upleb.uk

Public git repos — served from a NIP-34 GRASP relay at git.upleb.uk

summaryrefslogtreecommitdiff
path: root/CHECKLIST.md
diff options
context:
space:
mode:
authorYour Name <you@example.com>2026-05-15 22:27:14 +0530
committerYour Name <you@example.com>2026-05-15 22:27:14 +0530
commit1263d86314fc0760d9be8eea415ccecbc047a5eb (patch)
tree778130f0beb59d52f68e0e5f11388bf4b1470130 /CHECKLIST.md
parenta7d0a672d59bf8985a6fc0e61b49015fabd96513 (diff)
Phase 2 WIP: Cashu payment endpoints, session tracking, updated checklist
- Add cashu.c/h: Cashu token decode (cashuA/base64url), proof state check via mint API, allotment calculator - Add session.c/h: time-based session management with allotment/expiry, spent secret tracking - Add tollgate_api.c/h: HTTP server on :2121 with GET / (kind=10021 discovery), POST / (payment processing), /usage, /whoami - Update captive portal HTML: replace Grant Free Access with Cashu token paste form + Pay & Connect button - Update tollgate_main.c: wire in session manager, TollGate API, 1s session tick loop - Add tests/phase2.mjs: Phase 2 test suite (discovery, invalid token, wrong mint, valid payment) - Update CHECKLIST.md: reflect Phase 1 complete, Phase 2 in progress with known bugs Known issues (not yet flashed): - Stack overflow crash in httpd POST handler (need stack_size=16384 + heap allocations) - cashu_decode_token uses 2KB stack buffer (needs heap alloc) - Mint URL should be testnut.cashu.space (nofee.testnut has API compat issues)
Diffstat (limited to 'CHECKLIST.md')
-rw-r--r--CHECKLIST.md89
1 files changed, 53 insertions, 36 deletions
diff --git a/CHECKLIST.md b/CHECKLIST.md
index e5f99a9..fe5894f 100644
--- a/CHECKLIST.md
+++ b/CHECKLIST.md
@@ -4,52 +4,69 @@
4- [x] Create project directory and git repo 4- [x] Create project directory and git repo
5- [x] Create .env, .env.example, .gitignore 5- [x] Create .env, .env.example, .gitignore
6- [x] Persist PLAN.md and CHECKLIST.md 6- [x] Persist PLAN.md and CHECKLIST.md
7- [ ] Create ESP-IDF project skeleton 7- [x] Create ESP-IDF project skeleton (CMakeLists, partitions.csv, sdkconfig.defaults)
8- [ ] Create Makefile with detect targets 8- [x] Create Makefile with detect/build/flash/test targets
9- [ ] Run `make detect-all` — identify ESP32 boards 9- [x] Run `make detect-all` — identified both boards as ESP32-S3 (16MB flash)
10- [x] Fix ESP-IDF v5.4.1 installation (was deeply corrupted, re-cloned)
10 11
11## Phase 1: Captive Portal + Firewall 12## Phase 1: Captive Portal + Firewall — COMPLETE
12- [ ] Implement tollgate_main.c (WiFi AP+STA, event loop) 13- [x] Implement tollgate_main.c (WiFi AP+STA, event loop)
13- [ ] Implement config.c/h (JSON config loading) 14- [x] Implement config.c/h (SPIFFS JSON config loading)
14- [ ] Implement dns_server.c/h (DNS hijack/forward) 15- [x] Implement dns_server.c/h (DNS hijack/forward per-client)
15- [ ] Implement captive_portal.c/h (HTTP :80, portal HTML) 16- [x] Implement captive_portal.c/h (HTTP :80, portal HTML)
16- [ ] Implement firewall.c/h (NAPT, per-IP auth) 17- [x] Implement firewall.c/h (NAPT on/off per auth state)
17- [ ] Set up test infrastructure (Playwright, helpers) 18- [x] Set up test infrastructure (Node.js tests, helpers, Playwright)
18- [ ] Test 1: Boot and AP appears 19- [x] Fix WiFi init order bug (netif before esp_wifi_init, set_mode before set_config)
19- [ ] Test 2: DHCP lease 20- [x] Fix DNS hijack test (nslookup exits 1 for AAAA, catch stderr)
20- [ ] Test 3: Captive portal serves HTML 21- [x] Fix ping tests (use `-I wlp59s0` to force through TollGate AP)
21- [ ] Test 4: Captive detection URIs work 22- [x] Test 1: Boot and AP appears
22- [ ] Test 5: DNS hijack before auth 23- [x] Test 2: DHCP lease
23- [ ] Test 6: No internet before auth 24- [x] Test 3: Captive portal serves HTML
24- [ ] Test 7: /whoami returns MAC 25- [x] Test 4: Captive detection URIs work (8 URIs)
25- [ ] Test 8: /usage returns no session 26- [x] Test 5: DNS hijack before auth
