Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 0c01157

Browse files
ruvnetruvnet
committed
feat: ADR-032a midstreamer QUIC transport + secure TDM + temporal gesture + attractor drift
Integrate midstreamer ecosystem for QUIC-secured mesh transport and advanced signal analysis: QUIC Transport (hardware crate): - quic_transport.rs: SecurityMode (ManualCrypto/QuicTransport), FramedMessage wire format, connection management, fallback support (856 lines, 30 tests) - secure_tdm.rs: ReplayWindow, AuthenticatedBeacon (28-byte HMAC format), SecureTdmCoordinator with dual-mode security (994 lines, 20 tests) - transport_bench.rs: Criterion benchmarks (plain vs authenticated vs QUIC) Signal Analysis (signal crate): - temporal_gesture.rs: DTW/LCS/EditDistance gesture matching via midstreamer-temporal-compare, quantized feature comparison (517 lines, 13 tests) - attractor_drift.rs: Takens' theorem phase-space embedding, Lyapunov exponent classification (Stable/Periodic/Chaotic) via midstreamer-attractor (573 lines, 13 tests) ADR-032 updated with Section 6: QUIC Transport Layer (ADR-032a) README updated with CRV signal-line section, badge 1100+, ADR count 33 Dependencies: midstreamer-quic 0.1.0, midstreamer-scheduler 0.1.0, midstreamer-temporal-compare 0.1.0, midstreamer-attractor 0.1.0 Total: 3,136 new lines, 76 tests, 6 benchmarks Co-Authored-By: claude-flow <[email protected]>
1 parent 60e0e6d commit 0c01157

11 files changed

Lines changed: 3315 additions & 9 deletions

File tree

README.md

Lines changed: 50 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ WiFi DensePose turns commodity WiFi signals into real-time human pose estimation
66

77
[![Rust 1.85+](https://img.shields.io/badge/rust-1.85+-orange.svg)](https://www.rust-lang.org/)
88
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
9-
[![Tests: 1031+](https://img.shields.io/badge/tests-1031%2B-brightgreen.svg)](https://github.com/ruvnet/wifi-densepose)
9+
[![Tests: 1100+](https://img.shields.io/badge/tests-1100%2B-brightgreen.svg)](https://github.com/ruvnet/wifi-densepose)
1010
[![Docker: 132 MB](https://img.shields.io/badge/docker-132%20MB-blue.svg)](https://hub.docker.com/r/ruvnet/wifi-densepose)
1111
[![Vital Signs](https://img.shields.io/badge/vital%20signs-breathing%20%2B%20heartbeat-red.svg)](#vital-sign-detection)
1212
[![ESP32 Ready](https://img.shields.io/badge/ESP32--S3-CSI%20streaming-purple.svg)](#esp32-s3-hardware-pipeline)
@@ -49,7 +49,7 @@ docker run -p 3000:3000 ruvnet/wifi-densepose:latest
4949
| [User Guide](docs/user-guide.md) | Step-by-step guide: installation, first run, API usage, hardware setup, training |
5050
| [WiFi-Mat User Guide](docs/wifi-mat-user-guide.md) | Disaster response module: search & rescue, START triage |
5151
| [Build Guide](docs/build-guide.md) | Building from source (Rust and Python) |
52-
| [Architecture Decisions](docs/adr/) | 31 ADRs covering signal processing, training, hardware, security, domain generalization, multistatic sensing |
52+
| [Architecture Decisions](docs/adr/) | 33 ADRs covering signal processing, training, hardware, security, domain generalization, multistatic sensing, CRV signal-line integration |
5353
| [DDD Domain Model](docs/ddd/ruvsense-domain-model.md) | RuvSense bounded contexts, aggregates, domain events, and ubiquitous language |
5454

