Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] fix: Security audit #1702

Closed
wants to merge 175 commits into from
Closed

[WIP] fix: Security audit #1702

Show file tree
Hide file tree
Changes from 159 commits
Commits
Show all changes
175 commits
Select commit Hold shift + click to select a range
f780430
fix: masking seeds, showing time out
phuocbitmark Mar 18, 2024
5cca695
fix: fix page name
phuocbitmark Mar 18, 2024
2b4cd6d
checkout mount
phuocbitmark Mar 18, 2024
18dd8f7
feat: hide, unhide icon
phuocbitmark Mar 18, 2024
81549f7
feat: set secure_flag for recovery page (#1586)
phuocbitmark Mar 18, 2024
e2e4a75
update encyprtion key & restore flow (#1584)
hvthhien Mar 18, 2024
c2f57e9
fix: update import address ui
phuocbitmark Mar 19, 2024
58cb9fa
Merge pull request #1585 from bitmark-inc/masking_seeds
phuocbitmark Mar 19, 2024
0689a1b
feat: enable minify and shrink resource
phuocbitmark Mar 19, 2024
3196eaa
Merge pull request #1590 from bitmark-inc/minify_shrink
phuocbitmark Mar 19, 2024
8edfa63
fix(security_audit): clear data when forget i exist (#1589)
ppupha Mar 19, 2024
329778a
fix: textfield cache, disable suggestion
phuocbitmark Mar 22, 2024
4e43376
fix: prevent 3rd party keyboard keyboard ios (#1591)
phuocbitmark Mar 25, 2024
afcc768
fix: imporve breadcrumb (#1593)
phuocbitmark Mar 25, 2024
3f6b991
fix: update license for liauk.swift and tezart
phuocbitmark Mar 25, 2024
ba6e4c6
Merge pull request #1596 from bitmark-inc/update_license
phuocbitmark Mar 25, 2024
aedc88c
fix: change log type to avoid adding to breadcumb
phuocbitmark Mar 25, 2024
42f92b4
Merge pull request #1598 from bitmark-inc/reduce_breadcumb
phuocbitmark Mar 25, 2024
3869507
fix: fallback hex encoded string for malform utf8 (#1597)
hvthhien Mar 25, 2024
fe30d66
fix: android delete keys when forget i exist (#1595)
ppupha Mar 25, 2024
1bc8543
fix: ios hide sensitive dât when background (#1599)
ppupha Mar 25, 2024
44447da
fix: encript env, decrypt when app run
phuocbitmark Mar 26, 2024
0f594df
add import
phuocbitmark Mar 26, 2024
ce1a40f
Merge pull request #1601 from bitmark-inc/add_import
phuocbitmark Mar 26, 2024
ab28543
Merge branch 'security_audit' into encrypt_env_secret
phuocbitmark Mar 26, 2024
4c8b7ec
fix: fix migrate env key
phuocbitmark Mar 26, 2024
27cfbd6
update android build ci
phuocbitmark Mar 27, 2024
018246d
add encrypt script for deploy files
phuocbitmark Mar 27, 2024
5578496
add missing ios files
hvthhien Mar 27, 2024
b5f9431
add SecureChannelHandler to xcodeproj
hvthhien Mar 27, 2024
2d71fc6
Add report action in signMessage/sendTransaction page
hoangbtmrk Mar 27, 2024
500bfd8
commit assets
hoangbtmrk Mar 27, 2024
7a79308
commit assets
hoangbtmrk Mar 27, 2024
851d922
separete env
phuocbitmark Mar 28, 2024
c62336e
dispose textEditingController
hoangbtmrk Mar 28, 2024
41fbeef
use .env.secret to temporarily store secret, update readme
phuocbitmark Mar 28, 2024
1454489
Add protocol handler for webview
