feat(vaults): Implement vault system with move, create, and delete functionality

.github/workflows/ci.yaml

@@ -1,46 +1,120 @@
-name: Android CI
+name: CI
 
 on:
   push:
     branches: [ "v2" ]
   pull_request:
     branches: [ "v2" ]
 
+permissions:
+  contents: read
+
+env:
+  CARGO_TERM_COLOR: always
+
 jobs:
-  ci:
+  detect-changes:
+    runs-on: ubuntu-latest
+
+    outputs:
+      rust: ${{ steps.filter.outputs.rust }}
+
+    steps:
+      - uses: actions/checkout@v6
+      - uses: dorny/paths-filter@v4
+        id: filter
+        with:
+          filters: |
+            rust:
+              - 'rust/**'
+              - '.github/workflows/ci.yaml'
 
+  # Fast quality gate: fmt + clippy only. Blocks both rust-test and android-test
+  # so a broken Rust change doesn't waste NDK cross-compilation time.
+  rust-lint:
+    needs: detect-changes
+    if: needs.detect-changes.outputs.rust == 'true'
     runs-on: ubuntu-latest
 
+    defaults:
+      run:
+        working-directory: ./rust/rust-code
+
     steps:
-      - uses: actions/checkout@v4
-      - name: set up JDK 21
-        uses: actions/setup-java@v4
+      - uses: actions/checkout@v6
+      - uses: actions/cache@v5
         with:
-          java-version: '21'
-          distribution: 'temurin'
-          cache: gradle
+          path: |
+            ~/.cargo/registry
+            ~/.cargo/git
+            rust/rust-code/target
+          key: ${{ runner.os }}-cargo-host-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: ${{ runner.os }}-cargo-host-
+      - name: Check formatting
+        run: cargo fmt --check --all
+      - name: Clippy
+        run: cargo clippy --workspace --all-targets -- -D warnings
+
+  # Rust-native tests (no NDK). Runs in parallel with android-test once lint passes.
+  rust-test:
+    needs: [ detect-changes, rust-lint ]
+    if: needs.detect-changes.outputs.rust == 'true'
+    runs-on: ubuntu-latest
 
-      - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@v4
+    defaults:
+      run:
+        working-directory: ./rust/rust-code
 
-      - name: Cache Gradle packages
-        uses: actions/cache@v4
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/cache@v5
         with:
           path: |
-            ~/.gradle/caches
-            ~/.gradle/wrapper
-          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
-          restore-keys: |
-            ${{ runner.os }}-gradle-
+            ~/.cargo/registry
+            ~/.cargo/git
+            rust/rust-code/target
+          key: ${{ runner.os }}-cargo-host-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: ${{ runner.os }}-cargo-host-
+      - name: Build
+        run: cargo build --workspace --all-targets --verbose
+      - name: Run tests
+        run: cargo test --workspace --verbose
+
+  # Android unit tests. Waits for rust-lint when rust changed, so NDK cross-compilation isn't
+  # triggered on code that already fails fmt/clippy.
+  # buildRust (make all) runs internally via the preBuild Gradle hook and generates
+  # the UniFFI Kotlin interfaces that the tests compile against.
+  android-test:
+    needs: [ detect-changes, rust-lint ]
+    if: |
+      always() &&
+      (
+        needs.detect-changes.outputs.rust != 'true' ||
+        needs.rust-lint.result == 'success'
+      )
+    runs-on: ubuntu-latest
 
+    steps:
+      - uses: actions/checkout@v6
+      - name: Set up JDK 21
+        uses: actions/setup-java@v5
+        with:
+          java-version: '21'
+          distribution: 'temurin'
+          cache: gradle
+      - uses: gradle/actions/setup-gradle@v6
+      - uses: actions/cache@v5
+        with:
+          path: |
+            ~/.cargo/registry
+            ~/.cargo/git
+            rust/rust-code/target
+          key: ${{ runner.os }}-cargo-android-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: ${{ runner.os }}-cargo-android-
       - name: Grant execute permission for gradlew
         run: chmod +x ./gradlew
+      - name: Run unit tests
+        run: ./gradlew testDebugUnitTest --continue
 
-      - name: Build Debug APK
+      - name: Assemble debug APK
         run: ./gradlew assembleDebug
-
-      - name: Run all unit tests
-        run: ./gradlew test
-
-      - name: Run debug-flavor unit tests
-        run: ./gradlew testDebugUnitTest