5555
---
@@ -80,6 +80,7 @@ The system learns on its own and gets smarter over time — no hand-tuning, no l
8080
| 🎯 | **AI Signal Processing** | Attention networks, graph algorithms, and smart compression replace hand-tuned thresholds — adapts to each room automatically ([RuVector](https://github.com/ruvnet/ruvector)) |
8181
| 🌍 | **Works Everywhere** | Train once, deploy in any room — adversarial domain generalization strips environment bias so models transfer across rooms, buildings, and hardware ([ADR-027](docs/adr/ADR-027-cross-environment-domain-generalization.md)) |
8282
| 👁️ | **Cross-Viewpoint Fusion** | Learned attention fuses multiple viewpoints with geometric bias — reduces body occlusion and depth ambiguity that physics prevents any single sensor from solving ([ADR-031](docs/adr/ADR-031-ruview-sensing-first-rf-mode.md)) |
83+
| 🔮 | **Signal-Line Protocol** | `ruvector-crv` 6-stage CRV pipeline maps CSI sensing to Poincare ball embeddings, GNN topology, SNN temporal encoding, and MinCut partitioning | -- |
8384

8485
### Performance & Deployment
8586

@@ -113,6 +114,8 @@ Signal Processing: Hampel, SpotFi, Fresnel, BVP, spectrogram → clean features
113114
114115
AI Backbone (RuVector): attention, graph algorithms, compression, field model
115116
117+
Signal-Line Protocol (CRV): 6-stage gestalt → sensory → topology → coherence → search → model
118+
116119
Neural Network: processed signals → 17 body keypoints + vital signs + room model
117120
118121
Output: real-time pose, breathing, heart rate, room fingerprint, drift alerts
@@ -463,6 +466,48 @@ See the ADR documents for full architectural details, GOAP integration plans, an
463466

464467
</details>
465468

469+
<details>
470+
<summary><b>🔮 Signal-Line Protocol (CRV)</b></summary>
471+
472+
### 6-Stage CSI Signal Line
473+
474+
Maps the CRV (Coordinate Remote Viewing) signal-line methodology to WiFi CSI processing via `ruvector-crv`:
475+
476+
| Stage | CRV Name | WiFi CSI Mapping | ruvector Component |
477+
|-------|----------|-----------------|-------------------|
478+
| I | Ideograms | Raw CSI gestalt (manmade/natural/movement/energy) | Poincare ball hyperbolic embeddings |
479+
| II | Sensory | Amplitude textures, phase patterns, frequency colors | Multi-head attention vectors |
480+
| III | Dimensional | AP mesh spatial topology, node geometry | GNN graph topology |
481+
| IV | Emotional/AOL | Coherence gating — signal vs noise separation | SNN temporal encoding |
482+
| V | Interrogation | Cross-stage probing — query pose against CSI history | Differentiable search |
483+
| VI | 3D Model | Composite person estimation, MinCut partitioning | Graph partitioning |
484+
485+
**Cross-Session Convergence**: When multiple AP clusters observe the same person, CRV convergence analysis finds agreement in their signal embeddings — directly mapping to cross-room identity continuity.
486+
487+
```rust
488+
use wifi_densepose_ruvector::crv::WifiCrvPipeline;
489+
490+
let mut pipeline = WifiCrvPipeline::new(WifiCrvConfig::default());
491+
pipeline.create_session("room-a", "person-001")?;
492+
493+
// Process CSI frames through 6-stage pipeline
494+
let result = pipeline.process_csi_frame("room-a", &amplitudes, &phases)?;
495+
// result.gestalt = Movement, confidence = 0.87
496+
// result.sensory_embedding = [0.12, -0.34, ...]
497+
498+
// Cross-room identity matching via convergence
499+
let convergence = pipeline.find_cross_room_convergence("person-001", 0.75)?;
500+
```
501+
502+
**Architecture**:
503+
- `CsiGestaltClassifier` — Maps CSI amplitude/phase patterns to 6 gestalt types
504+
- `CsiSensoryEncoder` — Extracts texture/color/temperature/luminosity features from subcarriers
505+
- `MeshTopologyEncoder` — Encodes AP mesh as GNN graph (Stage III)
506+
- `CoherenceAolDetector` — Maps coherence gate states to AOL noise detection (Stage IV)
507+
- `WifiCrvPipeline` — Orchestrates all 6 stages into unified sensing session
508+
509+
</details>
510+
466511
---
467512

