Skip to content

Feat: End to end wallet Integration with minting pages #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 18 commits into from
Aug 3, 2025
Merged

Feat: End to end wallet Integration with minting pages #5

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
3b7d953
add: add mintNFT provider
IronJam11 Jul 20, 2025
79d0594
add: add tree minting desc page
IronJam11 Jul 20, 2025
ba804f1
add: add mint_nft_details page
IronJam11 Jul 20, 2025
b9e65ce
add: add ipfs image upload page
IronJam11 Jul 20, 2025
d48c940
modify navbar design
IronJam11 Jul 20, 2025
d6aaf14
add: universal logging
IronJam11 Jul 23, 2025
3bd30ee
fix: switch chain
IronJam11 Jul 25, 2025
769d602
feat: add write contract functionality
IronJam11 Jul 25, 2025
79cc140
refactor: file structuring and imports
IronJam11 Jul 25, 2025
4174c42
add: geohash functionality
IronJam11 Jul 26, 2025
05f096d
add: switch chain functionality in the navbar
IronJam11 Jul 26, 2025
cd5958b
fix: overflow error
IronJam11 Jul 26, 2025
2e09696
fix: widget spacing
IronJam11 Jul 26, 2025
04fd556
add: flutter map
IronJam11 Jul 27, 2025
35f2e20
add: current location widget
IronJam11 Jul 28, 2025
c5aae30
add: preview widget with map integration
IronJam11 Jul 28, 2025
15713d5
feat: minting tree nft
IronJam11 Jul 31, 2025
af3e39f
refactor: logging
IronJam11 Aug 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion .env.stencil
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,5 @@
WALLETCONNECT_PROJECT_ID=<WALLETCONNECT_PROJECT_ID>
WALLETCONNECT_PROJECT_ID=<WALLETCONNECT_PROJECT_ID>
API_KEY=<PINATA_API_KEY>
API_SECRET=<PINATA_API_SECRET>
ALCHEMY_API_KEY=<ALCHEMY_API_KEY>
CONTRACT_ADDRESS=<CONTRACT_ADDRESS>
26 changes: 26 additions & 0 deletions android/app/src/main/AndroidManifest.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,25 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.VIBRATE"/>
<uses-permission android:name="android.permission.WAKE_LOCK"/>
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION"/>
<uses-permission android:name="android.permission.CAMERA"/>
<uses-permission android:name="android.permission.RECORD_AUDIO"/>
<uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES"/>
<uses-permission android:name="android.permission.BLUETOOTH"/>
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
<uses-permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE_LOCATION"/>
<uses-permission android:name="android.permission.POST_NOTIFICATIONS"/>
Comment on lines +2 to +18
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Review and justify the extensive permission set.

The app requests many high-privilege permissions including location, camera, audio recording, and external storage. Ensure each permission is actually required by the NFT minting workflow and consider requesting them at runtime when needed rather than at install time for better user experience.

Please verify that all these permissions are necessary by running this script to check their usage:

🏁 Script executed:

#!/bin/bash
# Check if permissions are actually used in the codebase
echo "Checking permission usage in Flutter code..."

# Location permissions
echo "=== Location permissions usage ==="
rg -i "location|gps|coordinates" --type dart -A 3

# Camera permission
echo "=== Camera permission usage ==="
rg -i "camera|image_picker|photo" --type dart -A 3

# Audio permission  
echo "=== Audio permission usage ==="
rg -i "audio|microphone|record" --type dart -A 3

# Storage permissions
echo "=== Storage permissions usage ==="
rg -i "storage|file|external" --type dart -A 3

Length of output: 97548

Audit AndroidManifest permissions

Several permissions in android/app/src/main/AndroidManifest.xml aren’t actually exercised by the current NFT-minting flow. Please trim the install-time permission set to only what’s used and move high-privilege requests to runtime:

• Keep
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/> / <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/> (required by image_picker and IPFS upload)
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/> / <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/> (used by LocationService)

• Remove or defer to runtime
<uses-permission android:name="android.permission.CAMERA"/> – no camera capture calls (pickImage(source: camera)) in code
<uses-permission android:name="android.permission.RECORD_AUDIO"/> – no audio recording
<uses-permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION"/>, <uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>, <uses-permission android:name="android.permission.FOREGROUND_SERVICE_LOCATION"/> – app only fetches location in-app, no background service
<uses-permission android:name="android.permission.VIBRATE"/>, <uses-permission android:name="android.permission.WAKE_LOCK"/> – no vibration or wake-lock usage
<uses-permission android:name="android.permission.BLUETOOTH"/>, <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES"/>, <uses-permission android:name="android.permission.POST_NOTIFICATIONS"/> – not referenced by any Dart or native code

Locations to update:
• android/app/src/main/AndroidManifest.xml (lines 2–18) – remove unused <uses-permission> entries
• lib/utils/services/get_current_location.dart – continue prompting for fine/coarse location at runtime when the user lands on the map screen

By stripping out unused install-time permissions and requesting only what you need when you need it, you’ll improve the user’s trust and comply with Play Store best practices.

🤖 Prompt for AI Agents 
In android/app/src/main/AndroidManifest.xml lines 2 to 18, remove all
<uses-permission> entries that are not used by the current NFT-minting flow,
specifically delete CAMERA, RECORD_AUDIO, ACCESS_BACKGROUND_LOCATION,
FOREGROUND_SERVICE, FOREGROUND_SERVICE_LOCATION, VIBRATE, WAKE_LOCK, BLUETOOTH,
REQUEST_INSTALL_PACKAGES, and POST_NOTIFICATIONS permissions. Retain only
INTERNET, ACCESS_NETWORK_STATE, READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE,
ACCESS_FINE_LOCATION, and ACCESS_COARSE_LOCATION permissions. Ensure that
high-privilege permissions are requested at runtime in the code, such as in
lib/utils/services/get_current_location.dart for location permissions.





<queries>
<package android:name="io.metamask"/>
<package android:name="com.wallet.crypto.trustapp"/>
Expand All @@ -8,7 +29,12 @@
<application
android:label="tree_planting_protocol"
android:name="${applicationName}"
android:usesCleartextTraffic="true"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Security concern: Cleartext network traffic enabled.

Enabling android:usesCleartextTraffic="true" allows the app to use unencrypted HTTP connections, which poses security risks. This should only be enabled if absolutely necessary for development or specific API requirements.

If this is needed for development, consider using build variants:

-        android:usesCleartextTraffic="true"
+        android:usesCleartextTraffic="false"

Or use network security config for specific domains if HTTP is required for certain services.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
android:usesCleartextTraffic="true"
android:usesCleartextTraffic="false"
🤖 Prompt for AI Agents 
In android/app/src/main/AndroidManifest.xml at line 32, the attribute
android:usesCleartextTraffic="true" enables unencrypted HTTP traffic, which is a
security risk. To fix this, remove or set this attribute to false unless
absolutely necessary. If needed for development, configure it only in debug
build variants or use a network security config XML to allow cleartext traffic
selectively for specific domains instead of globally.

android:icon="@mipmap/ic_launcher">
<service
android:name="com.baseflow.geolocator.GeolocatorService"
android:exported="false"
android:foregroundServiceType="location"/>
<activity
android:name=".MainActivity"
android:exported="true"
Expand Down
Binary file added assets/tree-navbar-images/logo.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-1.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-10.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-11.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-12.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-13.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-2.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-3.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-4.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-5.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-6.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-7.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-8.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/tree-navbar-images/tree-9.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading