DIT-ROBOTICS
diff --git a/‎esp_firmware/lib/app_settings/app_settings.cpp‎
Lines changed: 1 addition & 3 deletions b/‎esp_firmware/lib/app_settings/app_settings.cpp‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎esp_firmware/lib/app_settings/app_settings_storage.cpp‎
Lines changed: 14 additions & 4 deletions b/‎esp_firmware/lib/app_settings/app_settings_storage.cpp‎
Lines changed: 14 additions & 4 deletions
diff --git a/‎esp_firmware/lib/app_settings/app_settings_update.cpp‎
Lines changed: 3 additions & 2 deletions b/‎esp_firmware/lib/app_settings/app_settings_update.cpp‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎esp_firmware/lib/comm/espnow_comm.cpp‎
Lines changed: 64 additions & 5 deletions b/‎esp_firmware/lib/comm/espnow_comm.cpp‎
Lines changed: 64 additions & 5 deletions
@@ -604,8 +604,6 @@ bool parseMacString(const String& text, std::array<uint8_t, 6>& out) {
 }
 
 void appSettingsToJsonImpl(JsonDocument& doc, bool include_pin_code) {
-  syncLegacyEStopFieldsFromRoutes();
-
   doc["deviceName"] = g_settings.device_name;
 
   doc["pinProtectionEnabled"] = g_settings.pin_protection_enabled;
@@ -686,6 +684,6 @@ void appSettingsToJsonImpl(JsonDocument& doc, bool include_pin_code) {
 }
 
 void appSettingsToJson(JsonDocument& doc, bool include_pin_code) {
-  AppSettingsWriteGuard guard;
+  AppSettingsReadGuard guard;
   appSettingsToJsonImpl(doc, include_pin_code);
 }
@@ -22,9 +22,7 @@ class ScopedSettingsLock {
 
 } // namespace
 
-bool saveAppSettings() {
-  ScopedSettingsLock lock;
-
+bool saveAppSettingsUnlocked() {
   JsonDocument doc;
   app_settings_internal::appSettingsToJsonUnlocked(doc, true);
 
@@ -42,10 +40,22 @@ bool saveAppSettings() {
   return written > 0;
 }
 
+bool saveAppSettings() {
+  ScopedSettingsLock lock;
+  return saveAppSettingsUnlocked();
+}
+
 bool resetAppSettingsToDefaults() {
   ScopedSettingsLock lock;
+  AppSettings backup = app_settings_internal::mutableSettings();
   app_settings_internal::applyDefaultsUnlocked();
-  return saveAppSettings();
+  if (saveAppSettingsUnlocked()) {
+    return true;
+  }
+
+  // Keep runtime state consistent with failed persistence.
+  app_settings_internal::mutableSettings() = backup;
+  return false;
 }
 
 bool eraseAppSettingsFromNvs() {
 
@@ -366,6 +366,7 @@ bool updateAppSettingsFromJson(const JsonObjectConst& json, String& error) {
         if (pins[i].value != pins[j].value) {
           continue;
         }
+        settings = backup;
         error = String("Duplicate GPIO pin: ") +
                 pins[i].name + " and " + pins[j].name +
                 " both use GPIO " + String(pins[i].value);
@@ -445,8 +446,8 @@ bool updateAppSettingsFromJson(const JsonObjectConst& json, String& error) {
 }
 
 bool verifySettingsPin(const String& pin) {
-  ScopedSettingsWriteLock guard;
-  AppSettings& settings = app_settings_internal::mutableSettings();
+  AppSettingsReadGuard guard;
+  const AppSettings& settings = guard.settings();
   if (!settings.pin_protection_enabled) {
     return true;
   }
 
@@ -21,6 +21,7 @@
 namespace {
 
 bool g_espnowReady = false;
+constexpr char kEStopPayload[] = "STOP";
 
 int resolveEffectiveEspNowChannel() {
   const bool wifiConnected = (WiFi.status() == WL_CONNECTED);
@@ -62,6 +63,57 @@ void applyEspNowChannel(bool verboseLog) {
 
 #if APP_MODE == APP_MODE_DAEMON
 
+constexpr uint32_t kEmergencyTriggerMinIntervalMs = 50;
+constexpr size_t   kEmergencySourceThrottleMax = 16;
+
+struct EmergencySourceThrottleEntry {
+  bool used = false;
+  std::array<uint8_t, 6> mac = {0, 0, 0, 0, 0, 0};
+  unsigned long last_trigger_ms = 0;
+};
+
+std::array<EmergencySourceThrottleEntry, kEmergencySourceThrottleMax> g_emergencyThrottle = {};
+
+bool shouldThrottleEmergencySource(const uint8_t* mac_addr, unsigned long now_ms) {
+  size_t free_index = g_emergencyThrottle.size();
+  size_t oldest_index = 0;
+  uint32_t oldest_age_ms = 0;
+  bool oldest_set = false;
+
+  for (size_t i = 0; i < g_emergencyThrottle.size(); ++i) {
+    EmergencySourceThrottleEntry& entry = g_emergencyThrottle[i];
+    if (!entry.used) {
+      if (free_index == g_emergencyThrottle.size()) {
+        free_index = i;
+      }
+      continue;
+    }
+
+    if (memcmp(entry.mac.data(), mac_addr, 6) == 0) {
+      if (entry.last_trigger_ms != 0 &&
+          static_cast<uint32_t>(now_ms - entry.last_trigger_ms) < kEmergencyTriggerMinIntervalMs) {
+        return true;
+      }
+      entry.last_trigger_ms = now_ms;
+      return false;
+    }
+
+    const uint32_t age_ms = static_cast<uint32_t>(now_ms - entry.last_trigger_ms);
+    if (!oldest_set || age_ms > oldest_age_ms) {
+      oldest_index = i;
+      oldest_age_ms = age_ms;
+      oldest_set = true;
+    }
+  }
+
+  const size_t target_index = (free_index < g_emergencyThrottle.size()) ? free_index : oldest_index;
+  EmergencySourceThrottleEntry& target = g_emergencyThrottle[target_index];
+  target.used = true;
+  memcpy(target.mac.data(), mac_addr, 6);
+  target.last_trigger_ms = now_ms;
+  return false;
+}
+
 bool resolveEmergencyTargetsForSource(
   const uint8_t* mac_addr,
   bool& target_group1,
@@ -92,6 +144,11 @@ void onDataRecv(const esp_now_recv_info_t* info, const uint8_t* incomingData, in
     return;
   }
 