468513
## 📦 Installation
@@ -1539,6 +1584,9 @@ Multistatic sensing, persistent field model, and cross-viewpoint fusion — the
15391584
- **TDM Hardware Protocol** — ESP32 sensing coordinator: sync beacons, slot scheduling, clock drift compensation (±10ppm), 20 Hz aggregate rate
15401585
- **Channel-Hopping Firmware** — ESP32 firmware extended with hop table, timer-driven channel switching, NDP injection stub; NVS config for all TDM parameters; fully backward-compatible
15411586
- **DDD Domain Model** — 6 bounded contexts, ubiquitous language, aggregate roots, domain events, full event bus specification
1587+
- **`ruvector-crv` 6-stage CRV signal-line integration (ADR-033)** — Maps Coordinate Remote Viewing methodology to WiFi CSI: gestalt classification, sensory encoding, GNN topology, SNN coherence gating, differentiable search, MinCut partitioning; cross-session convergence for multi-room identity continuity
1588+
- **ADR-032 multistatic mesh security hardening** — Bounded calibration buffers, atomic counters, division-by-zero guards, NaN-safe normalization across all multistatic modules
1589+
- **ADR-033 CRV signal-line sensing integration** — Architecture decision record for the 6-stage CRV pipeline mapping to ruvector components
15421590
- **9,000+ lines of new Rust code** across 17 modules with 300+ tests
15431591
- **Security hardened** — Bounded buffers, NaN guards, no panics in public APIs, input validation at all boundaries
15441592

docs/adr/ADR-032-multistatic-mesh-security-hardening.md

Lines changed: 89 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
| Field | Value |
44
|-------|-------|
5-
| **Status** | Proposed |
5+
| **Status** | Accepted |
66
| **Date** | 2026-03-01 |
77
| **Deciders** | ruv |
88
| **Relates to** | ADR-029 (RuvSense Multistatic), ADR-030 (Persistent Field Model), ADR-031 (RuView Sensing-First RF), ADR-018 (ESP32 Implementation), ADR-012 (ESP32 Mesh) |
@@ -403,23 +403,105 @@ Default: 1 (transitional, for backward compatibility during rollout)
403403