hoangbtmrk Mar 28, 2024
a9da8a1
refactor folder
phuocbitmark Mar 28, 2024
cef7f92
clear cache at dispose webview page
phuocbitmark Mar 29, 2024
82fbfe2
not to remove env.secret
phuocbitmark Mar 29, 2024
360df87
Merge branch 'security_audit' into encrypt_env_secret
phuocbitmark Mar 29, 2024
94048b3
refactor
phuocbitmark Mar 29, 2024
7bba15d
fix script path
phuocbitmark Mar 29, 2024
4592cce
update asset
hoangbtmrk Mar 29, 2024
2332c9f
Merge pull request #1605 from bitmark-inc/add-protocol-handler-for-we…
hoangbtmrk Mar 29, 2024
6819d25
Merge pull request #1604 from bitmark-inc/security-12/add-report-button
hoangbtmrk Mar 29, 2024
973580c
Connect page: Add untrusted dApps warning
hoangbtmrk Mar 26, 2024
de0875e
Update warining text font-size
hoangbtmrk Mar 27, 2024
a368677
Update setState flow
hoangbtmrk Mar 28, 2024
33718aa
Fix bug get denyDAppUrls
hoangbtmrk Mar 29, 2024
24da82a
Merge pull request #1602 from bitmark-inc/warning_untrusted_dApps
hoangbtmrk Mar 29, 2024
f1576d5
Merge pull request #1600 from bitmark-inc/encrypt_env_secret
phuocbitmark Mar 29, 2024
8baccfb
set hide overlay
phuocbitmark Mar 29, 2024
03d6346
Merge pull request #1608 from bitmark-inc/hide_overlay
phuocbitmark Apr 1, 2024
ad56db1
Merge pull request #1607 from bitmark-inc/manage_webview_storage
phuocbitmark Apr 1, 2024
8d6f645
fix(security audit): 14 educate importance recovery phrase (#1610)
ppupha Apr 2, 2024
72bef76
Censored application log
hoangbtmrk Apr 2, 2024
0081a98
Censored logs: use Redacted instead of ***
hoangbtmrk Apr 2, 2024
f432805
Merge branch 'develop' into security_audit
phuocbitmark Apr 3, 2024
27d30e9
Censored logs: Add filter signature
hoangbtmrk Apr 3, 2024
edd153a
Censored logs: Add filter JWT token
hoangbtmrk Apr 3, 2024
1e6d0e6
Merge pull request #1611 from bitmark-inc/security-35/application-logs
hoangbtmrk Apr 3, 2024
4c35bce
feat: switch from webview to custom tab
phuocbitmark Apr 3, 2024
cc778dd
Update build gradle (#1614)
hoangbtmrk Apr 3, 2024
5dc82be
fix: migrate inapp webview
phuocbitmark Apr 3, 2024
2c3644e
Merge pull request #1615 from bitmark-inc/migrate_webview
phuocbitmark Apr 4, 2024
2c86cf1
feat: check certificate fingerprint
phuocbitmark Apr 4, 2024
b0e115c
Merge pull request #1616 from bitmark-inc/custome_tab
phuocbitmark Apr 4, 2024
2f80547
fix: getHeadUrl
phuocbitmark Apr 4, 2024
d2e6586
feat: deny android rooted device
phuocbitmark Apr 9, 2024
eb5e363
Merge branch 'security_audit' into ssl_fingerprints
phuocbitmark Apr 9, 2024
5e4875d
feat: navigate to report bug if ssl check fail
phuocbitmark Apr 9, 2024
2d40240
fix: add prefix to message to sign (#1621)
ppupha Apr 9, 2024
6b2436b
Merge pull request #1617 from bitmark-inc/ssl_fingerprints
phuocbitmark Apr 9, 2024
8f5e464
prevent jailbreak ios
phuocbitmark Apr 9, 2024
42975e4
feat: deny debugger
phuocbitmark Apr 9, 2024
7f0dc02
fix: apply advance debugger check
phuocbitmark Apr 10, 2024
bced450
Merge pull request #1619 from bitmark-inc/root_jailbreak
