Release to Production v2.9.16 - 2026-04-06#1927
Merged
transphorm merged 24 commits intomainfrom Apr 6, 2026
Merged
Conversation
* save wip * commit * fixes
* fix: use raw bytes for KYC register circuit inputs instead of deserialize+reserialize
The deserialize→reserialize path strips the namespace prefix from
id_type, producing different bytes than what the TEE signed. This
causes EdDSA signature verification to fail in the circuit.
Use raw base64-decoded bytes directly, matching the TEE's signed data.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: use raw bytes for KYC register circuit inputs in common and new-common
The deserialize→reserialize path strips the namespace prefix from
id_type (\x05didit), producing different bytes than what the TEE
signed. This causes EdDSA signature verification to fail in the
register_kyc circuit.
Use raw base64-decoded bytes directly in both common/ and new-common/.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: use raw bytes for KYC disclose circuit inputs
Same issue as register — .toString('utf-8') corrupts bytes >= 128,
causing Num2Bits assertion failures in vc_and_disclose_kyc circuit.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: use raw bytes for KYC disclose circuit inputs in new-common
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* chore: remove dev functions from KYC registry, add upgrade module, clean up debug logs
- Remove devRemoveNullifier and devResetTree (no longer needed)
- Add upgradeKycRegistry ignition module
- Update deployed_addresses.json with new KYC registry proxy
- Remove debug logging from provingMachine
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* SELF-2484: Delegate keychain to consumer * lint * update coderabbit comments
* feat: store KYC document in keychain after receiving TEE attestation Build a KycData document from the attestation (signature, applicantInfo, pubkey) and persist it via storePassportData → keychain-backed adapter. This makes the document available for the proving machine. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: KYC document mock is always false Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * provingmachine flow with mock passport * add yarn.lock * Fix coderabbit comments * lint * update coderabbit comments * coderabbit comments * Merge branch 'dev' into feat/didit-keychain-storage * fix: reorder KYC constants declarations and fix formatting Constants were declared out of order causing "used before declaration" TS errors. Reordered to match the 295-byte layout sequentially. Also ran prettier on common package. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix proving phase handling and add delete catalog debug button - TunnelProvingScreen: use `phase !== 'disclose'` to handle completion for both passport (dsc→register→disclose) and kyc/aadhaar (register→disclose) - KeychainDebugScreen: add Delete Catalog button to clear all documents Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * coderabbit comments --------- Co-authored-by: ayman <aymanshaik1015@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…thDeduplication (#1898) KYC documents fell through to the Aadhaar qrData branch, storing empty string as metadata.data. This breaks ManageDocumentsScreen which calls deserializeApplicantInfo(metadata.data) to display KYC document names. Now correctly stores serializedApplicantInfo and idType for KYC documents.
* stitch tunnelflow screens * save wip formatting * add failure flow * stub account recovery * add tests * add spec wv-17 * prep for review * serialize * fixes * fix bug * fix dev building * fix: close Didit modal on completion, show KycPendingScreen while waiting (#1900) - Close Didit SDK modal immediately when onComplete fires - Show Euclid KycPendingScreen with animation while Socket.IO waits for TEE attestation - Replaces generic spinner for the 'In Review' waiting state Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * navigate to disclose step on restore * skip disclose confirmation screen * Update Recovery flow * Navigate to account recovery if TEE rejects it as already registered * Navigate to disclose directly if the selected document is registered * SELF-2348: Load webapp from url * update sdk-test-app * fix result from sdk * fixes? * fix build issue * fix install pipeline * carry pr feedback. fix formatting --------- Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz> Co-authored-by: Nesopie <87437291+Nesopie@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(webview): screen dimension fixes, bump euclid 1.4.0, cleanup Set WEB_SAFE_AREA top to 0 — native shell handles status bar insets edge-to-edge. Add flex wrappers to ConfirmIdentificationScreen and VerificationResultScreen so StatusState fills viewport. Bump @selfxyz/euclid and euclid-core to 1.4.0 (edge-to-edge backgrounds, responsive animations, centered text, fixed button visibility). Delete orphaned KycMockScreen replaced by TunnelKycWrapper. * fix(rn-sdk-test-app): gracefully skip pod install when Ruby < 3.2 The postinstall script requires Ruby 3.2+ and bundler 2.6.9 for CocoaPods. On macOS with system Ruby 2.6, this hard-failed yarn install for the entire monorepo. Now checks Ruby version first and skips with a message instead of failing.
