Skip to content

feat(vaults): Implement vault system with move, create, and delete functionality#44

Merged
OffRange merged 71 commits into
v2from
feat/vaults
May 5, 2026
Merged

feat(vaults): Implement vault system with move, create, and delete functionality#44
OffRange merged 71 commits into
v2from
feat/vaults

Conversation

@OffRange
Copy link
Copy Markdown
Owner

@OffRange OffRange commented May 4, 2026
edited
Loading

Summary

Implements a complete vault system for organizing password items into logical groups. This major feature adds vault CRUD operations, item movement between vaults, and UI components for vault management.

Key Changes

  • New Vault Module (feature/vault): Complete vault feature with create, edit, delete, and move-items use cases
  • Rust Integration: Refactored crypto with UniFFI bindings for account and key management
  • Core Identity: Rust-backed account system replacing direct key operations
  • Core Item: UUID-based items with vault awareness, updated schema, and repositories
  • UI Features: Vault selection, creation dialog, deletion confirmation, move dialog, and vault icons
  • Database: New VaultEntity, VaultContextRecord, updated ItemEntity with vault relationships
  • Item Movement: Moving items between vaults with progress tracking
  • Tests: Comprehensive unit tests for all vault use cases and mappers

Encryption Schema Refactor

The item encryption architecture was redesigned to support a vault-based key hierarchy:

Old Schema (Single-level):

  • Account Root Key → Account Derived Key → Item Key (wraps item secrets)
  • Item AAD: itemId only
  • All items encrypted under the same derived key

New Schema (Vault-based):

  • Account Root Key → Account Derived Key → Vault Key → Item Key (wraps item secrets)
  • Each vault has its own unique key; item keys are wrapped with their parent vault key

AAD layering:

  • Vault key wrap AAD: vaultId (binds the vault key to the vault it belongs to)
  • Item key wrap AAD: {itemId, vaultId} (binds the item key to its owning vault — this is what makes vault membership cryptographically authenticated)
  • Item data AAD: {itemId, label} (binds each ciphertext field to its item and field label, e.g. LABEL_PASSWORD, LABEL_TOTP_SECRET)

The vault binding lives entirely at the wrap layer. The data AAD intentionally omits vaultId so that moving an item between vaults only requires re-wrapping the item key — the encrypted secrets themselves do not need to be re-encrypted.

Key Wrapping Details:

  • WrappedVaultKeyInformation: Vault key wrapped under the account's derived key with vaultId AAD
  • WrappedItemKeyInformation: Item key wrapped under its parent vault key with {itemId, vaultId} AAD
  • CryptographicScope is parameterized over both vault and item key information to establish the encryption context
  • Safe key re-wrapping when moving items: rewrapItemKey() re-encrypts the item key under the destination vault's key (with destination AAD {itemId, dstVaultId}) without exposing the plaintext item key to the Kotlin layer

This design ensures items are cryptographically bound to their vault while enabling secure item movement between vaults.

Technical Details

  • All vault operations return Result<S, E> for proper error handling
  • Vault metadata persisted in proto DataStore via VaultContextRecord
  • Item names checked for duplicates within vault context
  • Active vault context stored and restored across sessions

OffRange and others added 30 commits April 15, 2026 18:40
@OffRange @claude
[Rust] Refactor into workspace with UniFFI Kotlin bindings
5882c7f 
Split the single crate into a pure-Rust `lib` crate and a `keygo-bindings`
crate that exposes the passkey API to Kotlin via UniFFI, replacing the
hand-written JNI layer. Swap bincode for ciborium so the stored passkey
format aligns with the CBOR encoding already used for CoseKey. Replace
build.sh with a Makefile driving cargo-ndk + uniffi-bindgen, and add a
`.cargo/config.toml` with NDK linkers as a fallback for direct cargo
invocations.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@OffRange
[Rust] Implement AEAD key definitions and error handling
798103f
@OffRange
[Rust] Implement basic account creation
4395a50
@OffRange
[Core] [Item] Refactor data model to support Vaults and UUID IDs
712be60
@OffRange
[Rust] key derivation and wrap bindings
2aa4311
@OffRange @claude
[Core] [Identity] Implement Rust-backed Account system and refactor k…
119767b 
…ey management

Replace the Kotlin-based `WrappedKeyRepository` and `KeyDerivationRepository` with a unified `AccountRepository` and Rust-backed implementations via UniFFI. Introduce a new `Account` domain model and `account_registry.proto` to manage user identity alongside password and biometric wrapped Account Root Keys (ARK).