phuocbitmark Apr 10, 2024
4d8bd27
update default message text when check ssl fail
phuocbitmark Apr 10, 2024
c99aba2
Merge pull request #1623 from bitmark-inc/update_assets
phuocbitmark Apr 10, 2024
211d4f2
fix(android): debugger detected (#1622)
ppupha Apr 10, 2024
ebb6ab8
Merge pull request #1594 from bitmark-inc/fix_cache_textfield
phuocbitmark Apr 10, 2024
d19a867
fix: Verify signing certificate (#1624)
ppupha Apr 11, 2024
1809415
fix: accessibility protection (#1627)
ppupha Apr 12, 2024
869039e
feat: check reverse and emulator in iOS
phuocbitmark Apr 15, 2024
d0bf4bb
detect reverse android
phuocbitmark Apr 15, 2024
a9e56b8
feat: check bundleId ios
phuocbitmark Apr 16, 2024
1a2f490
remove check emulator
phuocbitmark Apr 16, 2024
614e0bf
Merge pull request #1630 from bitmark-inc/integrity_check
phuocbitmark Apr 17, 2024
95b66cd
Merge branch 'security_audit' into reverse_engi
phuocbitmark Apr 17, 2024
e55c465
Merge pull request #1629 from bitmark-inc/reverse_engi
phuocbitmark Apr 17, 2024
6121021
feat: track device authen fail multiple times
phuocbitmark Apr 17, 2024
0a304e0
Supoprt two factor for mnemonic
hoangbtmrk Apr 5, 2024
6ac4864
Support mnemonic two factor
hoangbtmrk Apr 11, 2024
bb524c0
Update libauk-swift revision
hoangbtmrk Apr 11, 2024
859fb3e
Revert "Update libauk-swift revision"
hoangbtmrk Apr 11, 2024
3c908f1
Update libauk-swift revision
hoangbtmrk Apr 11, 2024
676e9f2
Create object RecoveryPhrasePayload
hoangbtmrk Apr 12, 2024
173e86e
Remove comment
hoangbtmrk Apr 12, 2024
ead2fff
Move calculateFirstEthAddress function to LibAukDart class
hoangbtmrk Apr 12, 2024
4021e72
refactor: use passphrase instead of password
hoangbtmrk Apr 16, 2024
602d2ab
fix: include passphrase when backup android key
hoangbtmrk Apr 16, 2024
df5cb69
fix: update UI for passphrase
hoangbtmrk Apr 17, 2024
1b50716
feat: upgrade package feralfile_app_theme
hoangbtmrk Apr 17, 2024
b7cc74c
feat: change import seed ui
phuocbitmark Apr 19, 2024
6402a8f
feat: update libauk-kotlin version
hoangbtmrk Apr 19, 2024
3b2dafe
feat: update libauk-swift version
hoangbtmrk Apr 19, 2024
c8375f3
Merge pull request #1625 from bitmark-inc/add-support-two-factor-mnem…
hoangbtmrk Apr 19, 2024
3096848
feat: update libauk version
hoangbtmrk Apr 22, 2024
59b74dc
feat: update assets commit hash
hoangbtmrk Apr 22, 2024
8b06ef1
feat: capture sentry event for security check fails
phuocbitmark Apr 22, 2024
bd3d33f
feat: capture sentry event for security check fails
phuocbitmark Apr 22, 2024
129d13e
feat: capture sentry event for security check fails
phuocbitmark Apr 22, 2024
04c5387
fix: update android Set env workflow
hoangbtmrk Apr 22, 2024
b023d1a
Merge pull request #1635 from bitmark-inc/fix-create-env-workflow
hoangbtmrk Apr 22, 2024
4a80c5a
Merge branch 'security_audit' into track_security_event
phuocbitmark Apr 23, 2024
b82fdae
feat: capture sentry event for decrypt fail
phuocbitmark Apr 23, 2024
fe01d16
capture exeption
