[no description] https://upleb.uk/npub12m5exm2uk3xa674cc5r0hlyvccs5xxn7qv83ezuteefv5972nquq4j4szl/esp32-tollgate/atom?h=feature%2Fcvm-integration 2026-05-18T18:09:04+00:00 2026-05-18T18:09:04+00:00 Your Name you@example.com 2026-05-18T18:09:04+00:00 urn:sha1:2cd372cc10b9ce3f557159d6c1fd77acb150a4eb - Increase TLS read timeout from 15s to 60s (reduces disconnect frequency) - Add WS ping/pong keepalive every 30s + respond to relay pings - Clean up debug logging (Sending WS response → DEBUG level) - Document Board A hardware WiFi issue in AGENTS.md MCP tools verified via relay.primal.net on Board B: - initialize (id=100): PASS — protocol=2025-07-02, name=TollGate - tools/list (id=101): PASS — processed by board - get_config (id=102): PASS (verified in earlier session) - get_balance (id=103): PASS — balance_sats=0, proof_count=0 - set_price (id=106): PASS — price_per_step updated to 42 282 unit tests passing 2026-05-18T17:51:06+00:00 Your Name you@example.com 2026-05-18T17:51:06+00:00 urn:sha1:a11a466d0d1f0b96c1dbaa452a45a3d65009b30c 2026-05-18T15:11:16+00:00 Your Name you@example.com 2026-05-18T15:11:16+00:00 urn:sha1:7344b1b50bcb3e1fc24b164cd601dd7cbce582c1 - Add esp_wifi_set_country_code('DE') before WiFi start for EU regulatory compliance - Add 2s delay between WiFi auth retries to avoid AP rate limiting - Update AGENTS.md with CVM modules, board C, per-board locks, WiFi notes - Update CHECKLIST.md with Phase 7b completion, 7c integration progress - Update PLAN.md with test cases 53-73, WiFi country code findings - Update Makefile port defaults (A=ACM0, B=ACM1) - Board B connects to WiFi successfully with these fixes - Board A has hardware WiFi issue (auth fails on all APs) 2026-05-17T22:07:27+00:00 Your Name you@example.com 2026-05-17T22:07:27+00:00 urn:sha1:8a2f7a6c9423e0c00fae3c1233bee9e0bb3ae239 - Full CVM server: persistent WS relay listener, kind 25910 subscription - MCP protocol handlers: initialize, tools/list, tools/call, ping - 10 MCP tools: get_config, set_config, get_balance, wallet_send, get_sessions, get_usage, set_payout, set_metric, set_price, wallet_melt - CEP-6 announcements via WS (kinds 11316, 11317, 10002) - Auth check: owner npub only - Fix: WebSocket client-to-server frame masking (RFC 6455 requirement) - Fix: Raw event JSON in EVENT wrapper (no re-parsing that breaks sig) - SNTP init after STA gets IP - 282 unit tests passing (61 CVM + 60 MCP handler + 161 existing) - Integration test scaffold: tests/integration/test-cvm.mjs 2026-05-17T11:09:31+00:00 Your Name you@example.com 2026-05-17T11:09:31+00:00 urn:sha1:0c2c67b463d6a90aaa0bb69bf3c91dba1d9ec3ec - Add lwip_tollgate_hooks.h defining LWIP_HOOK_IP4_CANFORWARD macro - Inject hook into lwIP build via CMakeLists.txt ESP_IDF_LWIP_HOOK_FILENAME - Filter forwarded packets by source IP against firewall allowed list - Only filter packets from AP subnet (10.192.45.0/24), allow all others - Fix byte order bug: use network byte order for firewall_is_client_allowed - NAT always enabled, removed global NAT toggle functions - Remove spent-secret tracking from session.c (mint is authority) - Remove unused get_ap_netif() function - Reduce API server stack from 32KB to 16KB (fixes ESP_ERR_HTTPD_TASK) - Add esp_random.h stub for unit tests - All 186 unit tests passing - Verified on hardware: block->pay->allow->revoke->block E2E works 2026-05-16T22:51:39+00:00 Your Name you@example.com 2026-05-16T22:51:39+00:00 urn:sha1:78dd599277b8e8b2ddc39a4ae710ec91d737272e - New tollgate_client.c/h: detect upstream TollGate (kind=10021), auto-pay via nucula wallet, session monitoring with 20% renewal - State machine: IDLE→DETECTING→NEEDS_PAY→PAYING→PAID→RENEWING - Blocking: upstream payment before local services start - Synchronous wallet init (was async task) - Client config: enabled, steps_to_buy, renewal_threshold_pct - Updated PLAN.md with Phases 4-7 (client, payout, bytes, CVM) - Updated CHECKLIST.md with all new phase items - 30 new unit tests (all passing), 116 total 2026-05-16T20:01:49+00:00 Your Name you@example.com 2026-05-16T20:01:49+00:00 urn:sha1:347d29658959c7e4b368a15134c183f4ce7a25bc - Add AGENTS.md: full project context + mandatory testing rules for AI sessions - Add tests/unit/ with host-compiled C unit test infrastructure - Clean stubs approach: ESP-IDF type stubs in tests/unit/stubs/, no source modifications - Fix geohash.c bit extraction bug (3-byte span) found by unit tests - test_geohash: 11/11 passing with reference vectors (Munich, NYC, origin, boundaries) 2026-05-16T18:25:05+00:00 Your Name you@example.com 2026-05-16T18:25:05+00:00 urn:sha1:4c47ae188b288e7d24bd9566ab3e6a6805d9484f - Add identity.c/h: HMAC-SHA512 derivation from nsec → npub, STA/AP MAC, SSID, AP IP - Add nostr_event.c/h: NIP-01 event serialization + Schnorr signing (BIP-340) - Add geohash.c/h: lat/lon to geohash encoding - Add wifistr.c/h: kind 38787 event builder + WebSocket publish to Nostr relays - Update config.c/h: nsec-based identity, Nostr relay/geo config, remove static SSID/IP - Replace custom mbedTLS wallet with nucula library (libsecp256k1) - Remove wallet.c/h, wallet_persist.c/h (replaced by nucula_lib component) - Verified on Board A: derived SSID, captive portal, payment, wallet, wifistr publish 2026-05-16T10:02:55+00:00 Your Name you@example.com 2026-05-16T10:02:55+00:00 urn:sha1:133e40c82afb4d7659758b1fa57925ac57af4621 - wallet.c/h: secp256k1 ECP primitives (hash_to_curve, scalar_mul, point_add) - wallet_persist.c/h: SPIFFS persistence with threshold-based write protection - Fee accounting for swap (input_fee_ppk from /v1/keysets) - Keyset fetch via /v1/keysets (586 bytes vs 21KB for /v1/keys) - Wallet API: GET /wallet, POST /wallet/swap, POST /wallet/send - Payment proofs auto-stored to wallet + persisted on SPIFFS - PSRAM enabled for large allocations (ESP32-S3 has 8MB) - Wallet init deferred to dedicated task (avoids sys_evt stack overflow) - Cashu proof ID buffer size fixed (66 hex chars, not 16) - HTTP client: added fetch_headers() call for proper response handling - persist_threshold_sats config parameter (default: 1 sat) 2026-05-16T06:26:43+00:00 Your Name you@example.com 2026-05-16T06:26:43+00:00 urn:sha1:38aa9ec3801f5895e09866fe92cb8e44fb987cee - Derive unique SSID (TollGate-{MAC4}{MAC5}) and AP IP (10.{b5}.{subnet}.1) from factory MAC — boards no longer conflict - Board A: TollGate-377C @ 10.55.85.1, Board B: TollGate-5050 @ 10.80.10.1 - Captive portal detection URIs return 200 with portal HTML (matching esp32-mesh working approach) instead of 302 redirect - Dynamic AP IP in portal HTML via __AP_IP__ template substitution - Supported mints section in portal page (shows mint URL, tap to copy) - Fixed mint URL to testnut.cashu.space (was stale in SPIFFS) - DoT reject server on port 853 for DNS-over-TLS fallback - DNS hijack: NXDOMAIN for all non-A queries, no forwarding for unauthed - Playwright tests updated for 200 response on detection URIs - Phase 2 test suite: 20/21 pass (test 22 expiry ping route issue) - Tests 25-27 deferred to Phase 3 (Board B as second client)