Refactor `UnlockWithPasswordUseCase` and `CreateAccessUseCase` to leverage the new Rust `KeyDeriver` and `KeyWrapper` components, removing the Argon2Kt dependency. Add comprehensive test fixtures for the new Rust layer to support in-memory testing of authentication flows.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@OffRange @claude
[Docs] Update CLAUDE.md guidelines for UniFFI and test fixtures
0023750 
Update the developer documentation to reflect the transition from manual JNI to UniFFI-generated Kotlin bindings in the `:rust` module. Add instructions for using UniFFI interfaces and `testFixtures` to mock native components in JVM tests without requiring the native library. Include a documentation note for a required dependency pattern when combining the Compose plugin with `testFixtures` to prevent classpath errors.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@OffRange
[Rust] cargo fmt
b342c18
@OffRange
[Github] Add rust ci
83b78db
@OffRange
[Rust] add Cargo.lock
1749f0f
@OffRange
[Rust] Add fmt
296a276
@OffRange
[Rust] Rename di module
b062329
@OffRange
[Rust] Implement item manager
c984924
@OffRange
[Rust] Implement item manager
b28fc2f
@OffRange
[Core] [Item] Rename VaultItemMapper to ItemMapper
f474640
@OffRange
[Core] Implement ItemKey wrapping and update AAD types
804d1eb
@OffRange
[Item] Implement vault
bdf5c64
@OffRange
build(rust): move generated .so files out of version control
094b12c
@OffRange
fix(core-identity): prevent crash when mapping empty account state
cd8d4c2
@OffRange @claude
fix(core-item): upsert active_vault row and correct FK target
dee18c7 
setActive used UPDATE WHERE id = 0, but no row with id = 0 ever exists
(entity default is 1L and nothing inserts into active_vault), so the
subsequent SELECT WHERE active_vault.id = 1 returned empty and crashed
when creating the first vault. Switch to INSERT OR REPLACE with the
singleton id = 1, and fix the foreign key to reference vaultId instead
of the singleton marker id so the upsert validates against vault(id).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@OffRange
test(fixtures): include compose BOM and runtime dependencies
56a60eb
@OffRange
test(core-identity): ensure active vault info has been correctly set
385fc35
@OffRange
feat(vault): Add Vault Icon structure and presentation mapper
81a8372
@OffRange
build(rust): always compile rust by default
d2556e0
@OffRange
feat(vault): include icon in db
6c3d9f5
@OffRange
feat(vault): Add vault awareness during item creation
709f346
@OffRange
feat(vault): vault metadata entities
3b16a92
@OffRange
build(proto): Upgrade to 0.10.0
33c1a4c
@OffRange
refactor(core-item): observe vault metadata
44f1a47
@OffRange
feat(list_screen): Add vault selection logic
abd42b9
OffRange and others added 6 commits May 3, 2026 11:30
@OffRange @claude
refactor(active-vault): Remove dead code (#41)
098b89b 
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
@OffRange @claude
refactor(vault): clean up VaultFlowViewModel state seeding (#40)
9322bb5 
Move Edit state seeding out of the flatMapLatest transform into
onEditVaultRequest so it runs once per user action instead of on every
flow re-collection. VaultStateSwitcher.Edit becomes a singleton since it
no longer needs to carry VaultMetadata. Also switch the dismiss channel
to CONFLATED — only the latest dismiss matters.

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
@OffRange @claude
feat(move-vault): Use Result<,> (#42)
33c5f52 
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
@OffRange
fix(vault): trim name in CreateVaultUseCase
fcb48a5
@OffRange
feat(vault): Add vault deletion confirmation dialog
c68ecfb
@OffRange
feat(move-vault): Add vault deletion option
09fe524
Copilot AI review requested due to automatic review settings May 4, 2026 11:01
github-advanced-security[bot]
github-advanced-security AI found potential problems May 4, 2026
View reviewed changes
Comment thread .github/workflows/ci.yaml Fixed
Comment thread .github/workflows/ci.yaml Fixed
Comment thread .github/workflows/ci.yaml Fixed
github-advanced-security[bot]
github-advanced-security AI found potential problems May 4, 2026
View reviewed changes
Comment thread rust/rust-code/lib/src/crypto/keys/root_kek.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/keys/root_kek.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/keys/root_kek.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/keys/root_kek.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/keys/root_kek.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/keys/root_kek.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/keys/root_kek.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/primitive/argon2.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/primitive/argon2.rs Dismissed
Comment thread rust/rust-code/lib/src/crypto/primitive/argon2.rs Dismissed
Copilot AI reviewed May 4, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Implements a vault system across the app (vault CRUD, vault context persistence, and item moves between vaults) while also refactoring the Rust integration from bespoke JNI to UniFFI-generated bindings and updating the core item/identity models to UUID-based identifiers and vault-aware storage.