phuocbitmark Apr 23, 2024
e72cdf9
feat: skip checking certificate for localhost
phuocbitmark Apr 23, 2024
6a5f816
Merge pull request #1640 from bitmark-inc/skip_ssl_local
phuocbitmark Apr 23, 2024
183df5d
fix: allow cleartext for localhost only
hoangbtmrk Apr 19, 2024
efa429f
fix: file rename
hoangbtmrk Apr 19, 2024
41665b0
fix: allow cleartext for localhost only
hoangbtmrk Apr 22, 2024
a464563
Merge pull request #1632 from bitmark-inc/56-do-not-allow-cleartext-H…
hoangbtmrk Apr 24, 2024
3cd10ab
Merge branch 'develop' into security_audit
phuocbitmark Apr 24, 2024
26d0078
Merge branch 'security_audit' into track_security_event
phuocbitmark Apr 24, 2024
83931f6
Merge pull request #1631 from bitmark-inc/track_security_event
phuocbitmark Apr 24, 2024
69010d6
Merge branch 'security_audit' into import_mnemonic_ui
phuocbitmark Apr 24, 2024
3b03017
fix: Load mnemonics in memory on the recovery page instead of wallet …
phuocbitmark Apr 24, 2024
044b252
Merge pull request #1646 from bitmark-inc/load_mnemonics
phuocbitmark Apr 24, 2024
8bf2542
Merge pull request #1644 from bitmark-inc/import_mnemonic_ui
phuocbitmark Apr 24, 2024
ba8a3a0
feat: implement connection revocation for WC
hoangbtmrk Apr 24, 2024
f3a056e
fix: check nullsafety
hoangbtmrk Apr 25, 2024
4ce5228
fix: check for inactive topic at init wc2 client
phuocbitmark Apr 26, 2024
268b555
Merge pull request #1649 from bitmark-inc/Improve-connection-revocation
hoangbtmrk Apr 26, 2024
db1ce79
fix: fix show recovery phrase while scrolling
phuocbitmark May 3, 2024
d9e145e
feat: remove backdropFilter
phuocbitmark May 4, 2024
cb6e1e8
feat: white out password
phuocbitmark May 7, 2024
c4fe188
Merge pull request #1659 from bitmark-inc/recovery_phrase_scrolling
phuocbitmark May 8, 2024
9e2f82d
fix(security_audit): 1_ Biometric is not event-bound (#1613)
ppupha May 16, 2024
57546c4
fix:ios: fix check inhouse and exit app method (#1686)
phuocbitmark May 16, 2024
9c013c8
fix: revert test
phuocbitmark May 16, 2024
c2550df
Merge pull request #1689 from bitmark-inc/sa/revert_test
phuocbitmark May 16, 2024
8766b4a
feat: add walletconnect validation by verifyAPI
hoangbtmrk May 21, 2024
d3e307b
feat: WC Verify the chainID if it's provided
hoangbtmrk May 22, 2024
dd29aa9
fix: remove denyDappUrls for wallet connect
hoangbtmrk May 22, 2024
00b5151
fix: display typed data message in user friendly form
hoangbtmrk May 22, 2024
9b4e479
Update Libauk-swift (#1701)
ppupha May 23, 2024
87a1c73
fix: 10 clear keys from backup (#1703)
ppupha May 23, 2024
7ebb601
Merge pull request #1705 from bitmark-inc/71/verify-the-chainID
hoangbtmrk May 23, 2024
7c0f3a1
Merge pull request #1706 from bitmark-inc/11/avoid-untrusted-dApps-in…
hoangbtmrk May 23, 2024
3abcab2
fix: frida default tcp port
phuocbitmark May 23, 2024
1586b00
Merge pull request #1709 from bitmark-inc/fix_frida_port
phuocbitmark May 23, 2024
a3abdb2
feat: use different github secret for env vars
phuocbitmark Jun 17, 2024
