ESP32 Stateless QR Vault

Air-gapped ESP32-S3 camera + display signer. Behavior parity with the Raspberry QR vault is enforced through shared contract_ids in nSealr/specs.

Hardware target

Primary candidate: T-Display S3 Pro OV5640 (camera + display).
Secondary target: Waveshare ESP32-S3-Touch-LCD-3.5B-C.
Production-readiness gates: real camera ingestion, display acceptance, button drivers, provisioning.

Real sign_event is signing_disabled in development firmware until all hardening, display, button, and provisioning gates pass. The T-Display S3 review scenario smoke confirms host-core review frames render correctly; this is development evidence, not a production trusted-display claim. Approvals are bound to approval_digest. The firmware protocol evidence and Unicode fallback tracking are recorded in nSealr/esp32.

Feature	Target	Current	Contract
`request_validation_v0`	required	implemented	`signing-request-v0+implementation-limits-v0+invalid-vectors`
`nostr_event_review_universal`	required	implemented	`trusted-review-v0+review-detail-pages-v0`
`review_detail_pages`	required	implemented	`review-detail-pages-v0`
`approval_digest_binding`	required	implemented	`approval-digest-v0`
`physical_approval`	required	partial	`physical-approval-v0`
`sign_event_bip340`	required	disabled_until_gates_pass	`nostr-sign-event-bip340-v0`
`qr_static_request`	required	partial	`qr-envelope-static-v0`
`qr_animated_request`	required	partial	`qr-envelope-animated-v0`
`qr_response`	required	planned	`qr-response-v0`
`stateless_session_custody`	required	planned	`stateless-session-custody-v0`
`manual_only_policy`	required	implemented	`manual-only-approval-policy-v0`
`device_display_review`	required	partial	`device-display-review-v0`
`response_verification`	required	planned	`signed-response-verification-v0`
`secure_boot_hardening`	optional	planned	`firmware-boot-hardening-v0`

Repository

github.com/nSealr/esp32

Hardware target

Current status

Repository