0.2.0 Matter Bridge: scaffold + cluster mapping + hub --matter wiring#27
Merged
Conversation
…ring
Lands the *interface* for SWARCH-WOHL-006 (CCSDS sensors + hub as Matter
Bridge) without pulling in rs-matter. The verified sensor line stays
untouched; the unverified Matter stack remains explicitly hub-side.
- New crate `crates/wohl-matter-bridge` (no rs-matter dep):
* `MatterBridge` trait — the contract wohl-hub calls.
* Typed `MatterCluster` / `MatterAttribute` enums + exhaustive
`mapping_for_alert` / `mapping_for_reading` tables (19 unit tests
pinning every cluster id to Matter App-Cluster-Spec 1.3 values).
* `LoggingBridge` stderr stub for end-to-end wiring validation.
- wohl-hub: optional Matter bridge field + `--matter` flag (or
`WOHL_MATTER=1`). Default off — wohl-hub behaves identically to 0.1.0
when the flag is unset. 2 new tests cover both states.
- `DESIGN.md`: rationale for scaffold-first, cluster decisions,
rs-matter target version, commissioning approach (`/var/lib/wohl/matter/`),
multi-admin behavior, attestation cert path, 3 open questions for 0.3.0.
- `WORKSPACE_INTEGRATION.md`: exact root Cargo.toml edits the
orchestrator needs to apply (workspace member + workspace.dependency).
Verification (Rust 1.85.0): fmt --check clean, clippy --all-targets
-D warnings clean, 19/19 wohl-matter-bridge tests pass, 30/30 wohl-hub
tests pass (including the 2 new bridge-wiring tests). wohl-alert tests
re-run to confirm verified core untouched.
Refs SWARCH-WOHL-006.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds the new crate as a workspace member and registers it under [workspace.dependencies] so wohl-hub can use the `.workspace = true` form (matching every other intra-workspace dep). The scaffold commit intentionally left this orchestration-layer edit out so the scaffold itself stayed reviewable on its own. Verified: cargo +1.85.0 fmt --check cargo +1.85.0 clippy --workspace --all-targets -- -D warnings cargo +1.85.0 test -p wohl-matter-bridge -p wohl-hub cargo +1.85.0 check --workspace Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
3 tasks
avrabe
added a commit
that referenced
this pull request
May 27, 2026
…on (#28) Architecture, traceability, and code-skeleton foundation for the live rs-matter integration that will ship as v0.3.0. The live wire integration (mDNS, commissioning, fabric storage, attestation) is explicitly out of scope and lives behind a follow-up PR. What's in this PR spar AADL extension New spar/wohl_matter.aadl modeling the Matter Bridge thread set (MdnsResponder, MatterStackEventLoop, CommissioningHandler, MatterBridgePublisher, FabricPersistor) composed as MatterBridgeProcess. wohl_nodes.aadl + wohl_home.aadl extended to wire the bridge into HubNode.{RPi,MiniPC} and the StarterHome deployment. spar parse + instance + analyze all clean: 0 errors, 120 pre-existing single-point-of-failure warnings on the single-hub topology. WIT signatures generated from AADL spar/generated/ contains the spar codegen output (matter.wit plus monitors/ota/fw for the existing processes). Per the spar-generates-wit convention, these are derived artifacts; the hand-crafted per-crate WIT files predate the convention and continue to live under crates/wohl-*/wit/ for now. See spar/generated/README.md for the regeneration recipe. rivet typed traceability Eight new artifacts: - SWREQ-MATTER-002..005 — commissioning, multi-admin, persistent fabric storage, bridged attribute publishing - SWARCH-WOHL-007 — rs-matter implementation shape + version-pin policy (refines SWARCH-WOHL-006) - SWDD-MATTER-001 — MatterBridgeProcess thread set + cluster mapping detailed design (refines SWARCH-WOHL-007) - SWV-MATTER-001 — SW verification approach with explicit rationale for skipping witness MC/DC and sigil signing in this scoped PR - UV-MATTER-001 — unit-verification of the existing crate tests rivet validate: PASS (1 pre-existing warning). Code skeleton: rs-matter-backend feature + RsMatterBridge stub New Cargo feature `rs-matter-backend` (no transitive deps yet — rs-matter itself remains a future dep). New crates/wohl-matter-bridge/src/rs_matter.rs with RsMatterConfig + RsMatterBridge struct implementing MatterBridge. publish_reading and publish_alert return unimplemented!