404404
---
405405

406-
## 6. Related ADRs
406+
## 6. QUIC Transport Layer (ADR-032a Amendment)
407+
408+
### 6.1 Motivation
409+
410+
The original ADR-032 design (Sections 2.1--2.2) uses manual HMAC-SHA256 and SipHash-2-4 over plain UDP. While correct and efficient on constrained ESP32 hardware, this approach has operational drawbacks:
411+
412+
- **Manual key rotation**: Requires custom key exchange protocol and coordinator broadcast.
413+
- **No congestion control**: Plain UDP has no backpressure; burst CSI traffic can overwhelm the aggregator.
414+
- **No connection migration**: Node roaming (e.g., repositioning an ESP32) requires manual reconnect.
415+
- **Duplicate replay-window code**: Custom nonce tracking duplicates QUIC's built-in replay protection.
416+
417+
### 6.2 Decision: Adopt `midstreamer-quic` for Aggregator Uplinks
418+
419+
For aggregator-class nodes (Raspberry Pi, x86 gateway) that have sufficient CPU and memory, replace the manual crypto layer with `midstreamer-quic` v0.1.0, which provides:
420+
421+
| Capability | Manual (ADR-032 original) | QUIC (`midstreamer-quic`) |
422+
|---|---|---|
423+
| Authentication | HMAC-SHA256 truncated 8B | TLS 1.3 AEAD (AES-128-GCM) |
424+
| Frame integrity | SipHash-2-4 tag | QUIC packet-level AEAD |
425+
| Replay protection | Manual nonce + window | QUIC packet numbers (monotonic) |
426+
| Key rotation | Custom coordinator broadcast | TLS 1.3 `KeyUpdate` message |
427+
| Congestion control | None | QUIC cubic/BBR |
428+
| Connection migration | Not supported | QUIC connection ID migration |
429+
| Multi-stream | N/A | QUIC streams (beacon, CSI, control) |
430+
431+
**Constrained devices (ESP32-S3) retain the manual crypto path** from Sections 2.1--2.2 as a fallback. The `SecurityMode` enum selects the transport:
432+
433+
```rust
434+
pub enum SecurityMode {
435+
/// Manual HMAC/SipHash over plain UDP (ESP32-S3, ADR-032 original).
436+
ManualCrypto,
437+
/// QUIC transport with TLS 1.3 (aggregator-class nodes).
438+
QuicTransport,
439+
}
440+
```
441+
442+
### 6.3 QUIC Stream Mapping
443+
444+
Three dedicated QUIC streams separate traffic by priority:
445+
446+
| Stream ID | Purpose | Direction | Priority |
447+
|---|---|---|---|
448+
| 0 | Sync beacons | Coordinator -> Nodes | Highest (TDM timing-critical) |
449+
| 1 | CSI frames | Nodes -> Aggregator | High (sensing data) |
450+
| 2 | Control plane | Bidirectional | Normal (config, key rotation, health) |
451+
452+
### 6.4 Additional Midstreamer Integrations
453+
454+
Beyond QUIC transport, three additional midstreamer crates enhance the sensing pipeline:
455+
456+
1. **`midstreamer-scheduler` v0.1.0** -- Replaces manual timer-based TDM slot scheduling with an ultra-low-latency real-time task scheduler. Provides deterministic slot firing with sub-microsecond jitter.
457+
458+
2. **`midstreamer-temporal-compare` v0.1.0** -- Enhances gesture DTW matching (ADR-030 Tier 6) with temporal sequence comparison primitives. Provides optimized Sakoe-Chiba band DTW, LCS, and edit-distance kernels.
459+
460+
3. **`midstreamer-attractor` v0.1.0** -- Enhances longitudinal drift detection (ADR-030 Tier 4) with dynamical systems analysis. Detects phase-space attractor shifts that indicate biomechanical regime changes before they manifest as simple metric drift.
461+
462+
### 6.5 Fallback Strategy
463+
464+
The QUIC transport layer is additive, not a replacement:
465+
466+
- **ESP32-S3 nodes**: Continue using manual HMAC/SipHash over UDP (Sections 2.1--2.2). These devices lack the memory for a full TLS 1.3 stack.
467+
- **Aggregator nodes**: Use `midstreamer-quic` by default. Fall back to manual crypto if QUIC handshake fails (e.g., network partitions).
468+
- **Mixed deployments**: The aggregator auto-detects whether an incoming connection is QUIC (by TLS ClientHello) or plain UDP (by magic byte) and routes accordingly.
469+
470+
### 6.6 Acceptance Criteria (QUIC)
471+
472+
| ID | Criterion | Test Method |
473+
|----|-----------|-------------|
474+
| Q-1 | QUIC connection established between two nodes within 100ms | Integration test: connect, measure handshake time |
475+
| Q-2 | Beacon stream delivers beacons with < 1ms jitter | Unit test: send 1000 beacons, measure inter-arrival variance |
476+
| Q-3 | CSI stream achieves >= 95% of plain UDP throughput | Benchmark: criterion comparison |
477+
| Q-4 | Connection migration succeeds after simulated IP change | Integration test: rebind, verify stream continuity |
478+
| Q-5 | Fallback to manual crypto when QUIC unavailable | Unit test: reject QUIC, verify ManualCrypto path |
479+
| Q-6 | SecurityMode::ManualCrypto produces identical wire format to ADR-032 original | Unit test: byte-level comparison |
480+
481+
---
482+
483+
## 7. Related ADRs
407484

