Added comprehensive documentation of discovered differences between CLI and ROOM
contact types when using the add_pending command.
Key findings from real-world testing (2025-12-29):
CLI Contacts (flexible matching):
- ✅ Full name works: "StNMobile T1000e"
- ✅ Name prefix works: "StN"
- ✅ Public key prefix works: "2ce5514"
- ✅ Full public key works
ROOM Contacts (strict matching):
- ❌ Full name fails: "TK room cwiczebny🔆" (UTF-8 issues)
- ❌ Name prefix fails: "TK room"
- ❌ Public key prefix fails: "b3fec489"
- ✅ ONLY full public key works
Root cause: meshcli uses different matching logic for different contact types,
likely to prevent accidental approval of group rooms which have different
security/privacy implications.
Recommendation: UI should always send full public_key (not name) when calling
POST /add_pending to ensure compatibility with all contact types.
Updated sections:
- Selector formats with CLI/ROOM compatibility notes
- New "Important Discovery: Contact Type Differences" section
- Updated test commands with real-world results
- JavaScript code examples for UI implementation
- Best practices for UI design
This documentation will guide the next phase: UI implementation for pending
contact management.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Enabled manual contact approval mode in meshcli session initialization.
This requires explicit approval for new contacts attempting to connect,
providing enhanced security and network access control.
Changes:
- Added 'set manual_add_contacts on' to _init_session_settings()
- Updates session init log message to include manual_add_contacts status
- Created comprehensive technical documentation (technotes/pending-contacts-api.md)
Benefits:
- DoS prevention - blocks flooding with fake contact requests
- Network privacy - control who can see your node
- Trust model - explicit approval for all new contacts
- Spam filtering - reject unwanted connection attempts
Technical notes document includes:
- Problem statement and solution overview
- API endpoint specifications and examples
- Testing procedures and expected workflows
- Future UI integration plans
- Security considerations and recommendations
- Meshcli command reference
When manual approval is enabled, new contacts appear in pending list
(accessible via GET /pending_contacts) and must be approved via
POST /add_pending before they can communicate with the node.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>