel Bot commented Jul 10, 2026

Copy link
Copy Markdown

@RCGV1 is attempting to deploy a commit to the Meshtastic Team on Vercel.

A member of the Team first needs to authorize it.

@RCGV1

RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown

Review Change Stack

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 36bc0429-7cd7-4cc9-8063-5107b8d40613

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

Adds configurable packet authenticity policies to the protobuf schema, security validation and persistence flow, and web settings UI. The UI supports capability gating, translated policy descriptions, strict-mode confirmation, and associated component, hook, schema, and persistence tests.

Changes

Packet Authenticity Configuration

Layer / File(s) Summary
Protocol and capability contract
packages/protobufs/meshtastic/config.proto, packages/protobufs/meshtastic/mesh.proto, packages/sdk/package.json, apps/web/src/components/generic/Filter/useFilterNode.test.ts
Adds packet policies, an XEdDSA capability field, workspace protobuf consumption, and updated node fixtures.
Security schema and persistence
apps/web/src/validation/config/security.*, apps/web/src/components/PageComponents/Settings/Security/Security.*
Validates packet policies, maps them between form and protobuf shapes, preserves values during submission, and tests all enum values.
Policy selector and option presentation
apps/web/src/components/Form/FormSelect.tsx, apps/web/src/components/PageComponents/Settings/Security/PacketAuthenticityPolicyField.*, apps/web/public/i18n/locales/en/config.json
Adds translated policy labels and descriptions, capability-based disabling, and reusable per-option display labels.
Strict confirmation flow
apps/web/src/components/PageComponents/Settings/Security/usePacketAuthenticityConfirmation.*, PacketAuthenticityStrictDialog.*, apps/web/public/i18n/locales/en/dialog.json, Security.tsx
Requires confirmation for Strict selection and handles cancellation when capability becomes unavailable.

Estimated code review effort: 4 (Complex) | ~45 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Security
  participant PacketAuthenticityPolicyField
  participant usePacketAuthenticityConfirmation
  participant PacketAuthenticityStrictDialog
  Security->>PacketAuthenticityPolicyField: Render policy selector and capability state
  PacketAuthenticityPolicyField->>usePacketAuthenticityConfirmation: Validate selected policy
  usePacketAuthenticityConfirmation->>PacketAuthenticityStrictDialog: Open dialog for STRICT
  PacketAuthenticityStrictDialog-->>usePacketAuthenticityConfirmation: Confirm or cancel selection
  usePacketAuthenticityConfirmation-->>PacketAuthenticityPolicyField: Resolve policy validation
  PacketAuthenticityPolicyField-->>Security: Submit selected packet signature policy
Loading

Possibly related issues

  • meshtastic/protobufs#982 — Adds the same packet-signature policy schema represented in this change.
  • meshtastic/firmware#10963 — Covers the corresponding firmware policy behavior consumed by this configuration flow.
  • meshtastic/design#121 — Describes the selector, capability gating, and persistence implemented here.
  • meshtastic/Meshtastic-Apple#2065 — Covers corresponding cross-client policy configuration behavior.
  • meshtastic/Meshtastic-Android#6176 — Covers equivalent policy mapping and confirmation handling.
  • meshtastic/device-ui#340 — Covers corresponding device UI policy configuration.

Poem

A rabbit hops through settings bright,
Three shielded paths now guide the night.
Strict asks twice before it springs,
Signed packets dance on whiskered wings.
Balanced keeps the mesh just right.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title is concise and accurately summarizes the main change: adding a packet authenticity policy setting.
Description check ✅ Passed The description is mostly complete and covers the feature, implementation, validation, and issue references.
Linked Issues check ✅ Passed The PR implements the packet authenticity control, all three policies, Balanced defaults, capability gating, Strict confirmation, and the required tests.
Out of Scope Changes check ✅ Passed The changes stay focused on the packet authenticity feature and its supporting protobuf, UI, validation, and test updates.

Comment @coderabbitai help to get the list of available commands.

