docs(master-link): Add README for both master-link packages

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

package/secubox/luci-app-master-link/README.md

@@ -0,0 +1,63 @@
+# LuCI App Master-Link
+
+LuCI web interface for SecuBox Master-Link mesh management.
+
+## Installation
+
+```bash
+opkg install luci-app-master-link
+```
+
+Requires `secubox-master-link` (pulled automatically as dependency).
+
+## Access
+
+**SecuBox > Mesh Management** in the LuCI menu.
+
+## Tabs
+
+### Overview
+
+Adapts to the node's role:
+
+- **Master**: Role badge, mesh stats (peers, depth, chain height), Generate Token button with QR-ready URL
+- **Peer**: Role badge, upstream master info, own depth, sync status
+- **Sub-master**: Upstream info + downstream peer count
+
+### Join Requests (master/sub-master only)
+
+- Table: hostname, IP, fingerprint, timestamp, status
+- Actions: Approve, Reject, Promote to sub-master
+- Auto-refresh every 10 seconds
+
+### Mesh Tree
+
+- Hierarchical view of master → peers → sub-masters → their peers
+- Depth indicators and role badges
+- Online/offline status per node
+
+## RPCD Methods
+
+All calls go through `luci.master_link` ubus object:
+
+| Method | Description |
+|--------|-------------|
+| `status` | Node status and mesh stats |
+| `peers` | List all peers with join details |
+| `tree` | Mesh topology tree |
+| `token_generate` | Create one-time join token |
+| `approve` | Approve, reject, or promote a peer |
+| `token_cleanup` | Remove expired tokens |
+
+## Files
+
+| File | Purpose |
+|------|---------|
+| `root/usr/share/luci/menu.d/luci-app-master-link.json` | Menu entry |
+| `root/usr/share/rpcd/acl.d/luci-app-master-link.json` | ACL permissions |
+| `root/usr/libexec/rpcd/luci.master_link` | RPCD endpoint |
+| `htdocs/luci-static/resources/view/secubox/master-link.js` | LuCI view |
+
+## License
+
+Apache-2.0

package/secubox/secubox-master-link/README.md

@@ -0,0 +1,98 @@
+# SecuBox Master-Link
+
+Secure mesh onboarding for SecuBox appliances. A master node generates one-time join tokens, serves the secubox IPK bundle, and approves new peers via blockchain-backed trust. Supports gigogne (nested) hierarchy where approved nodes can become sub-masters.
+
+## Overview
+
+```
+  MASTER (depth 0)
+  ├── Peer A (depth 1)
+  ├── Sub-Master B (depth 1)
+  │   ├── Peer C (depth 2)
+  │   └── Peer D (depth 2)
+  └── Peer E (depth 1)
+```
+
+## Installation
+
+```bash
+opkg install secubox-master-link luci-app-master-link
+```
+
+## Configuration
+
+```bash
+# /etc/config/master-link
+
+config master-link 'main'
+    option enabled '1'
+    option role 'master'          # master | peer | sub-master
+    option upstream ''            # upstream master IP (peers/sub-masters)
+    option depth '0'              # gigogne depth (0 = root master)
+    option max_depth '3'          # max nesting depth
+    option token_ttl '3600'       # token validity in seconds
+    option auto_approve '0'       # auto-approve join requests
+    option ipk_path '/www/secubox-feed/secubox-master-link_*.ipk'
+```
+
+## Join Protocol
+
+1. **Master generates token** — one-time HMAC-SHA256 token with TTL
+2. **New node opens landing page** — `http://<master>:7331/master-link/?token=...`
+3. **New node downloads IPK** — token-validated download via `/api/master-link/ipk`
+4. **New node sends join request** — fingerprint + address submitted to master
+5. **Master approves** — TOFU key exchange, blockchain block recorded, peer added to mesh
+6. **Optional: promote to sub-master** — approved peer can onboard its own peers
+
+## CGI Endpoints
+
+All served on port 7331 under `/api/master-link/`.
+
+| Endpoint | Method | Auth | Description |
+|----------|--------|------|-------------|
+| `/token` | POST | Local only | Generate join token |
+| `/join` | POST | Token | Submit join request |
+| `/approve` | POST | Local only | Approve/reject peer |
+| `/status` | GET | Public/Local | Mesh status |
+| `/ipk` | POST | Token | Download secubox IPK |
+
+## RPCD API
+
+```bash
+ubus call luci.master_link status '{}'
+ubus call luci.master_link peers '{}'
+ubus call luci.master_link tree '{}'
+ubus call luci.master_link token_generate '{}'
+ubus call luci.master_link approve '{"fingerprint":"...","action":"approve"}'
+ubus call luci.master_link approve '{"fingerprint":"...","action":"reject","reason":"..."}'
+ubus call luci.master_link approve '{"fingerprint":"...","action":"promote"}'
+ubus call luci.master_link token_cleanup '{}'
+```
+
+## Blockchain Block Types
+
+| Type | Description |
+|------|-------------|
+| `join_request` | New node requesting to join |
+| `peer_approved` | Master approved peer |
+| `peer_rejected` | Master rejected peer |
+| `peer_promoted` | Peer promoted to sub-master |
+| `token_generated` | Audit: token was created |
+
+## Security
+
+- **Tokens**: HMAC-SHA256, one-time use, time-limited (default 1h)
+- **TOFU**: First join establishes trust via fingerprint exchange
+- **Depth limiting**: `max_depth` prevents unbounded nesting
+- **Chain integrity**: All actions recorded as blockchain blocks
+- **Audit trail**: Token lifecycle and peer events queryable via chain
+
+## Dependencies
+
+- `secubox-p2p` — mesh networking and blockchain
+- `openssl-util` — HMAC token generation
+- `curl` — peer notification
+
+## License
+
+Apache-2.0