add @mc-hamster comment

docs/software/mqtt.md

@@ -5,27 +5,28 @@
   - [1.2. Short term goals](#12-short-term-goals)
   - [1.3. Long term goals](#13-long-term-goals)
   - [1.4. Security](#14-security)
-  - [1.5. Efficient MQTT](#15-efficient-mqtt)
-    - [1.5.1. Topics](#151-topics)
-      - [1.5.1.1. MESHID](#1511-meshid)
-      - [1.5.1.2. NODEID](#1512-nodeid)
-      - [1.5.1.3. DESTCLASS](#1513-destclass)
-      - [1.5.1.4. DESTID](#1514-destid)
-      - [1.5.1.5. USERID](#1515-userid)
-    - [1.5.2. Gateway nodes](#152-gateway-nodes)
-      - [1.5.2.1. Default ToInternet filters](#1521-default-tointernet-filters)
-      - [1.5.2.2. Default FromInternet subscriptions](#1522-default-frominternet-subscriptions)
-    - [1.5.3. Optional web services](#153-optional-web-services)
-      - [1.5.3.1. Public MQTT broker service](#1531-public-mqtt-broker-service)
-      - [1.5.3.2. Riot.im messaging bridge](#1532-riotim-messaging-bridge)
-    - [1.5.4. Named attribute API](#154-named-attribute-api)
-    - [1.5.5. Name to ID mapping](#155-name-to-id-mapping)
-  - [1.6. Development plan](#16-development-plan)
-    - [1.6.1. Cleanup/refactoring of existing codebase](#161-cleanuprefactoring-of-existing-codebase)
-    - [1.6.2. New 'no-code-IOT' mini-app](#162-new-no-code-iot-mini-app)
-      - [1.6.2.1. Supported operations in the initial release](#1621-supported-operations-in-the-initial-release)
-      - [1.6.2.2. Supported operations eventually](#1622-supported-operations-eventually)
-    - [1.6.3. Later release features (1.2)](#163-later-release-features-12)
+  - [1.5. On device API](#15-on-device-api)
+  - [1.6. Efficient MQTT](#16-efficient-mqtt)
+    - [1.6.1. Topics](#161-topics)
+      - [1.6.1.1. MESHID](#1611-meshid)
+      - [1.6.1.2. NODEID](#1612-nodeid)
+      - [1.6.1.3. DESTCLASS](#1613-destclass)
+      - [1.6.1.4. DESTID](#1614-destid)
+      - [1.6.1.5. USERID](#1615-userid)
+    - [1.6.2. Gateway nodes](#162-gateway-nodes)
+      - [1.6.2.1. Default ToInternet filters](#1621-default-tointernet-filters)
+      - [1.6.2.2. Default FromInternet subscriptions](#1622-default-frominternet-subscriptions)
+    - [1.6.3. Optional web services](#163-optional-web-services)
+      - [1.6.3.1. Public MQTT broker service](#1631-public-mqtt-broker-service)
+      - [1.6.3.2. Riot.im messaging bridge](#1632-riotim-messaging-bridge)
+    - [1.6.4. Named attribute API](#164-named-attribute-api)
+    - [1.6.5. Name to ID mapping](#165-name-to-id-mapping)
+  - [1.7. Development plan](#17-development-plan)
+    - [1.7.1. Cleanup/refactoring of existing codebase](#171-cleanuprefactoring-of-existing-codebase)
+    - [1.7.2. New 'no-code-IOT' mini-app](#172-new-no-code-iot-mini-app)
+      - [1.7.2.1. Supported operations in the initial release](#1721-supported-operations-in-the-initial-release)
+      - [1.7.2.2. Supported operations eventually](#1722-supported-operations-eventually)
+    - [1.7.3. Later release features (1.2)](#173-later-release-features-12)
 
 ## 1.1. Abstract
 
@@ -59,11 +60,15 @@ During the 1.1 timeframe only one channel is supported per node, but eventually
 
 See "Named Attribute API" section for special access control to prevent remote access to device settings.
 