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (1)
apps/web/src/components/PageComponents/Settings/Security/usePacketAuthenticityConfirmation.ts (1)

3-3: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Consider sourcing STRICT_POLICY_KEY from the shared enum rather than a private literal.

This string must stay in sync with whatever key format the policy selector/schema uses for the Strict value. Importing it from the protobuf-generated enum (or a shared constants module) would prevent silent drift if the source enum naming changes.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@apps/web/src/components/PageComponents/Settings/Security/usePacketAuthenticityConfirmation.ts`
at line 3, The private literal used by STRICT_POLICY_KEY can drift from the
policy selector’s canonical Strict value. Replace it with the corresponding
protobuf-generated enum member or shared constant, update imports as needed, and
keep consumers of STRICT_POLICY_KEY unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@apps/web/public/i18n/locales/en/dialog.json`:
- Around line 32-36: Update the packetAuthenticityStrict description in
dialog.json to retain the existing disappearing-node warning and explicitly add
that PKI-encrypted direct messages are outside this broadcast policy, while
authentication does not prove the content is truthful or fresh.

In `@packages/protobufs/meshtastic/mesh.proto`:
- Around line 2678-2683: Resolve the unused protobuf tag gap in DeviceMetadata:
either renumber has_xeddsa to field 13 if available, or explicitly declare tag
13 as reserved when it must remain unused.

---

Nitpick comments:
In
`@apps/web/src/components/PageComponents/Settings/Security/usePacketAuthenticityConfirmation.ts`:
- Line 3: The private literal used by STRICT_POLICY_KEY can drift from the
policy selector’s canonical Strict value. Replace it with the corresponding
protobuf-generated enum member or shared constant, update imports as needed, and
keep consumers of STRICT_POLICY_KEY unchanged.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 4ee48395-07c0-4f1f-b35c-fdfeb1390a2e

📥 Commits

Reviewing files that changed from the base of the PR and between a7f7e8f and 323ec42.

⛔ Files ignored due to path filters (3)
  • packages/protobufs/packages/ts/dist/meshtastic/config_pb.ts is excluded by !**/dist/**
  • packages/protobufs/packages/ts/dist/meshtastic/mesh_pb.ts is excluded by !**/dist/**
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (17)
  • apps/web/public/i18n/locales/en/config.json
  • apps/web/public/i18n/locales/en/dialog.json
  • apps/web/src/components/Form/FormSelect.tsx
  • apps/web/src/components/PageComponents/Settings/Security/PacketAuthenticityPolicyField.test.tsx
  • apps/web/src/components/PageComponents/Settings/Security/PacketAuthenticityPolicyField.tsx
  • apps/web/src/components/PageComponents/Settings/Security/PacketAuthenticityStrictDialog.test.tsx
  • apps/web/src/components/PageComponents/Settings/Security/PacketAuthenticityStrictDialog.tsx
  • apps/web/src/components/PageComponents/Settings/Security/Security.test.ts
  • apps/web/src/components/PageComponents/Settings/Security/Security.tsx
  • apps/web/src/components/PageComponents/Settings/Security/usePacketAuthenticityConfirmation.test.tsx
  • apps/web/src/components/PageComponents/Settings/Security/usePacketAuthenticityConfirmation.ts
  • apps/web/src/components/generic/Filter/useFilterNode.test.ts
  • apps/web/src/validation/config/security.test.ts
  • apps/web/src/validation/config/security.ts
  • packages/protobufs/meshtastic/config.proto
  • packages/protobufs/meshtastic/mesh.proto
  • packages/sdk/package.json

Comment thread apps/web/public/i18n/locales/en/dialog.json
Comment thread packages/protobufs/meshtastic/mesh.proto
@RCGV1 RCGV1 force-pushed the codex/packet-auth-policy branch from 323ec42 to edf4cca Compare July 10, 2026 00:18
@RCGV1

RCGV1 commented Jul 10, 2026

Copy link
Copy Markdown
Member Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[2.8.0] Configure packet authenticity policy

1 participant