Changes:

  • Added :feature:vault with domain use-cases, UI flows/dialogs, DI module, and strings.
  • Refactored core item storage to introduce VaultEntity + ItemEntity (UUID IDs, vault relationship, key wrapping metadata) and added vault context persistence via DataStore proto.
  • Reworked Rust integration into a Rust workspace (lib + bindings) with UniFFI bindings, Kotlin DI wiring, and test fakes.

Reviewed changes

Copilot reviewed 256 out of 265 changed files in this pull request and generated 9 comments.

Show a summary per file
File Description
settings.gradle.kts Includes the new :feature:vault module in the build.
rust/src/testFixtures/kotlin/de/davis/keygo/rust/FakeVaultManager.kt Adds a test fake for vault key generation via the UniFFI vault manager interface.
rust/src/testFixtures/kotlin/de/davis/keygo/rust/FakeKeyDeriver.kt Adds a deterministic test fake for KEK derivation + random salt generation.
rust/src/testFixtures/kotlin/de/davis/keygo/rust/FakeItemManager.kt Adds a test fake for item encryption/decryption and item key creation.
rust/src/testFixtures/kotlin/de/davis/keygo/rust/FakeAccountManager.kt Adds a test fake for account + default vault generation.
rust/src/main/kotlin/de/davis/keygo/rust/wrap/KeyWrapper.kt Adds Kotlin Result wrappers around UniFFI key wrapping APIs.
rust/src/main/kotlin/de/davis/keygo/rust/vault/VaultManager.kt Provides a Kotlin typealias for the UniFFI vault manager interface.
rust/src/main/kotlin/de/davis/keygo/rust/passkey/PasskeyManager.kt Replaces the old static JNI passkey API with UniFFI interface extensions + aliases.
rust/src/main/kotlin/de/davis/keygo/rust/passkey/model/KeyGoRegistrationResponse.kt Removes the old JNI registration response model (superseded by UniFFI).
rust/src/main/kotlin/de/davis/keygo/rust/item/ItemManager.kt Provides a Kotlin typealias for the UniFFI item manager interface.
rust/src/main/kotlin/de/davis/keygo/rust/di/RustModule.kt Adds Koin providers for UniFFI-backed Rust managers/wrappers.
rust/src/main/kotlin/de/davis/keygo/rust/derive/KeyDeriver.kt Adds Kotlin Result wrapper for KEK derivation via UniFFI.
rust/src/main/kotlin/de/davis/keygo/rust/account/AccountManager.kt Provides a Kotlin typealias for the UniFFI account manager interface.
rust/rust-code/src/passkey/registration.rs Removes legacy passkey registration implementation from the old crate layout.
rust/rust-code/src/passkey/mod.rs Removes legacy passkey module declarations from the old crate layout.
rust/rust-code/src/passkey/keygo_passkey.rs Removes legacy passkey wire codec from the old crate layout.
rust/rust-code/src/lib.rs Removes old crate root module declarations (replaced by lib/ crate).
rust/rust-code/Makefile Adds a Makefile orchestrating Android builds + UniFFI bindgen generation.
rust/rust-code/lib/src/url.rs Reformats/updates URL sanitization tests and scheme checks.
rust/rust-code/lib/src/passkey/registration.rs Adds passkey registration + exclusion list in the new lib crate.
rust/rust-code/lib/src/passkey/provider.rs Updates passkey provider to new passkey-types imports and error mapping.
rust/rust-code/lib/src/passkey/mod.rs Defines the new passkey module exports for the lib crate.
rust/rust-code/lib/src/passkey/authenticator.rs Updates user validation method signature and formatting.
rust/rust-code/lib/src/lib.rs Adds the new lib crate root module exports (crypto/item/passkey/url).
rust/rust-code/lib/src/item/vault.rs Adds Rust Vault model with random key + UUID id generation.
rust/rust-code/lib/src/item/mod.rs Adds Rust item module layout (account/create_account/vault).
rust/rust-code/lib/src/item/create_account.rs Adds Rust CreateAccount model generator.
rust/rust-code/lib/src/item/account.rs Adds Rust Account model generator.
rust/rust-code/lib/src/crypto/types.rs Adds UUID-backed type aliases for user/vault/item ids in Rust.
rust/rust-code/lib/src/crypto/random.rs Adds Rust random byte generation helper.
rust/rust-code/lib/src/crypto/primitive/mod.rs Adds crypto primitive module structure.
rust/rust-code/lib/src/crypto/mod.rs Adds crypto module exports and re-exports.
rust/rust-code/lib/src/crypto/macros.rs Adds macros to define key wrappers, AEAD keys, and scoped signing keys.
rust/rust-code/lib/src/crypto/keys/vault_key.rs Adds vault key type + wrap semantics under ARK with vault id AAD.
rust/rust-code/lib/src/crypto/keys/signing_key.rs Adds scoped signing key wrapper + key material conversion.
rust/rust-code/lib/src/crypto/keys/root_kek.rs Adds RootKEK definition + derivation + tests.
rust/rust-code/lib/src/crypto/keys/mod.rs Adds crypto key module exports and derive trait.
rust/rust-code/lib/src/crypto/keys/item_key.rs Adds item key definition + AAD records and wrap semantics under vault key.
rust/rust-code/lib/src/crypto/keys/account_root_key.rs Adds ARK AEAD key definition.
rust/rust-code/lib/src/crypto/key.rs Adds key material and AEAD key traits.
rust/rust-code/lib/src/crypto/error.rs Adds crypto error model and CryptoResult alias.
rust/rust-code/lib/Cargo.toml Adds new Rust lib crate manifest with crypto/passkey deps.
rust/rust-code/Cargo.toml Converts Rust project into a workspace (lib + bindings).
rust/rust-code/bindings/uniffi.toml Configures Kotlin UniFFI bindings and UUID custom type mapping.