+  if (len != static_cast<int>(sizeof(kEStopPayload) - 1) ||
+      memcmp(incomingData, kEStopPayload, sizeof(kEStopPayload) - 1) != 0) {
+    return;
+  }
+
   const uint8_t* mac_addr = info->src_addr;
   bool targetGroup1 = false;
   bool targetGroup2 = false;
@@ -100,6 +157,11 @@ void onDataRecv(const esp_now_recv_info_t* info, const uint8_t* incomingData, in
     return;
   }
 
+  const unsigned long now = millis();
+  if (shouldThrottleEmergencySource(mac_addr, now)) {
+    return;
+  }
+
   // Remote emergency switch is expected to repeatedly transmit "STOP".
   // Any authorized packet is treated as an emergency-stop trigger.
   triggerRemoteEmergencyStop(targetGroup1, targetGroup2, targetGroup3);
@@ -115,7 +177,6 @@ constexpr uint32_t kEStopSendIntervalMs       = 80;
 constexpr uint32_t kEStopDebounceMs           = 35;
 constexpr uint32_t kEStopPeerEnsureIntervalMs = 1000;
 constexpr uint16_t kWledHttpTimeoutMs         = 1500;
-constexpr char     kEStopPayload[]            = "STOP";
 // Cybertruck-style boot cue + standard factory E-STOP alarm (passive buzzer approximation).
 constexpr uint16_t kBuzzerAlarmOnMs           = 300;
 constexpr uint16_t kBuzzerAlarmOffMs          = 240;
@@ -439,9 +500,7 @@ void updateBuzzer() {
   }
 }
 
-String buildRouteSignature() {
-  AppSettingsReadGuard settingsGuard;
-  const AppSettings& settings = settingsGuard.settings();
+String buildRouteSignature(const AppSettings& settings) {
   String signature;
   signature.reserve(64);
   const auto& routes = settings.estop_routes;
@@ -530,7 +589,7 @@ void ensureAllRoutePeersConfigured(bool verboseLog) {
 void rebuildEStopRoutesFromSettings(bool verboseLog) {
   AppSettingsReadGuard settingsGuard;
   const AppSettings& settings = settingsGuard.settings();
-  const String signature = buildRouteSignature();
+  const String signature = buildRouteSignature(settings);
   if (signature == g_estopRouteSignature) {
     return;
   }
Original file line number	Diff line number	Diff line change
`@@ -604,8 +604,6 @@ bool parseMacString(const String& text, std::array<uint8_t, 6>& out) {`
`604`	`604`	`}`
`605`	`605`
`606`	`606`	`void appSettingsToJsonImpl(JsonDocument& doc, bool include_pin_code) {`
`607`		`- syncLegacyEStopFieldsFromRoutes();`
`608`		`-`
`609`	`607`	`doc["deviceName"] = g_settings.device_name;`
`610`	`608`
`611`	`609`	`doc["pinProtectionEnabled"] = g_settings.pin_protection_enabled;`
`@@ -686,6 +684,6 @@ void appSettingsToJsonImpl(JsonDocument& doc, bool include_pin_code) {`
`686`	`684`	`}`
`687`	`685`
`688`	`686`	`void appSettingsToJson(JsonDocument& doc, bool include_pin_code) {`
`689`		`- AppSettingsWriteGuard guard;`
	`687`	`+ AppSettingsReadGuard guard;`
`690`	`688`	`appSettingsToJsonImpl(doc, include_pin_code);`
`691`	`689`	`}`
Original file line number	Diff line number	Diff line change
`@@ -366,6 +366,7 @@ bool updateAppSettingsFromJson(const JsonObjectConst& json, String& error) {`
`366`	`366`	`if (pins[i].value != pins[j].value) {`
`367`	`367`	`continue;`
`368`	`368`	`}`
	`369`	`+ settings = backup;`
`369`	`370`	`error = String("Duplicate GPIO pin: ") +`
`370`	`371`	`pins[i].name + " and " + pins[j].name +`
`371`	`372`	`" both use GPIO " + String(pins[i].value);`
`@@ -445,8 +446,8 @@ bool updateAppSettingsFromJson(const JsonObjectConst& json, String& error) {`
`445`	`446`	`}`
`446`	`447`
`447`	`448`	`bool verifySettingsPin(const String& pin) {`
`448`		`- ScopedSettingsWriteLock guard;`
`449`		`- AppSettings& settings = app_settings_internal::mutableSettings();`
	`449`	`+ AppSettingsReadGuard guard;`
	`450`	`+ const AppSettings& settings = guard.settings();`
`450`	`451`	`if (!settings.pin_protection_enabled) {`
`451`	`452`	`return true;`
`452`	`453`	`}`