* Harden native lifecycle result handling * Harden native shell lifecycle handling * fixes * commit * fixes * fix ci and pr feedback
* format and ci * fix ref * fix type * fix linting * fix build * Fix iOS escape test expectations
* KR-01: Scope KMP Android to 3-domain parity with provider delegation
Move SecureStorageProvider, CryptoProvider, and CryptoBridgeHandler to
commonMain so both platforms share the same contract. Add default Android
providers (EncryptedSharedPreferencesProvider, AndroidKeystoreCryptoProvider)
that consumers can replace via SdkProviderRegistry.
- Rewrite Android SecureStorageBridgeHandler to delegate to provider and
fix get() response shape to return { value: string | null }
- Register only 3 handlers (secureStorage, crypto, lifecycle) in Activity
- Add WebChromeClient with permission and file upload handling
- Add query param support to WebView URL loading
- Add bridge protocol version validation to MessageRouter
- Remove NFC/camera/biometric dependencies from build.gradle.kts
- Remove out-of-scope permissions from AndroidManifest.xml
- Create IosProviderRegistry for iOS-specific provider fields
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* KR-02: Scope KMP iOS to 3-domain parity with query param support
Move SecureStorageBridgeHandler to commonMain (fixes iOS get() response
shape to return { value: string | null } matching the bridge adapter).
Both Android and iOS now share the same handler via commonMain.
- Register only 3 handlers on iOS (secureStorage, crypto, lifecycle)
- Add queryParams parameter to WebViewProvider interface
- Update IosWebViewHost to forward query params from VerificationRequest
- Update WebViewProviderImpl.swift to append query params to URL
- Relax isConfigured check to only require secureStorage + crypto + webView
- Remove unused handler imports from SelfSdk.ios.kt
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* KR-03: Simplify test app to 3-domain smoke harness
Gut the MRZ/NFC-first flow from the test app and replace with a focused
3-domain smoke test screen that validates secureStorage (set/get/remove
round-trip), crypto (generateKey/getPublicKey/sign/deleteKey), and
lifecycle (validated via SDK launch flow).
- Add DomainSmokeScreen with pass/fail output per domain
- Remove MRZ/NFC navigation routes and expect/actual screen declarations
- Remove NFC/CAMERA permissions from Android manifest
- Remove camera dependency from build.gradle.kts
- Scope iOS test app to register only required providers (secureStorage,
crypto, webView)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix issues - test app
* coderabbit comments
* fix ci
* klint
* coderabbit review comments
* Enhance permission handling in AndroidWebViewHost
* fix registry
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
* Harden native lifecycle result handling * Harden native shell lifecycle handling * fixes
* Fix recovery rollback handling * Restore registration state on rollback * Restore selected document on rollback * fix(webview): clear both keys on partial rollback to prevent mnemonic/secret mismatch When restoreSnapshotBestEffort partially fails (e.g. mnemonic rollback fails but secret rollback succeeds), the stored mnemonic and private key can end up mismatched — deriving from the stored mnemonic produces a different key than what's stored. This is silent data corruption that could lock users out of recovery. Fix: when any rollback write fails, clear both keys so ensureSecret can regenerate a consistent pair from scratch. A missing pair is recoverable; a mismatched pair is not. Adds a test in restoreSecretFromMnemonic that proves the mismatch scenario and verifies both keys are cleared. * feat(new-common): add humanizeContractError utility with tests * fix: prettier formatting in secretManager test --------- Co-authored-by: Tranquil-Flow <tranquil_flow@protonmail.com>
* Add remote webview integrity checks * fixes * feedback * update tests; fix pipelines * fix ci * feat(webview): add subresource integrity (SRI) to build output The SHA-256 remote integrity check only covers the entry HTML document. Sub-resources (JS, CSS) loaded by that HTML were fetched without integrity verification, allowing a compromised CDN to swap bundles. Add a custom Vite plugin that injects SRI sha384 hashes into all script and link tags in the built index.html. The browser natively enforces these hashes, blocking any tampered sub-resources. Includes tests verifying integrity attributes are present and that hashes match the actual file contents on disk. --------- Co-authored-by: Tranquil-Flow <tranquil_flow@protonmail.com>
…1921) * test patch * test install failure * test * smarter fix * pr feedback; yarn format fixes * fix gaps * fix
* fix pipelines * fixes * fixes * pr feedback
Release to Staging v2.9.16 - 2026-04-03
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎯 Production Release
Release Date: April 06, 2026
Commits ahead: 24
This automated PR promotes tested changes from
stagingtomainfor production deployment.What's Included
All changes that have been verified in the staging environment.
Note: This PR is directly from
staging, so new commits merged tostagingwill automatically appear here.Pre-Deployment Checklist
Deployment Notes
Merging this PR will trigger production deployment.
This PR was automatically created by the Release Calendar workflow on April 06, 2026