-## 1.5. Efficient MQTT
+## 1.5. On device API
+
+FIXME - add an example of the on-device API.  Possibly by showing the new position or texting code.
+
+## 1.6. Efficient MQTT
 
 A gateway-device will contact the MQTT broker. For each operation it will use the meshtastic "MESHID/NODEID" tuple as the MQTT "client ID". MESHIDs will be (TBD somehow) tracked and authenticated out-of-band.
 
-### 1.5.1. Topics
+### 1.6.1. Topics
 
 A sample [topic](https://www.hivemq.com/blog/mqtt-essentials-part-5-mqtt-topics-best-practices/) hierarchy for a complete functioning mesh:
 
@@ -81,15 +86,15 @@ A sample [topic](https://www.hivemq.com/blog/mqtt-essentials-part-5-mqtt-topics-
 | MESHID/NODEID/attr/ATTRNAME/set         | Set an attribute value                              |
 | MESHID/NODEID/app/APPNUM/#              | An topic from an unregistered/unknown app           |
 
-#### 1.5.1.1. MESHID
+#### 1.6.1.1. MESHID
 
 A unique ID for this mesh. There will be some sort of key exchange process so that the mesh ID can not be impersonated by other meshes.
 
-#### 1.5.1.2. NODEID
+#### 1.6.1.2. NODEID
 
 The unique ID for a node. A hex string that starts with a ! symbol.
 
-#### 1.5.1.3. DESTCLASS
+#### 1.6.1.3. DESTCLASS
 
 The type of DESTID this message should be delivered to. A short one letter sequence:
 
@@ -101,7 +106,7 @@ The type of DESTID this message should be delivered to. A short one letter seque
 | S      | SMS gateway, DESTID is a phone number to reach via Twilio.com |
 | E      | Emergency message, see bug #fixme for more context            |
 
-#### 1.5.1.4. DESTID
+#### 1.6.1.4. DESTID
 
 Can be...
 
@@ -109,17 +114,17 @@ Can be...
 - ^ALL for anyone
 - An app ID (to allow apps out in the web to receive arbitrary binary data from nodes or simply other apps using meshtastic as a transport). They would connect to the MQTT broker and subscribe to their topic
 
-#### 1.5.1.5. USERID
+#### 1.6.1.5. USERID
 
 A user ID string. This string is either a user ID if known or a nodeid to simply deliver the message to whoever the local user is of a particular device (i.e. person who might see the screen). FIXME, see what riot.im uses and perhaps use that convention? Or use the signal +phone number convention? Or the email addr?
 
-### 1.5.2. Gateway nodes
+### 1.6.2. Gateway nodes
 
 Any meshtastic node that has a direct connection to the internet (either via a helper app or installed wifi/4G/satellite hardware) can function as a "Gateway node". 
 
 Gateway nodes (via code running in the phone) will contain two tables to whitelist particular traffic to either be delivered toward the internet, or down toward the mesh. Users that are developing custom apps will be able to customize these filters/subscriptions.
 
-#### 1.5.2.1. Default ToInternet filters
+#### 1.6.2.1. Default ToInternet filters
 
 These filters are used to whitelist particular traffic - only traffic that matches a filter will be forwarded to the internet MQTT broker.
 
@@ -130,7 +135,7 @@ These filters are used to whitelist particular traffic - only traffic that match
 | +/+/msg/text/W/+ | For internet messaging feature                                                                                             |
 | +/+/app/APPNUM/# | Only if "send app APPNUM" has been set in gateway settings - for app developers who want their traffic routed to the world |
 
-#### 1.5.2.2. Default FromInternet subscriptions
+#### 1.6.2.2. Default FromInternet subscriptions
 
 The gateway node will always subscribe to certain topics on the broker so that it can forward those topics into the mesh.
 
@@ -139,9 +144,9 @@ The gateway node will always subscribe to certain topics on the broker so that i
 | MESHID/+/msg/text/W/+ | To receive text messages from the internet (where the sender knows our mesh ID) |
 | +/+/msg/text/W/USERID | For each named user on the local mesh, to receive messages bound for that user  |
 
-### 1.5.3. Optional web services
+### 1.6.3. Optional web services
 
-#### 1.5.3.1. Public MQTT broker service
+#### 1.6.3.1. Public MQTT broker service
 
 @Geeksville will provide a standard [MQTT broker](https://mosquitto.org/) on the web to facilitate use of this service, but clients can use any MQTT broker they choose. Geeksville will initially not charge for the use of this broker, but if it becomes a burden he might ask for donations or require a payment for the use of the server.  
 