26- [ ] Test 9: Grant access via API 27- [x] Test 6: No internet before auth
27- [ ] Test 10: DNS forward after auth 28- [x] Test 7: /whoami returns MAC
28- [ ] Test 11: Internet after auth 29- [x] Test 8: /usage returns no session
29- [ ] Test 12: HTTP browsing works 30- [x] Test 9: Grant access via API
30- [ ] Test 13: Reset auth 31- [x] Test 10: DNS forward after auth
31- [ ] Test 14: Internet blocked after reset 32- [x] Test 11: Internet after auth
33- [x] Test 12: HTTP browsing works
34- [x] Test 13: Reset auth
35- [x] Test 14: Internet blocked after reset
36- [x] **All 20 API tests pass, all 6 smoke tests pass**
37- [x] Committed: `a7d0a67`
32 38
33## Phase 2: E-Cash Payments (Simple Melt) 39## Phase 2: E-Cash Payments — IN PROGRESS (code written, bugs to fix)
34- [ ] Implement payment.c/h (Cashu token parse + melt) 40- [x] Implement cashu.c/h (Cashu token parse, base64url, checkstate, mint validation)
35- [ ] Implement session.c/h (time-based metering) 41- [x] Implement session.c/h (time-based allotment, expiry, secret tracking)
36- [ ] Implement tollgate_api.c/h (:2121 endpoints) 42- [x] Implement tollgate_api.c/h (:2121 server, GET/POST /, /usage, /whoami)
37- [ ] Update captive portal HTML with payment form 43- [x] Update captive portal HTML with payment form (token textarea, Pay & Connect button)
38- [ ] Test 15: Advertisement valid 44- [x] Wire into tollgate_main.c (session_init, api_start, session_tick loop)
39- [ ] Test 16: Valid payment 45- [x] Test 15: Advertisement valid (kind=10021 with price_per_step) — PASSING
40- [ ] Test 17: Usage tracking 46- [ ] **BUG FIX: Stack overflow in httpd task** — POST to :2121 crashes (Guru Meditation LoadProhibited). Need to increase httpd stack_size to 16384 and heap-allocate large buffers in cashu.c
47- [ ] **BUG FIX: cashu_decode_token has 2048B stack buffer** — move json_buf to heap
48- [ ] **BUG FIX: cashu_check_proof_states has 4096B stack buffer** — move resp_buf to heap
49- [ ] Test 16: Valid payment (needs valid Cashu token from nutshell)
50- [ ] Test 17: Usage tracking after payment
41- [ ] Test 18: Internet after payment 51- [ ] Test 18: Internet after payment
42- [ ] Test 19: Invalid token rejected 52- [ ] Test 19: Invalid token rejected — blocked by stack overflow crash
43- [ ] Test 20: Spent token rejected 53- [ ] Test 20: Spent token rejected
44- [ ] Test 21: Wrong mint rejected 54- [ ] Test 21: Wrong mint rejected — blocked by stack overflow crash
45- [ ] Test 22: Session expiry 55- [ ] Test 22: Session expiry
46- [ ] Test 23: Session renewal 56- [ ] Test 23: Session renewal
47- [ ] Test 24: Portal payment form 57- [ ] Test 24: Portal payment form — blocked by stack overflow crash
48- [ ] Test 25: Two clients pay independently 58- [ ] Test 25: Two clients pay independently
49- [ ] Test 26: Client isolation 59- [ ] Test 26: Client isolation
50- [ ] Test 27: Full e2e browser flow 60- [ ] Test 27: Full e2e browser flow
51 61
52## Phase 3: nucula Wallet + Reseller 62## Infrastructure Setup — TODO (before next hardware session)
63- [ ] Update .env: change mint from nofee.testnut.cashu.space → testnut.cashu.space
64- [ ] Update Makefile: add nutshell wallet targets (mint-token, send-token, balance)
65- [ ] Create Ansible playbook for full dev environment setup
66- [ ] Create NetworkManager profile for TollGate testing (ethernet=upstream, wifi=tollgate only)
67- [ ] Verify network routing works (ethernet default route, WiFi 192.168.4.0/24 only)
68
69## Phase 3: nucula Wallet + Reseller — NOT STARTED
53- [ ] Extract nucula wallet into components/cashu_wallet/ 70- [ ] Extract nucula wallet into components/cashu_wallet/
54- [ ] Replace simple melt with Wallet::receive() 71- [ ] Replace simple melt with Wallet::receive()
55- [ ] Implement payout.c/h (background melt-to-LN) 72- [ ] Implement payout.c/h (background melt-to-LN)
generated by cgit v1.2.3 (git 2.39.1) at 2026-06-04 23:40:28 +0000