rust/rust-code/bindings/uniffi-bindgen.rs Adds UniFFI bindgen main entrypoint binary.
rust/rust-code/bindings/src/vault.rs Exposes a UniFFI VaultManager object for vault key generation.
rust/rust-code/bindings/src/lib.rs Adds bindings crate module layout and UniFFI scaffolding.
rust/rust-code/bindings/src/key_derivation.rs Exposes UniFFI key derivation APIs with error mapping and salt generation.
rust/rust-code/bindings/src/item.rs Exposes UniFFI item crypto APIs (item key, encrypt/decrypt blob).
rust/rust-code/bindings/src/account.rs Exposes UniFFI account creation and custom types for UUID/ARK/VaultKey.
rust/rust-code/bindings/Cargo.toml Adds keygo-bindings cdylib/staticlib crate manifest for UniFFI.
rust/rust-code/.cargo/config.toml Adds Android cross-compile linker configuration.
rust/build.gradle.kts Wires UniFFI generated Kotlin/jniLibs into Android sources + switches to make.
rust/.gitignore Updates Rust module gitignore (no longer ignores Cargo.lock).
gradle/libs.versions.toml Updates dependency versions (protobuf/koin) and coroutines aliasing.
gradle.properties Removes temporary AGP/protobuf compatibility flag.
feature/vault/src/test/kotlin/de/davis/keygo/feature/vault/domain/usecase/SetVaultContextUseCaseTest.kt Adds unit tests for vault context setting behavior.
feature/vault/src/test/kotlin/de/davis/keygo/feature/vault/domain/usecase/ObserveVaultsAndSelectionUseCaseTest.kt Adds unit tests for vault metadata + selection observation.
feature/vault/src/main/res/values/strings.xml Adds vault UI strings (create/move/delete/validation).
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/presentation/VaultIcons.kt Adds painter resource for “All Vaults” icon.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/presentation/VaultFlow.kt Adds vault flow entry composable that switches between vault UI states.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/presentation/model/VaultStateSwitcher.kt Adds state-switching model for vault flow transitions.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/presentation/model/VaultStateSettings.kt Adds settings holder for selection/creation dialog and errors.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/presentation/model/VaultState.kt Adds vault flow UI state models (select/create/edit/move/delete).
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/presentation/model/VaultDeletionError.kt Adds deletion error model for confirmation mismatch.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/presentation/model/CreateVaultRequest.kt Adds request model for creating a vault.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/usecase/SetVaultContextUseCase.kt Adds use-case to set vault context and update last-interacted vault.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/usecase/ObserveVaultsAndSelectionUseCase.kt Adds use-case to observe sorted vault metadata + current selection.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/usecase/MoveItemsToVaultUseCase.kt Adds use-case to rewrap item keys and move items between vaults with progress.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/usecase/EditVaultUseCase.kt Adds use-case for updating vault name/icon.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/usecase/DeleteVaultUseCase.kt Adds use-case for deleting a vault and maintaining vault context invariants.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/usecase/CreateVaultUseCase.kt Adds use-case to create vault, wrap vault key, persist, and update context.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/model/VaultsAndSelection.kt Adds domain model bundling vault metadata and selection.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/model/VaultCreationError.kt Adds creation error model (blank name / wrap failure).
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/model/MoveItemsProgress.kt Adds progress model with computed fraction.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/domain/model/MoveItemsError.kt Adds error model for missing vaults or failed key rewrap/move.
feature/vault/src/main/kotlin/de/davis/keygo/feature/vault/di/FeatureVaultModule.kt Adds Koin module/component scan for the vault feature.
feature/vault/src/main/AndroidManifest.xml Adds minimal manifest for the vault feature module.
feature/vault/proguard-rules.pro Vault feature ProGuard rules placeholder.
feature/vault/consumer-rules.pro Vault feature consumer rules placeholder.
feature/vault/build.gradle.kts Adds vault feature Android module build configuration and dependencies.
feature/list_screen/src/main/res/values/strings.xml Minor formatting cleanup.
feature/list_screen/src/main/kotlin/de/davis/keygo/feature/list_screen/presentation/VaultIcon.kt Adds selected-vault icon mapping for list screen UI.
feature/list_screen/src/main/kotlin/de/davis/keygo/feature/list_screen/presentation/model/ListItemState.kt Extends list state with vault flow visibility, vault metadata, and vault context.
feature/list_screen/src/main/kotlin/de/davis/keygo/feature/list_screen/presentation/mapper/FilterMapper.kt Updates filter mapping to use UUID item id instead of legacy vaultItemId.
