[no description] https://upleb.uk/npub12m5exm2uk3xa674cc5r0hlyvccs5xxn7qv83ezuteefv5972nquq4j4szl/esp32-tollgate/atom?h=feature%2Ftollgate-core-component 2026-05-19T17:28:01+00:00 2026-05-19T17:28:01+00:00 Your Name you@example.com 2026-05-19T17:28:01+00:00 urn:sha1:144b48f53110d4c186f5deafd1d1365e0a140331 - Remove max_open_sockets=2 override from both httpd servers (use ESP-IDF default of 4) - Increase LWIP_MAX_SOCKETS from 16 to 20 (matching standalone tollgate) - The previous custom tuning (max_open_sockets=2, keep_alive_enable=false, linger_timeout=0) caused socket leaks by interfering with ESP-IDF's internal session management - Verified: 50/50 sequential requests pass, full payment flow works 2026-05-19T15:03:37+00:00 Your Name you@example.com 2026-05-19T15:03:37+00:00 urn:sha1:918432128df5797045dc27407d30851a60c1a69f 2026-05-19T15:03:03+00:00 Your Name you@example.com 2026-05-19T14:25:33+00:00 urn:sha1:c89ab319fd520c9914b015264a26b581e2103954 Root causes discovered: - RC-0: LWIP socket exhaustion (CONFIG_LWIP_MAX_SOCKETS=10, need 14) - Two HTTP servers (5 sockets each) + DNS + DoT + wifistr WS = 14 > 10 - Fix: increase to 16, reduce max_open_sockets to 2 on both servers - RC-1: Port 80 captive portal crashes under load - Fix: Connection: close on all handlers, stack 16384 - RC-2: Owner auto-grant makes tests non-deterministic - Fix: remove tollgate_core_fw_grant() from client_connected() Also adds: - /grant_access and /reset_authentication on API server (port 2121) - /portal-config endpoint for future JS-based portal config - Error-checked URI handler registration - Connection: close on captive portal handlers E2E test fixes: - dig +short instead of nslookup for DNS checks - port 2121 for grant/reset/usage/whoami in all tests - pre-mint tokens before blocking internet - increased timeouts and sleeps for reliability 2026-05-18T21:44:53+00:00 Your Name you@example.com 2026-05-18T21:44:53+00:00 urn:sha1:08d7df158acf92399acdbb8a527620a6b1a94f16 Parse wifi_auth_mode from config.json to set STA auth threshold. Defaults to WPA2-PSK (fixes reason=211 with WPA2-only routers). SPIFFS generated by Makefile auto-detects WPA2/WPA3 from host scan. Root cause: config.c hardcoded WIFI_AUTH_WPA3_PSK threshold, making WPA2-only APs invisible during ESP32 scan (reason=211 NO_AP_FOUND). With this fix, STA connects to WPA2 upstream and Cashu payment verification works end-to-end. 2026-05-18T21:39:57+00:00 Your Name you@example.com 2026-05-18T21:39:57+00:00 urn:sha1:d9ce038191ff2262356f67147553048357040701 flash-a and flash-b now require lock-a/lock-b to be held before flashing. Prevents cross-session hardware conflicts when multiple LLM agents share the same ESP32 boards. Lock infrastructure matches main repo and price-discovery worktrees: - HARDWARE_LOCK_DIR = physical-router-test-automation/locks - require_lock_a/require_lock_b macros - lock-a/lock-b/unlock-a/unlock-b/force-unlock-a/force-unlock-b/lock-status targets 2026-05-18T20:31:58+00:00 Your Name you@example.com 2026-05-18T20:31:58+00:00 urn:sha1:49f3b4aebff089991a04da370b8e343f8bcfe7ca - Start services after 30s timeout if STA never connects (reason=211) - Set AP channel to 10 for APSTA overlap with upstream router - Add upstream WiFi credentials in default config - Log WiFi disconnect reason code for debugging - Previously: remove stop_services() on STA disconnect 2026-05-18T18:20:55+00:00 Your Name you@example.com 2026-05-18T18:20:55+00:00 urn:sha1:56f30ca866613c94e6a83bc1c21bee0eb38c5b39 Services (API server on 2121, captive portal on 80, DNS hijack, firewall) should stay running even when STA WiFi disconnects. Previously, every STA disconnect would tear down all services, making the board unreachable on its own AP. Also set default wifi_networks to empty since upstream WiFi config should be provisioned, not hardcoded. 2026-05-18T14:25:01+00:00 Your Name you@example.com 2026-05-18T14:25:01+00:00 urn:sha1:f8a5cffd3fe9d07de52e1688bda9b2975adbb74d 2026-05-18T13:50:35+00:00 Your Name you@example.com 2026-05-18T13:50:35+00:00 urn:sha1:c8c68dcc0dc4b897519105faec64994e820af0c2 - Remove display/cvm/font deps from CMakeLists (not yet merged branches) - Add tollgate_platform.h include to session header - Add tollgate_core_session_set_platform declaration - Remove duplicate tollgate_core_dns_stop wrapper (dns module has own impl) - Update captive_portal.c to use tollgate_core_* API - Remove display/cvm calls from tollgate_main.c - Add tollgate_get_platform declaration to config.h - Fix nucula wallet.hpp submodule (save_proofs visibility) - Add tollgate_core include paths to test Makefile - Build passes, all unit tests pass (61/61) 2026-05-18T13:20:20+00:00 Your Name you@example.com 2026-05-18T13:20:20+00:00 urn:sha1:f6369f5b87f5dab17a03315d82454fdcdd668ec9 Extract shared TollGate business logic into a reusable ESP-IDF component that can be consumed by esp-miner via the IDF Component Manager. Component structure: components/tollgate_core/ include/tollgate_core.h — public API include/tollgate_platform.h — platform interface (config callbacks) src/tollgate_core.c — orchestrator (init, payment, tick, owner) src/tollgate_core_cashu.c/h — Cashu V3 token decode/verify src/tollgate_core_dns.c/h — per-client DNS hijack/forward src/tollgate_core_firewall.c/h — per-client NAT filter src/tollgate_core_session.c/h — session lifecycle Key design decisions: - Platform interface pattern: consumers implement tollgate_platform_t (config getters + optional spend_proofs wallet hook) - Cross-module wiring (session→firewall→dns) stays internal - No direct config.h dependency — all config via platform callbacks - spend_proofs can be NULL (accepts payment without local wallet) Standalone app updated: - main/tollgate_platform.c implements platform via config singleton - main/tollgate_main.c calls tollgate_core_init/tick/dns_start - main/tollgate_api.c routes payment through tollgate_core_process_payment - Removed cashu.c, dns_server.c, firewall.c, session.c from CMakeLists Not yet build-verified — blocked on multi-mint, price-discovery, cvm-integration, and display-fix branches merging to master.