a4cc1f5
Merge pull request #1764 from bitmark-inc/env_vars
anhnguyenbitmark Jun 17, 2024
6df107e
fix cat env.secret
phuocbitmark Jun 17, 2024
48c37a6
Merge pull request #1768 from bitmark-inc/fix_cat_env
phuocbitmark Jun 17, 2024
0da9584
Merge branch 'develop' into security_audit
phuocbitmark Jul 10, 2024
e5b58ad
fix resolve conflict
phuocbitmark Jul 10, 2024
17494de
add comment
phuocbitmark Jul 10, 2024
c30a9c1
lint
phuocbitmark Jul 10, 2024
74689d0
lint
phuocbitmark Jul 10, 2024
810e133
Merge branch 'develop' into security_audit
phuocbitmark Jul 12, 2024
1a63cb2
Merge branch 'develop' into security_audit
phuocbitmark Jul 15, 2024
bbd4eee
Update libauk swift
ppupha Jul 16, 2024
2076a30
fix: migrate
ppupha Jul 18, 2024
1d9ee57
Sang/fix/security audit (#1836)
ppupha Jul 19, 2024
60beb42
fix: android restore: blockstore default key
ppupha Jul 24, 2024
be3208c
Merge branch 'develop' into security_audit
phuocbitmark Jul 29, 2024
62f5a72
Revert "fix: android restore: blockstore default key"
ppupha Aug 7, 2024
0104c22
Revert "Sang/fix/security audit (#1836)"
ppupha Aug 7, 2024
5d7919e
Revert "fix: migrate"
ppupha Aug 7, 2024
43f498f
Revert "Update libauk swift"
ppupha Aug 7, 2024
9615ded
Revert "fix(security_audit): 1_ Biometric is not event-bound (#1613)"
ppupha Aug 7, 2024
937ea21
Merge branch 'Sang/revert_bio_metric' into security_audit
ppupha Aug 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions .env.secret.example
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
FERAL_FILE_SECRET_KEY_TESTNET=
FERAL_FILE_SECRET_KEY_MAINNET=
CHAT_SERVER_HMAC_KEY=
phuocbitmark marked this conversation as resolved.
Show resolved Hide resolved
AU_CLAIM_SECRET_KEY=
MIXPANEL_KEY=
METRIC_SECRET_KEY=
phuocbitmark marked this conversation as resolved.
Show resolved Hide resolved
BRANCH_KEY=
SENTRY_DSN=
ONESIGNAL_APP_ID=
phuocbitmark marked this conversation as resolved.
Show resolved Hide resolved
METRIC_ENDPOINT=
WEB3_RPC_MAINNET_URL=
phuocbitmark marked this conversation as resolved.
Show resolved Hide resolved
16 changes: 15 additions & 1 deletion .github/workflows/android-release-appcenter.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,8 @@ jobs:
echo "FLUTTER_VERSION_CODE=${{ github.event.inputs.build-number }}" >> $GITHUB_ENV
echo "BRANCH_KEY=${{ secrets.BRANCH_KEY }}" >> $GITHUB_ENV
echo "BRANCH_KEY_TEST=${{ secrets.BRANCH_KEY_TEST }}" >> $GITHUB_ENV
echo "SIGNATURE_HASH=${{ secrets.SIGNATURE_HASH }}" >> $GITHUB_ENV
echo "SIGNATURE_HASH_INHOUSE=${{ secrets.SIGNATURE_HASH_INHOUSE }}" >> $GITHUB_ENV
${{ github.event.inputs.testnet == 'true' }} && echo APPCENTER_APP_ID=support-zzd0-28/Autonomy-Android-Test >> $GITHUB_ENV || echo APPCENTER_APP_ID=support-zzd0-28/Autonomy-Android-1 >> $GITHUB_ENV
${{ github.event.inputs.testnet == 'true' }} && echo NAME_SUFFIX=test-${{ github.event.inputs.build-number }} >> $GITHUB_ENV || echo NAME_SUFFIX=main-${{ github.event.inputs.build-number }} >> $GITHUB_ENV