@@ -155,30 +160,30 @@ Is used to filter whole classes of destination IDs (DESTID). Can be...
 - L - Local, for this mesh only.
 - W - World, for this mesh and the broader internet
 
-#### 1.5.3.2. Riot.im messaging bridge
+#### 1.6.3.2. Riot.im messaging bridge
 
 @Geeksville will run a riot.im bridge that talks to the public MQTT broker and sends/receives into the riot.im network.
 
 There is apparently already a riot.im [bridge](https://matrix.org/bridges/) for MQTT. That will possibly need to be customized a bit. But by doing this, we should be able to let random riot.im users send/receive messages to/from any meshtastic device. (FIXME add link and ponder security)
 
-### 1.5.4. Named attribute API
+### 1.6.4. Named attribute API
 
 The current channel and node settings are set/read using a special protobuf exchange between a local client and the meshtastic device.  In version 1.1 that mechanism will be changed so that settings are set/read using MQTT (even when done locally).  This will enable remote node adminstration (even conceivably through the internet).
 
 To provide some basic security a new named attribute name "seckey" can be set.  If set, any attribute operations must include that get with their operation request. Note: This mechanism still assumes that users you grant permission to access your local mesh are not 'adversaries'.  A technically competent user could discover the remote attribute key needed for attribute reading/writing.  In the 1.2ish timeframe we will add the concept of multiple channels and in that case, remote attribute operations will be on their own secured channel that regular 'users' can not see.
 
-### 1.5.5. Name to ID mapping
+### 1.6.5. Name to ID mapping
 
 MQTT topic strings are very long and potentially expensive over the slow LORA network. Also, we don't want to burden each (dumb) node in the mesh with having to regex match against them. For that reason, well known topics map to (small) "topic IDs". For portions of the topic that correspond to a wildcard, those strings are provided as "topic arguments". This means that only the phone app needs to consider full topic strings.  Device nodes will only understand integer topic IDs and their arguments.
 
 FIXME, add more details to this section and figure out how unassigned apps/topics work in this framework.
 
-## 1.6. Development plan
+## 1.7. Development plan
 
 Given the previous problem/goals statement, here's the initial thoughts on the work items required.  As this idea becomes a bit more fully baked we should add details
 on how this will be implemented and guesses at approximate work items.
 
-### 1.6.1. Cleanup/refactoring of existing codebase
+### 1.7.1. Cleanup/refactoring of existing codebase
 
 - Change nodeIDs to be base64 instead of eight hex digits.
 - Add the concept of topic IDs and topic arguments to the protobufs and the device code.
@@ -189,18 +194,18 @@ on how this will be implemented and guesses at approximate work items.
 - Confirm that positions are optionally sent to the internet
 - Add the first cut of the "gateway node" code to the android app (very little code needed for this component)
 
-### 1.6.2. New 'no-code-IOT' mini-app
+### 1.7.2. New 'no-code-IOT' mini-app
 
 Add a new 'remote GPIO/serial port/SPI/I2C access' mini-app. This new standard app would use the MQTT messaging layer to let users (developers that don't need to write device code) do basic (potentially dangerous) operations remotely.
 
-#### 1.6.2.1. Supported operations in the initial release
+#### 1.7.2.1. Supported operations in the initial release
 
 Initially supported features for no-code-IOT.
 
 - Set any GPIO
 - Read any GPIO
 
-#### 1.6.2.2. Supported operations eventually
+#### 1.7.2.2. Supported operations eventually
 
 General ideas for no-code IOT.
 
@@ -209,7 +214,7 @@ General ideas for no-code IOT.
 - Send N bytes out serial port Z
 - Subscribe for notification for when regex X matches the bytes that were received on serial port Z
 
-### 1.6.3. Later release features (1.2)
+### 1.7.3. Later release features (1.2)
 
 - Allow radios to be on multiple channels at once. Each channel will have its own encryption keys.