feature/list_screen/src/main/kotlin/de/davis/keygo/feature/list_screen/domain/usecase/FilterUseCase.kt Updates password score lookup to use UUID item id.
feature/list_screen/src/main/kotlin/de/davis/keygo/feature/list_screen/di/FeatureListScreenModule.kt Minor formatting cleanup.
feature/list_screen/build.gradle.kts Adds security + vault feature dependencies and expands test deps.
feature/item/view/src/main/kotlin/de/davis/keygo/feature/item/view/password/model/ViewPasswordState.kt Adds optional vaultMetadata to password view state.
feature/item/create/src/main/res/values/strings.xml Adds “vault” label string for item creation UI.
feature/item/create/src/main/kotlin/de/davis/keygo/feature/item/create/presentation/password/model/PasswordUiState.kt Refactors password UI state into Loading/Ready with vault selection state.
feature/item/create/src/main/kotlin/de/davis/keygo/feature/item/create/presentation/password/model/PasswordUiEvent.kt Adds event for vault selection during item creation.
feature/item/create/src/main/kotlin/de/davis/keygo/feature/item/create/presentation/model/VaultsState.kt Adds UI state model for vault list + selected vault id.
feature/item/create/src/main/kotlin/de/davis/keygo/feature/item/create/presentation/component/SelectItemForTotpModificationDialog.kt Updates list keys + preview data to UUID item ids and new DomainInfo shape.
feature/item/core/src/main/kotlin/de/davis/keygo/feature/item/core/presentation/model/DetailPaneInformation.kt Renames vaultItemId to id in existing item init model.
feature/item/core/src/main/kotlin/de/davis/keygo/feature/item/core/domain/model/UpsertType.kt Updates upsert model to include vaultId on create and UUID ids on update.
feature/item/core/src/main/kotlin/de/davis/keygo/feature/item/core/domain/model/UpsertPassword.kt Updates password upsert APIs to use vaultId/itemId naming and types.
feature/item/core/src/main/kotlin/de/davis/keygo/feature/item/core/domain/model/PasswordError.kt Adds InvalidItemId error.
feature/item/core/build.gradle.kts Enables testFixtures and adds test dependencies for cross-module fixtures.
feature/credentials/src/main/kotlin/de/davis/keygo/feature/credentials/presentation/provide/activity/ProvidePasskeyViewModel.kt Switches to injected UniFFI passkey manager + Result wrapper.
feature/credentials/src/main/kotlin/de/davis/keygo/feature/credentials/presentation/create/activity/CreatePasskeyViewModel.kt Switches to injected UniFFI passkey manager + updated response type/fields.
feature/autofill/src/main/kotlin/de/davis/keygo/feature/autofill/presentation/model/AutofillUiState.kt Replaces legacy vaultId field with optional itemId.
feature/autofill/src/main/kotlin/de/davis/keygo/feature/autofill/presentation/KeyGoAutofillService.kt Uses AccountRepository to decide whether autofill can proceed.
feature/autofill/src/main/kotlin/de/davis/keygo/feature/autofill/presentation/dataset/menu/MenuDatasetBuilder.kt Updates suggestion request data to use UUID item id.
feature/autofill/src/main/kotlin/de/davis/keygo/feature/autofill/presentation/dataset/inline/InlineDatasetBuilder.kt Updates suggestion request data to use UUID item id.
feature/autofill/src/main/kotlin/de/davis/keygo/feature/autofill/domain/usecase/AddRegistrableDomainsToPasswordUseCase.kt Updates API to update domain infos by item id and set passwordId in DomainInfo.
feature/auth/src/main/kotlin/de/davis/keygo/feature/auth/presentation/AuthViewModel.kt Switches “has access” checks from WrappedKeyRepository to AccountRepository.
core/ui/src/main/kotlin/de/davis/keygo/core/ui/components/KeyGoSwitch.kt Adds a reusable list-item switch component with expressive M3 API.
core/security/src/testFixtures/kotlin/de/davis/keygo/core/security/crypto/FakeSession.kt Adds a test fake Session with deterministic DEK.
core/security/src/testFixtures/kotlin/de/davis/keygo/core/security/crypto/FakeCryptographicScopeProvider.kt Adds a fake crypto scope provider and call history tracking.
core/security/src/testFixtures/kotlin/de/davis/keygo/core/security/crypto/BindingCryptographicScopeProvider.kt Adds helper to build production crypto scope provider with fakes for tests.
core/security/src/main/kotlin/de/davis/keygo/core/security/domain/usecase/PasswordWithCryptoScopeUseCase.kt Adds helper to observe/load passwords inside a cryptographic scope by vault id.
core/security/src/main/kotlin/de/davis/keygo/core/security/domain/crypto/SecretDataExt.kt Adds label-bound secret encryption/decryption extensions.
core/security/src/main/kotlin/de/davis/keygo/core/security/domain/crypto/model/KeyInformation.kt Adds wrapped vault/item key information wrappers for crypto APIs.
core/security/src/main/kotlin/de/davis/keygo/core/security/domain/crypto/ItemCryptoBindings.kt Adds Item → AAD and wrapped-key helper adapters.
core/security/src/main/kotlin/de/davis/keygo/core/security/domain/crypto/CryptographicScopeProvider.kt Refactors provider API to item-scoped crypto and adds key rewrap API.
core/security/src/main/kotlin/de/davis/keygo/core/security/domain/crypto/CryptographicScope.kt Adds label-bound encrypt/decrypt and current item-key wrapping.
core/security/build.gradle.kts Enables testFixtures and adds dependencies needed for fixture compilation.
core/item/src/testFixtures/kotlin/de/davis/keygo/core/item/FakeVaultRepository.kt Adds in-memory VaultRepository for tests.