Expand All @@ -45,13 +47,25 @@ jobs:
- name: Create env file
run: |
touch .env
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV }}" | sed 's/\\n/\n/g' >> .env || echo -e "${{ secrets.STAGING_ENV }}" | sed 's/\\n/\n/g' >> .env
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env || echo -e "${{ secrets.STAGING_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env
cat .env

- name: Create env secret file
run: |
touch .env.secret
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV_SECRET }}" | sed 's/\\n/\n/g' >> .env.secret || echo -e "${{ secrets.STAGING_ENV_SECRET }}" | sed 's/\\n/\n/g' >> .env.secret
cat .env.secret

- name: Submoudles update
run: git -c submodule.auto-test.update=none submodule update --init --recursive
- run: flutter pub cache repair
- run: flutter pub get

# Encrypt secrets before use
- name: Encrypt Secrets
run: |
./script/encrypt_secrets.sh ${{ secrets.ENTROPY }}

- run: flutter build apk --flavor inhouse
- run: mv build/app/outputs/flutter-apk/app-inhouse-release.apk build/app/outputs/flutter-apk/app-inhouse-release-${{ env.NAME_SUFFIX }}.apk
- name: Distribute apk to App Center
Expand Down
16 changes: 15 additions & 1 deletion .github/workflows/bmvn_build_appcenter_android.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,8 @@ jobs:
# echo "FLUTTER_VERSION_CODE=${{ inputs.build-number }}" >> $GITHUB_ENV
echo "BRANCH_KEY=${{ secrets.BRANCH_KEY }}" >> $GITHUB_ENV
echo "BRANCH_KEY_TEST=${{ secrets.BRANCH_KEY_TEST }}" >> $GITHUB_ENV
echo "SIGNATURE_HASH=${{ secrets.SIGNATURE_HASH }}" >> $GITHUB_ENV
echo "SIGNATURE_HASH_INHOUSE=${{ secrets.SIGNATURE_HASH_INHOUSE }}" >> $GITHUB_ENV
${{ inputs.testnet == true }} && echo APPCENTER_APP_ID=support-zzd0-28/Autonomy-Android-Test >> $GITHUB_ENV || echo APPCENTER_APP_ID=support-zzd0-28/Autonomy-Android-1 >> $GITHUB_ENV
${{ inputs.testnet == true }} && echo NAME_SUFFIX=test-${{env.FLUTTER_VERSION_CODE}} >> $GITHUB_ENV || echo NAME_SUFFIX=main-${{env.FLUTTER_VERSION_CODE}} >> $GITHUB_ENV

Expand All @@ -75,13 +77,25 @@ jobs:
- name: Create env file
run: |
touch .env
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV }}" | sed 's/\\n/\n/g' >> .env || echo -e "${{ secrets.STAGING_ENV }}" | sed 's/\\n/\n/g' >> .env
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env || echo -e "${{ secrets.STAGING_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env
cat .env

- name: Create env secret file
run: |
touch .env.secret
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV_SECRET }}" | sed 's/\\n/\n/g' >> .env.secret || echo -e "${{ secrets.STAGING_ENV_SECRET }}" | sed 's/\\n/\n/g' >> .env.secret
cat .env.secret

- name: Submoudles update
run: git -c submodule.auto-test.update=none submodule update --init --recursive
- run: flutter pub cache repair
- run: flutter pub get

# Encrypt secrets before use
- name: Encrypt Secrets
run: |
./script/encrypt_secrets.sh ${{ secrets.ENTROPY }}

- run: flutter build apk --flavor inhouse
- run: mv build/app/outputs/flutter-apk/app-inhouse-release.apk build/app/outputs/flutter-apk/app-inhouse-release-${{ env.NAME_SUFFIX }}.apk
- name: Distribute apk to App Center
Expand Down
13 changes: 12 additions & 1 deletion .github/workflows/bmvn_build_appcenter_ios.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,15 @@ jobs:
- name: Create env file
run: |
touch .env
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV }}" | sed 's/\\n/\n/g' >> .env || echo -e "${{ secrets.STAGING_ENV }}" | sed 's/\\n/\n/g' >> .env
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env || echo -e "${{ secrets.STAGING_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env
cat .env

