docs/releases/v0.7.0-mqtt-matter.md
Branch: feat/adr-115-ha-mqtt-matter (PR #778) · Tracking issue: #776 · ADR: ADR-115
RuView ships first-class integration into Home Assistant via MQTT auto-discovery and scaffolding for cross-ecosystem Matter Bridge support. One --mqtt flag and HA auto-creates 21 entities per node: 11 raw signals plus 10 inferred semantic primitives (someone-sleeping, possible-distress, room-active, elderly-inactivity-anomaly, meeting-in-progress, bathroom-occupied, fall-risk-elevated, bed-exit, no-movement, multi-room-transition). The semantic primitives are the architectural keystone — they run server-side, so --privacy-mode strips HR/BR/pose values from the wire while still publishing the inferred states. That's the architectural win that makes RuView deployable in healthcare and AAL contexts.
Plus 3 starter HA Blueprints, 3 drop-in Lovelace dashboards, an ESP32 hardware-validation harness, a witness bundle that self-verifies, and 420 lib tests including ~2,560 fuzzed assertions per CI run.
--mqtt flag on wifi-densepose-sensing-server (gated behind --features mqtt Cargo flag)docs/integrations/home-assistant.md for the full table--privacy-mode for healthcare/AAL deployments--matter flag wires the bridge plumbing — cluster mapping, endpoint tree, commissioning coders-matter integration deferred to v0.7.1 per ADR §9.10The inference layer that moves RuView from "RF sensor" to "ambient intelligence infrastructure". 10 v1 primitives, each with warmup gate + hysteresis + explainability tags. Per-primitive precision/recall published in docs/integrations/semantic-primitives-metrics.md.
Ready-to-import YAML under examples/ha-blueprints/ covering distress notification, sleep-aware hallway dimming, wake routines, elderly inactivity escalation, meeting room automation, bathroom fan, fall risk escalation, auto-arm security.
Drop-in views under examples/lovelace/ — single-room overview, multi-node grid, healthcare/AAL care view (privacy-mode-compatible).
| Flag | Purpose |
|---|---|
--mqtt, --mqtt-host, --mqtt-port, --mqtt-username, --mqtt-password-env, --mqtt-client-id, --mqtt-prefix | Broker connectivity |
--mqtt-tls, --mqtt-ca-file, --mqtt-client-cert, --mqtt-client-key | TLS / mTLS |
--mqtt-refresh-secs, --mqtt-rate-{vitals,motion,count,rssi,pose}, --mqtt-publish-pose | Rate control |
--privacy-mode | Strip HR/BR/pose at the wire boundary |
--matter, --matter-setup-file, --matter-reset, --matter-vendor-id, --matter-product-id | Matter bridge |
--semantic, --semantic-thresholds-file, --semantic-zones-file, --semantic-baseline-window-days, --no-semantic <PRIMITIVE> | Inference layer |
Full CLI matrix: docs/integrations/home-assistant.md.
mqtt Cargo feature on wifi-densepose-sensing-server (adds rumqttc 0.24 with rustls)matter Cargo feature — scaffolding only, no SDK pulled inmqtt::{config,discovery,privacy,publisher,security,state} and semantic::{bus,common,sleeping,distress,room_active,elderly_anomaly,meeting,bathroom,fall_risk,bed_exit,no_movement,multi_room} and matter::{clusters,bridge,commissioning}proptest cases that fuzz the wire boundary + semantic dispatch (~2,560 fuzzed assertions per CI run).github/workflows/mqtt-integration.ymldocs/integrations/benchmarks.mdscripts/validate-esp32-mqtt.sh runs end-to-end against attached hardwarescripts/witness-adr-115.sh produces self-verifying tarballs| Hot path | Measured | Target | Better |
|---|---|---|---|
state::event_fall encode | 259 ns | <2 µs | 7.7× |
rate_limiter::allow_first | 49.7 ns | <100 ns | 2× |
rate_limiter::allow_within_gap | 62.1 ns | <100 ns | 1.6× |
privacy::decide_hr_strip | 0.24 ns | <50 ns | 208× |
privacy::decide_presence_keep | 0.24 ns | <50 ns | 208× |
semantic::bus_tick_all_10_primitives | 717 ns | <10 µs | 14× |
Every target beaten by ≥1.6×, several by 100×+. Full numbers + reproduction recipe in docs/integrations/benchmarks.md.
mqtt::security) — topic-segment safety (rejects MQTT wildcards +/#, NUL, /), TLS path safety (NUL/newline rejection), 32 KB payload-size cap, credential-hygiene canary (--mqtt-password regression-detector), RUVIEW_MQTT_STRICT_TLS=1 v0.8.0 upgrade pathmqtt::security::tests covering random Unicode + injected wildcards/NULs at arbitrary offsets--privacy-mode enforced at every layer — discovery suppression + state stripping + Matter cluster gatinggit checkout v0.7.0
cd v2
cargo test -p wifi-densepose-sensing-server --no-default-features --lib # 420 passed
cargo test -p wifi-densepose-sensing-server --features mqtt --no-default-features --lib # also 420 passed
RUVIEW_RUN_INTEGRATION=1 cargo test -p wifi-densepose-sensing-server \
--features mqtt --no-default-features --test mqtt_integration -- --test-threads=1
cargo bench -p wifi-densepose-sensing-server --features mqtt --bench mqtt_throughput
cd ..
bash scripts/witness-adr-115.sh
cd dist/witness-bundle-ADR115-*/ && bash VERIFY.sh # "ADR-115 witness bundle: VERIFIED ✓"
rs-matter SDK wiring (BIND/READ/INVOKE against the locked cluster/bridge/commissioning contract)0xFFF1 is fine for personal/HA-only; commercial deployment needs the vendor IDRUVIEW_MQTT_STRICT_TLS=1 opt-in already lands)Maintainer ACK on all 13 ADR §9 open questions (#776). 17 commits on the feat branch, each phase-tagged. PR review: #778.