core/item/src/testFixtures/kotlin/de/davis/keygo/core/item/FakeVaultContextRepository.kt Adds in-memory VaultContextRepository for tests.
core/item/src/testFixtures/kotlin/de/davis/keygo/core/item/FakePasswordStrengthEstimator.kt Adds fake password strength estimator for tests.
core/item/src/testFixtures/kotlin/de/davis/keygo/core/item/FakeItemRepository.kt Adds in-memory ItemRepository built atop fake password store for tests.
core/item/src/test/kotlin/de/davis/keygo/core/item/domain/usecase/UpsertItemUseCaseTest.kt Updates upsert item tests for UUID ids and new password model.
core/item/src/test/kotlin/de/davis/keygo/core/item/data/maper/VaultContextMapperTest.kt Adds tests for mapping vault context id to domain model.
core/item/src/test/kotlin/de/davis/keygo/core/item/data/maper/KeyInformationMapperTest.kt Adds tests for key information mappers.
core/item/src/main/proto/vault_context_record.proto Adds proto schema for persisting vault context and last-interacted vault.
core/item/src/main/kotlin/de/davis/keygo/core/item/presentation/VaultIconMapper.kt Adds icon-to-Compose ImageVector mapping for vault icons.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/usecase/UpsertVaultItemUseCase.kt Updates upsert use-case to accept new Item root type.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/repository/VaultRepository.kt Adds VaultRepository interface for vault persistence/queries.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/repository/VaultItemRepository.kt Removes legacy VaultItemRepository (replaced by ItemRepository + PasswordRepository).
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/repository/VaultContextRepository.kt Adds VaultContextRepository interface.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/repository/PasswordRepository.kt Updates password repo API for UUID ids, vault queries, and domain updates.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/repository/ItemRepository.kt Adds ItemRepository interface (CRUD + search + move between vaults).
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/VaultUpdater.kt Adds model for updating vault metadata.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/VaultMetadata.kt Adds vault metadata model for lists/selection UI.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/VaultItem.kt Removes legacy VaultItem sealed interface.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/VaultContextRecord.kt Adds combined context + last-interacted record model.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/VaultContext.kt Adds vault context model (NoSpecific / ById) and helper.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/Vault.kt Adds vault domain model (name/icon/key info/createdAt).
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/Password.kt Refactors password domain model for UUID ids, vault id, and wrapped key info.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/MovableItem.kt Adds lightweight model for item move operations.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/lite/LiteVaultItem.kt Renames lite item identifier from vaultItemId to id.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/lite/LitePassword.kt Refactors lite password to use UUID id only.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/lite/LiteItemSearchResult.kt Renames search result model and uses UUID id.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/KeyInformation.kt Adds domain model for wrapped key + nonce bytes.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/Item.kt Adds new root sealed Item type (vault-aware, key info, note).
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/model/DomainInfo.kt Makes passwordId nullable and updates defaults for UUID migration.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/crypto/SecretDataExt.kt Removes old secret crypto extensions (moved to core/security).
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/alias/VaultId.kt Changes VaultId to UUID and adds generator helper.
core/item/src/main/kotlin/de/davis/keygo/core/item/domain/alias/ItemId.kt Changes ItemId to UUID and adds generator helper.
core/item/src/main/kotlin/de/davis/keygo/core/item/di/CoreItemModule.kt Adds vault context DataStore provider wiring.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/repository/VaultRepositoryImpl.kt Adds Room-backed VaultRepository implementation.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/repository/VaultItemRepositoryImpl.kt Removes legacy repository implementation for VaultItemEntity-based model.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/repository/VaultContextRepositoryImpl.kt Adds DataStore-backed VaultContextRepository implementation.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/repository/ItemRepositoryImpl.kt Adds Room-backed ItemRepository implementation (including moveItem).