.gitignore

@@ -20,6 +20,9 @@
 *.tar.gz
 *.rar
 
+# Libs
+*.so
+
 # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
 hs_err_pid*
 replay_pid*

CLAUDE.md

@@ -45,7 +45,7 @@ Android password manager using Clean Architecture per module:
 | `:feature:*`               | `list_screen`, `item:{core,create,view}`, `credentials`, `totp`          |
 | `:automation`              | Automation support + annotation processor                                |
 | `:migration-create-access` | v1 → v2 data migration (high risk)                                       |
-| `:rust`                    | Passkey operations via Rust JNI                                          |
+| `:rust`                    | Rust crypto/passkey ops via UniFFI-generated Kotlin bindings             |
 
 ## Key Patterns
 
@@ -70,7 +70,7 @@ prompt flow, or persistence semantics without explicit instruction.
 
 - **Migration** — preserve backward compat, smallest safe change
 - **Autofill** (`app/.../autofill/`) — constrained by Android framework, keep conservative
-- **Rust FFI** — preserve type/memory-safety across JNI boundary
+- **UniFFI** — preserve memory and type safety across the FFI boundary.
 - **Room schema** — check migration implications before changing entities
 
 ## Code Style
@@ -85,3 +85,11 @@ prompt flow, or persistence semantics without explicit instruction.
 - kotlin-test + MockK + kotlinx-coroutines-test; Compose UI tests with Espresso
 - Use `runTest { }`, `mockk(relaxed = true)`, `coEvery { }`, assert against `Result`
 - Run broader tests for cross-module or security changes
+- **Rust fakes** — `:rust` uses UniFFI (not raw JNI) to generate Kotlin bindings. UniFFI emits
+  `KeyDeriverInterface`/`KeyWrapperInterface`/`AccountManagerInterface` for test seams; fakes live
+  in `:rust` testFixtures (`de.davis.keygo.rust`). Never instantiate `KeyDeriver()`/`KeyWrapper()`/
+  `AccountManager()` in JVM unit tests — their default constructors require the native Rust library
+  at runtime.
+- **testFixtures + Compose plugin** — Any module with `kotlin.compose` that enables testFixtures
+  must add `testFixturesImplementation(libs.androidx.compose.runtime)` to avoid "Compose Runtime
+  not on classpath" compile errors. See `:core:item` for the canonical pattern.

app/build.gradle.kts

@@ -87,6 +87,7 @@ dependencies {
     implementation(libs.koin.androidx.compose)
     implementation(libs.koin.annotations)
 
+    implementation(projects.rust)
     implementation(projects.core.item)
     implementation(projects.core.identity)
     implementation(projects.core.security)
@@ -97,6 +98,7 @@ dependencies {
     implementation(projects.feature.item.core)
     implementation(projects.feature.item.create)
     implementation(projects.feature.item.view)
+    implementation(projects.feature.vault)
     implementation(projects.feature.totp)
     implementation(projects.feature.autofill)
     implementation(projects.migrationCreateAccess)

automation-processor/src/main/kotlin/de/davis/keygo/automation/processor/handler/ItemHandler.kt

@@ -54,8 +54,12 @@ class ItemHandler : Handler<KSClassDeclaration, RootVaultEntity>, KoinComponent
                 )
             }.toList()
 
+            val annotation = root.getAnnotation<RootVaultEntity>()
+            val simpleName = annotation?.name?.takeIf { it.isNotEmpty() }
+                ?: root.simpleName.asString()
+
             Entry.RootEntry(
-                simpleName = root.simpleName.asString(),
+                simpleName = simpleName,
                 packageName = root.packageName.asString(),
                 children = subclasses
             )

core/identity/build.gradle.kts

@@ -31,6 +31,10 @@ android {
         sourceCompatibility = JavaVersion.VERSION_17
         targetCompatibility = JavaVersion.VERSION_17
     }
+
+    testFixtures {
+        enable = true
+    }
 }
 
 kotlin {
@@ -44,6 +48,8 @@ dependencies {
     implementation(libs.androidx.core.ktx)
 
     implementation(projects.core.security)
+    implementation(projects.core.item)
+    implementation(projects.rust)
 
     // Datastore
     implementation(libs.androidx.datastore)
@@ -53,8 +59,6 @@ dependencies {
     implementation(platform(libs.androidx.compose.bom))
     implementation(libs.androidx.material3)
 