() with a docstring pointing the 0.3.x implementor at LoggingBridge for current use. Three new unit tests; feature-on test count rises to 22. PR #27 reviewer recommendations applied DESIGN.md gains §7.4 "Unit-conversion contract" with a full table mapping wohl-internal units to Matter wire encoding for every cluster + attribute the bridge publishes. cluster.rs StateValue doc now explicitly explains device-type-dependent polarity (ContactSensor: true=closed; WaterLeakDetector: true=leak). ActivePower doc explicit on milliwatts. Verified line untouched Zero edits to crates/wohl-{leak,temp,air,door,power,alert,ota, fw-door-bench}/, proofs/verus/, or fuzz/. cargo kani -p wohl-alert remains at 4/4 harnesses, 0 failures — same as main. The Matter bridge lives wholly on the hub side, outside the verified sensor/dispatcher boundary, exactly as SWARCH-WOHL-006 prescribes. Oracles green cargo +1.85.0 fmt -p wohl-matter-bridge --check OK cargo +1.85.0 clippy -p wohl-matter-bridge -D warnings OK (no features) cargo +1.85.0 clippy ... --features rs-matter-backend OK cargo +1.85.0 test -p wohl-matter-bridge 19/19 cargo +1.85.0 test ... --features rs-matter-backend 22/22 cargo kani -p wohl-alert 4/4 spar analyze (StarterHome.Deployed) 0 errors rivet validate PASS What is NOT in this PR No rs-matter Cargo dependency. The feature gate exists as a symbol hook for the next PR; the live wire integration (commissioning, fabric storage, attestation chain, mDNS responder) is 0.3.x scope. cargo-deny advisory chain is unchanged; the RUSTSEC-2026-0110 ignore for bare-metal remains the only exception. No witness MC/DC. The bridge is a regular Rust library, not a Wasm component; witness operates on Wasm artifacts. Documented in SWV-MATTER-001. No new sigil-signed artifact. Architecture + traceability + a feature-gated skeleton don't ship binaries; existing release.yml cosign / SLSA chain stays in place for the eventual v0.3.0 tag. Documented in SWV-MATTER-001. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
wohl-matter-bridgelays the scaffold for the Matter integration decided inSWARCH-WOHL-006: CCSDS sensors + the hub as a Matter Bridge.MatterBridgetrait + cluster mapping table; shipsLoggingBridgeas the only impl in 0.2.0.wohl-hub --matter(orWOHL_MATTER=1) routes alerts + readings through the bridge alongside the existing stdout JSON. Default off — wohl-hub behaves identically to 0.1.0 when not set.wohl-{leak,temp,air,door,power,alert,ota},wohl-fw-door-bench). The Kani-verified line and Verus proofs are untouched.What this PR is NOT
rs-matterdependency. No mDNS / UDP / Matter wire bytes. No commissioning. Those are 0.3.0 scope, behind a futurers-matter-backendfeature gate.crates/wohl-matter-bridge/DESIGN.mdcaptures the open questions for the 0.3.0 implementor.Cluster mapping (enum-encoded)
Verified locally
cargo +1.85.0 fmt --checkcargo +1.85.0 clippy --workspace --all-targets -- -D warningscargo +1.85.0 test -p wohl-matter-bridge(all green)cargo +1.85.0 test -p wohl-hub(bridge off: identical 0.1.0 behavior; with--matter: bridge receives readings + alerts)cargo +1.85.0 check --workspaceOpen questions for 0.3.0 (from DESIGN.md §7)
Test plan
🤖 Generated with Claude Code