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/VaultUpdaterMapper.kt Adds mapper from domain vault update model to data POJO.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/VaultMetadataMapper.kt Adds mapper between data vault metadata POJO and domain metadata.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/VaultMapper.kt Adds mapper between VaultEntity and domain Vault.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/VaultItemMapper.kt Removes legacy VaultItem mapping utilities.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/VaultContextMapper.kt Adds mapper from optional vault id to VaultContext.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/PasswordMapper.kt Refactors password mapping for new item table and new password schema.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/KeyInformationMapper.kt Adds mapper between entity and domain key info.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/ItemMapper.kt Adds mapper for item entity/search/lite and movable item pojos.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/DomainMapper.kt Updates domain info mapping API to accept explicit password id.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/maper/DomainInfoMapper.kt Updates password domain info mapper to new DomainMapper signature.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/VaultContextSerializer.kt Adds DataStore serializer for vault context proto.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/pojo/VaultUpdater.kt Adds data POJO for vault updates.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/pojo/VaultPassword.kt Updates joined model to relate PasswordEntity to ItemEntity (shared PK).
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/pojo/VaultMetadata.kt Adds data POJO for vault list metadata.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/pojo/PasswordScoreEntry.kt Refactors score entry to use UUID id field.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/pojo/MovableItemPojo.kt Adds Room projection for movable items’ wrapped key info.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/pojo/LightweightPassword.kt Refactors lightweight password projection to use UUID id + new joins.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/pojo/LightweightItemSearchResult.kt Refactors item search projection to UUID id and new name.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/pojo/LightweightItem.kt Refactors lightweight item projection to UUID id and new name.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/entity/VaultItemEntity.kt Removes legacy single-table vault item entity.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/entity/VaultEntity.kt Adds vault table entity including embedded key info.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/entity/PasswordEntity.kt Refactors password table to share primary key with ItemEntity and store encrypted password.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/entity/PasskeyEntity.kt Adds explicit table name for passkey entity.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/entity/KeyInformation.kt Adds embedded entity for wrapped key + nonce bytes.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/entity/ItemEntity.kt Adds item table entity (vault relationship + key info + metadata).
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/entity/DomainInfoEntity.kt Refactors domain info table for UUID password ids and explicit table/index.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/datasource/ItemDatabase.kt Updates Room database entities and provides ItemDao.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/dao/PasswordDao.kt Updates password queries/joins for new tables and vault-based reads.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/dao/PasskeyDao.kt Updates passkey queries for new table names and new joins.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/dao/ItemDao.kt Adds DAO for new item table including search and move operations.
core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/dao/DomainInfoDao.kt Updates domain info DAO to new table name and UUID ids.
core/item/build.gradle.kts Enables protobuf generation, DataStore dependencies, and test fixtures pattern.
core/identity/src/testFixtures/kotlin/de/davis/keygo/core/identity/FakeAccountRepository.kt Adds fake AccountRepository for tests.
core/identity/src/main/proto/account_registry.proto Adds account registry/state proto schema.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/presentation/BiometricUnlockAdapterImpl.kt Migrates biometric unlock logic to AccountRepository storage.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/repository/WrappedKeyRepository.kt Removes legacy wrapped key repository interface.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/repository/KeyDerivationRepository.kt Removes legacy Argon2Kt key derivation repository interface.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/repository/DeviceInfoRepository.kt Removes unused device info repository interface.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/repository/AccountRepository.kt Adds AccountRepository interface for active account persistence.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/model/UnlockError.kt Adds ActiveAccountNotFound error.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/model/PasswordWrappedArk.kt Renames password-wrapped key model to PasswordWrappedArk.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/model/CreateAccessError.kt Adds account persistence failure error.