-    implementation(libs.argon2kt)
-
     // Koin DI
     implementation(project.dependencies.platform(libs.koin.bom))
     implementation(libs.koin.androidx.compose)
@@ -63,6 +67,15 @@ dependencies {
     testImplementation(libs.kotlin.test)
     testImplementation(libs.kotlinx.coroutines.test)
     testImplementation(libs.io.mockk)
+    testImplementation(testFixtures(projects.core.item))
+    testImplementation(testFixtures(projects.rust))
+
+    testFixturesApi(projects.core.util)
+    testFixturesImplementation(projects.rust)
+    testFixturesImplementation(project.dependencies.platform(libs.androidx.compose.bom))
+    testFixturesImplementation(libs.androidx.compose.runtime) {
+        because("https://issuetracker.google.com/issues/259523353#comment32")
+    }
 }
 
 protobuf {
@@ -72,6 +85,10 @@ protobuf {
 
     generateProtoTasks {
         all().forEach { task ->
+            if (task.name.contains("TestFixtures", ignoreCase = true)) {
+                task.enabled = false
+                return@forEach
+            }
             task.builtins {
                 create("java") {
                     option("lite")

core/identity/src/main/kotlin/de/davis/keygo/core/identity/data/mapper/ProtoMapper.kt

@@ -1,31 +1,58 @@
 package de.davis.keygo.core.identity.data.mapper
 
 import com.google.protobuf.kotlin.toByteString
+import de.davis.keygo.core.identity.data.local.model.ProtoAccountState
 import de.davis.keygo.core.identity.data.local.model.ProtoBiometricKeyData
 import de.davis.keygo.core.identity.data.local.model.ProtoPasswordKeyData
+import de.davis.keygo.core.identity.data.local.model.biometricKeyDataOrNull
+import de.davis.keygo.core.identity.data.local.model.protoAccount
+import de.davis.keygo.core.identity.data.local.model.protoAccountState
 import de.davis.keygo.core.identity.data.local.model.protoBiometricKeyData
 import de.davis.keygo.core.identity.data.local.model.protoPasswordKeyData
-import de.davis.keygo.core.identity.domain.model.BiometricWrappedKeyData
-import de.davis.keygo.core.identity.domain.model.PasswordWrappedKeyData
+import de.davis.keygo.core.identity.domain.model.Account
+import de.davis.keygo.core.identity.domain.model.BiometricWrappedArk
+import de.davis.keygo.core.identity.domain.model.PasswordWrappedArk
+import java.util.UUID
 
-internal fun ProtoBiometricKeyData.toDomain() = BiometricWrappedKeyData(
+internal fun ProtoBiometricKeyData.toDomain() = BiometricWrappedArk(
     key = key.toByteArray(),
     keyIV = keyIV.toByteArray()
 )
 
-internal fun BiometricWrappedKeyData.toProto() = protoBiometricKeyData {
+internal fun BiometricWrappedArk.toProto() = protoBiometricKeyData {
     key = this@toProto.key.toByteString()
     keyIV = this@toProto.keyIV.toByteString()
 }
 
-internal fun ProtoPasswordKeyData.toDomain() = PasswordWrappedKeyData(
+internal fun ProtoPasswordKeyData.toDomain() = PasswordWrappedArk(
     key = key.toByteArray(),
     keyIV = keyIV.toByteArray(),
     salt = salt.toByteArray()
 )
 
-internal fun PasswordWrappedKeyData.toProto() = protoPasswordKeyData {
+internal fun PasswordWrappedArk.toProto() = protoPasswordKeyData {
     key = this@toProto.key.toByteString()
     keyIV = this@toProto.keyIV.toByteString()
     salt = this@toProto.salt.toByteString()
+}
+
+internal fun ProtoAccountState.toDomain() = takeIf { it.hasAccount() }?.account?.let {
+    Account(
+        id = UUID.fromString(it.userId),
+        displayName = it.displayName,
+        createdAtEpochMillis = it.createdAtEpochMillis,
+        passwordWrappedArk = it.passwordKeyData.toDomain(),
+        biometricWrappedArk = it.biometricKeyDataOrNull?.toDomain(),
+    )
+}
+
+internal fun Account.toProto() = protoAccountState {
+    account = protoAccount {
+        userId = this@toProto.id.toString()
+        displayName = this@toProto.displayName
+        createdAtEpochMillis = this@toProto.createdAtEpochMillis
+
+        passwordKeyData = passwordWrappedArk.toProto()
+        biometricWrappedArk?.let { biometricKeyData = it.toProto() }
+    }
 }