408485
| ADR | Relationship |
409486
|-----|-------------|
410-
| ADR-029 (RuvSense Multistatic) | **Hardened**: TDM beacon and CSI frame authentication, NDP rate limiting |
411-
| ADR-030 (Persistent Field Model) | **Protected**: Coherence gate timeout prevents indefinite recalibration; transition log bounded |
412-
| ADR-031 (RuView RF Mode) | **Hardened**: Authenticated beacons protect cross-viewpoint synchronization |
487+
| ADR-029 (RuvSense Multistatic) | **Hardened**: TDM beacon and CSI frame authentication, NDP rate limiting, QUIC transport |
488+
| ADR-030 (Persistent Field Model) | **Protected**: Coherence gate timeout; transition log bounded; gesture DTW enhanced (midstreamer-temporal-compare); drift detection enhanced (midstreamer-attractor) |
489+
| ADR-031 (RuView RF Mode) | **Hardened**: Authenticated beacons protect cross-viewpoint synchronization via QUIC streams |
413490
| ADR-018 (ESP32 Implementation) | **Extended**: CSI frame header bumped to v2 with SipHash tag; backward-compatible magic check |
414-
| ADR-012 (ESP32 Mesh) | **Hardened**: Mesh key management, NVS credential zeroing, atomic firmware state |
491+
| ADR-012 (ESP32 Mesh) | **Hardened**: Mesh key management, NVS credential zeroing, atomic firmware state, QUIC connection migration |
415492

416493
---
417494

418-
## 7. References
495+
## 8. References
419496

420497
1. Aumasson, J.-P. & Bernstein, D.J. (2012). "SipHash: a fast short-input PRF." INDOCRYPT 2012.
421498
2. Krawczyk, H. et al. (1997). "HMAC: Keyed-Hashing for Message Authentication." RFC 2104.
422499
3. ESP-IDF mbedtls SHA256 hardware acceleration. Espressif Documentation.
423500
4. Espressif. "ESP32-S3 Technical Reference Manual." Section 26: SHA Accelerator.
424501
5. Turner, J. (2006). "Token Bucket Rate Limiting." RFC 2697 (adapted).
425502
6. ADR-029 through ADR-031 (internal).
503+
7. `midstreamer-quic` v0.1.0 -- QUIC multi-stream support. crates.io.
504+
8. `midstreamer-scheduler` v0.1.0 -- Ultra-low-latency real-time task scheduler. crates.io.
505+
9. `midstreamer-temporal-compare` v0.1.0 -- Temporal sequence comparison. crates.io.
506+
10. `midstreamer-attractor` v0.1.0 -- Dynamical systems analysis. crates.io.
507+
11. Iyengar, J. & Thomson, M. (2021). "QUIC: A UDP-Based Multiplexed and Secure Transport." RFC 9000.

rust-port/wifi-densepose-rs/crates/wifi-densepose-hardware/Cargo.toml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,5 +36,18 @@ tracing = "0.1"
3636
serde = { version = "1.0", features = ["derive"] }
3737
serde_json = "1.0"
3838

39+
# QUIC transport (ADR-032a)
40+
midstreamer-quic = { workspace = true }
41+
# Real-time TDM scheduling (ADR-032a)
42+
midstreamer-scheduler = { workspace = true }
43+
# Async runtime
44+
tokio = { workspace = true }
45+
3946
[dev-dependencies]
4047
approx = "0.5"
48+
criterion = { version = "0.5", features = ["html_reports"] }
49+
tokio = { workspace = true }
50+
51+
[[bench]]
52+
name = "transport_bench"
53+
harness = false

0 commit comments

Comments
 (0)