- name: Create env secret file
run: |
touch .env.secret
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV_SECRET }}" | sed 's/\\n/\n/g' >> .env.secret || echo -e "${{ secrets.STAGING_ENV_SECRET }}" | sed 's/\\n/\n/g' >> .env.secret
cat .env.secret

- name: Flutter doctor
run: flutter doctor
- name: Submoudles update
Expand All @@ -96,6 +102,11 @@ jobs:
cd ios/
pod install

# Encrypt secrets before use
- name: Encrypt Secrets
run: |
./script/encrypt_secrets.sh ${{ secrets.ENTROPY }}

- uses: mathieu-bour/setup-sentry-cli@main

# Build and deploy with Fastlane (by default, to ciappcenter track) 🚀.
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/ios-release-appcenter.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ jobs:
- name: Create env file
run: |
touch .env
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV }}" | sed 's/\\n/\n/g' >> .env || echo -e "${{ secrets.STAGING_ENV }}" | sed 's/\\n/\n/g' >> .env
${{ inputs.testnet == true }} && echo -e "${{ secrets.DEV_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env || echo -e "${{ secrets.STAGING_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env
cat .env

- name: Flutter doctor
Expand Down
13 changes: 12 additions & 1 deletion .github/workflows/ios-release-testflight.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,15 @@ jobs:
- name: Create env file
run: |
touch .env
echo -e "${{ secrets.PRODUCTION_ENV }}" | sed 's/\\n/\n/g' >> .env
echo -e "${{ secrets.PRODUCTION_ENV_VARS }}" | sed 's/\\n/\n/g' >> .env
cat .env

- name: Create env secret file
run: |
touch .env.secret
echo -e "${{ secrets.PRODUCTION_ENV_SECRET }}" | sed 's/\\n/\n/g' >> .env.secret
cat .env.secret

- name: Flutter doctor
run: flutter doctor
- name: Submoudles update
Expand All @@ -76,6 +82,11 @@ jobs:
cd ios/
pod install

# Encrypt secrets before use
- name: Encrypt Secrets
run: |
./script/encrypt_secrets.sh ${{ secrets.ENTROPY }}

- uses: mathieu-bour/setup-sentry-cli@main

# Build and deploy with Fastlane (by default, to ciappcenter track) 🚀.
Expand Down
9 changes: 7 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,13 @@ Bitmark started with the idea of building tools to help individuals and institut
3. Initialize submodule by running; `git submodule update --init --recursive`
- If you don't want to clone the auto-test package, simply run: `git -c submodule.auto-test.update=none submodule update --init --recursive`
4. Initialize the config file. `cp .env.example .env`
- Contact with Feral File app development team for development env.
5. Run `flutter run --flavor inhouse` to run **Feral File** app development on the connected device.
- Contact with Feral File app development team for development env.
5. Initialize the secret config file. `cp .env.secret.example .env.secret`
- There are credentials information. You may need to provide your own credentials.Contact with Feral File app development team for consultation.
6. Run ./script/encrypt_secrets.sh <-entropy-> to generate the encrypted secrets file.
- <-entropy-> is a random string. You can type a random string like akhrdsgl4893tynk3iu4y8hf
- You only need to run this script again when you want to update .env.secret.
7. Run `flutter run --flavor inhouse` to run **Feral File** app development on the connected device.