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/model/BiometricWrappedArk.kt Renames biometric-wrapped key model to BiometricWrappedArk.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/model/Account.kt Adds Account domain model for identity + wrapped ARK blobs.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/di/CoreIdentityModule.kt Switches to single account-state DataStore wiring.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/di/annotation/Qualifiers.kt Replaces biometric/password qualifiers with account registry qualifier.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/data/WrappedKeyRepositoryImpl.kt Removes legacy repository implementation.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/data/repository/KeyDerivationRepositoryImpl.kt Removes legacy Argon2Kt implementation.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/data/repository/DeviceInfoRepositoryImpl.kt Removes legacy device info implementation.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/data/repository/AccountRepositoryImpl.kt Adds DataStore-backed AccountRepository implementation.
core/identity/src/main/kotlin/de/davis/keygo/core/identity/data/mapper/ProtoMapper.kt Adds proto↔domain mapping for account and wrapped ARK data.
core/identity/build.gradle.kts Enables testFixtures, adds needed deps, and updates protobuf generation behavior.
CLAUDE.md Updates documentation to reflect UniFFI integration and test fixture conventions.
automation-processor/src/main/kotlin/de/davis/keygo/automation/processor/handler/ItemHandler.kt Uses RootVaultEntity annotation name override when generating entries.
app/build.gradle.kts Adds dependencies on :rust and :feature:vault to the app module.
.gitignore Ignores *.so binaries globally.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread rust/src/main/kotlin/de/davis/keygo/rust/passkey/PasskeyManager.kt
Comment thread rust/src/main/kotlin/de/davis/keygo/rust/passkey/PasskeyManager.kt Outdated
Comment thread rust/src/main/kotlin/de/davis/keygo/rust/wrap/KeyWrapper.kt
Comment thread .../item/src/main/kotlin/de/davis/keygo/core/item/data/repository/VaultContextRepositoryImpl.kt
Comment thread .../item/src/main/kotlin/de/davis/keygo/core/item/data/repository/VaultContextRepositoryImpl.kt Outdated
Comment thread ...entity/src/main/kotlin/de/davis/keygo/core/identity/data/repository/AccountRepositoryImpl.kt
Comment thread core/item/src/main/kotlin/de/davis/keygo/core/item/data/local/dao/ItemDao.kt Outdated
Comment thread rust/rust-code/lib/src/crypto/random.rs
Comment thread ...ure/list_screen/src/main/kotlin/de/davis/keygo/feature/list_screen/presentation/VaultIcon.kt Outdated
OffRange and others added 13 commits May 4, 2026 16:21
@OffRange
ci: Add permission
ff92a93
@OffRange
refactor: Remove re-export
0df19bc
@OffRange
fix: Possible crash
4ceb2d7
@OffRange
ci: fix android test
08cf4f2
@OffRange
refactor: Use standard SQL pattern
c6fa14e
@OffRange
fix(last interacted vault): filter out invalid vaults
570c3ab
@OffRange
fix(move-vault): delete vault conditionally
4e5bf60
@OffRange
refactor: remove redundant getPasswordIdByVaultId
f0c048b
@OffRange
fix: Add editing aware ui strings
892d5a1
@OffRange @claude
feat(move-vault): atomic transactional move via @transaction DAO
5b13875 
Re-wrap all item keys before any DB write, then commit the bulk move in
a single SQLite transaction so a mid-flight failure leaves the source
vault untouched instead of half-migrated.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@OffRange @claude
fix(last-interacted-vault): make absence explicit via nullable VaultId
0a14a7d 
Switch the read path to firstOrNull and treat a blank stored value as
absent so callers no longer suspend forever or crash parsing an empty
UUID. On vault deletion, clear the field when no replacement vault
exists instead of leaving an orphan reference.

Mark last_interacted_vault_id as optional so the generated has/clear
APIs replace the blank-string sentinel — presence is now expressed
through the proto schema instead of an in-memory convention.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@OffRange @claude
fix(create-access): persist account before vault to avoid orphans
f0d6a71 
Previously the vault row and its DataStore context were committed
before the account was persisted, so a failed account write left an
unrecoverable vault — its key was wrapped under an ARK no one could
derive. Now all in-memory wrapping happens up front, the account is
written first, and the vault and its context follow only once the
account is durable. A vault-write failure leaves an account-only
half-state that retry overwrites cleanly.

Closes #46
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@OffRange
fix(edit-item): Take vault selection into account
0756f3c
@OffRange OffRange enabled auto-merge (squash) May 5, 2026 18:40
@OffRange OffRange disabled auto-merge May 5, 2026 18:41
@OffRange OffRange merged commit e3cf1a0 into v2 May 5, 2026
8 checks passed
@OffRange OffRange deleted the feat/vaults branch May 5, 2026 18:41
@OffRange OffRange mentioned this pull request May 5, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@OffRange @github-advanced-security