A few resources to get you started if this is your first Flutter project:

Expand Down
19 changes: 16 additions & 3 deletions android/app/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,10 @@ if (branchKeyTest == null) {

def branchTestMode = localProperties["branch.testMode"] ?: environment["BRANCH_IS_TEST"] ?: false

def signature_hash = localProperties["signature.hash"] ?: environment["SIGNATURE_HASH"]

def signature_hash_inhouse = localProperties["signature.hashInhouse"] ?: environment["SIGNATURE_HASH_INHOUSE"]

android {
compileSdkVersion 34
flavorDimensions 'env'
Expand All @@ -77,7 +81,7 @@ android {
defaultConfig {
// TODO: Specify your own unique Application ID (https://developer.android.com/studio/build/application-id.html).
applicationId "com.bitmark.autonomy_client"
minSdkVersion 24
minSdkVersion 29
targetSdkVersion 34
versionCode flutterVersionCode.toInteger()
versionName flutterVersionName
Expand All @@ -94,6 +98,8 @@ android {
// TODO: Add your own signing config for the release build.
// Signing with the debug keys for now, so `flutter run --release` works.
signingConfig signingConfigs.debug
minifyEnabled true
shrinkResources true

proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'

Expand All @@ -109,6 +115,8 @@ android {
appIcon : "@mipmap/ic_launcher_dev",
appIconRound: "@mipmap/ic_launcher_dev_round"
]
buildConfigField "boolean", "ENABLE_DEBUGGER_DETECTION", "false"
buildConfigField "String", "SIGNATURE_HASH", '\"' + signature_hash_inhouse + '\"'
}

prd {
Expand All @@ -118,6 +126,10 @@ android {
appIcon : "@mipmap/ic_launcher",
appIconRound: "@mipmap/ic_launcher_round"
]
buildConfigField "boolean", "ENABLE_DEBUGGER_DETECTION", "true"
// SIGNATURE_HASH with value from local.properties

buildConfigField "String", "SIGNATURE_HASH", '\"' + signature_hash + '\"'
}
}
packagingOptions {
Expand Down Expand Up @@ -146,10 +158,10 @@ dependencies {

implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version"
implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:1.4.1")
implementation 'com.google.android.gms:play-services-auth-blockstore:16.1.0'
implementation 'com.google.android.gms:play-services-auth-blockstore:16.2.0'
implementation 'io.reactivex.rxjava2:rxjava:2.2.10'
implementation 'io.reactivex.rxjava2:rxandroid:2.1.1'
implementation('com.github.bitmark-inc:libauk-kotlin:0.5.1') {
implementation('com.github.bitmark-inc:libauk-kotlin:f38858213e') {
exclude group: 'com.google.protobuf'
exclude module: 'jetified-protobuf-java'
}
Expand All @@ -166,6 +178,7 @@ dependencies {
implementation(platform("com.walletconnect:android-bom:1.12.0"))
implementation("com.walletconnect:android-core:1.17.0")
implementation("com.walletconnect:sign:2.15.0")
implementation("com.scottyab:rootbeer-lib:0.1.0")

implementation("com.github.airgap-it:beacon-android-sdk:$beacon_version") {
exclude group: 'com.goterl'
Expand Down
7 changes: 2 additions & 5 deletions android/app/src/main/AndroidManifest.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
xmlns:tools="http://schemas.android.com/tools"
package="com.bitmark.autonomy_flutter">

<uses-permission android:name="android.permission.HIDE_OVERLAY_WINDOWS" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.BLUETOOTH" />
<uses-permission android:name="android.permission.BLUETOOTH_ADMIN" />
Expand All @@ -25,12 +26,8 @@
android:icon="${appIcon}"
android:label="@string/app_name"
android:roundIcon="${appIconRound}"
android:usesCleartextTraffic="true"
android:networkSecurityConfig="@xml/network_security_config"
tools:replace="android:label">
<!--
- Enable usesCleartextTraffic only to allow make connection to localhost
- It will be used to rendering model viewer for 3d artworks.
-->

<meta-data
android:name="com.onesignal.NotificationServiceExtension"
Expand Down
Loading
Loading