Commit Graph

10 Commits

Author SHA1 Message Date
null 55ca3dce27 fix: Firestore rules hardening, recovery phrase strength, test cleanup (batch v0.2.12)
- Firestore rules: add isCouplesMember(coupleId) to question thread answer writes (prevents outsider writes)
- Firestore rules: allow currentIndex increment on same-status session updates (fixes thread progression)
- RecoveryKeyManager: PHRASE_WORD_COUNT 6→10 (~80 bits entropy)
- build.gradle.kts: exclude META-INF/versions/9/OSGI-INF/MANIFEST.MF (packaging conflict)
- .gitignore: add firebase-debug.log, firestore-debug.log
- firestore-tests: configurable emulator port via FIRESTORE_EMULATOR_PORT env var
- firestore-tests: fix invite outsider test (seed with different coupleId), fix non-starter session test (active→completed allowed), remove redundant beforeEach(seedThread), add outsider-write-denied test for thread answers
- visual-identity.md: update encryption claim gating note
2026-06-19 21:08:55 -05:00
null 3233c54ab2 feat: strict E2EE — encryption migration, Firestore rules enforcement, version 2 protocol (batch v0.2.11)
- Add CoupleAnswerMigrationDataSource: one-time per-user rewrite of all historical answer-bearing fields (daily answers, thread answers/messages, ThisOrThat, DesireSync, HowWell, Wheel) to ciphertext
- Add EncryptionUpgradeScreen + ViewModel: handles version-0→1→2 migration, recovery phrase display, partner coordination
- Add FieldEncryptorTest: round-trip, cross-couple binding, null-key, plaintext-not-leaked
- CoupleEncryptionManager: STRICT_ENCRYPTION_VERSION=2, requireAead() throws on missing key, setupLegacyCouple, pendingRecoveryPhrase/acknowledge
- CoupleKeyStore: pending recovery phrase storage/clear
- FieldEncryptor: switch from android.util.Base64 to java.util.Base64
- All data sources: use requireAead() (throws instead of silent plaintext fallback), encrypt all answer-bearing writes
- FirestoreCoupleDataSource: beginEncryptionMigration (atomic version-0→1 claim), markEncryptionMigrationComplete (per-user + version-2 promotion)
- CoupleRepositoryImpl: require wrappedKey on invite acceptance (no more optional)
- HomeScreen/ViewModel: route to EncryptionUpgradeScreen for version-0 or unmigrated version-1 couples
- Firestore rules: isCiphertext validator, isEncryptedAnswerPayload, isStartingEncryptionMigration, isCompletingOwnEncryptionMigration, isUpdatingRecoveryWrap, isUpdatingCoupleRhythm; enforce ciphertext on all answer/message writes; game collection rules (this_or_that, desire_sync, how_well, wheel) with per-user answer ownership; couple doc update split into 4 mutually exclusive paths; invite doc requires createdAt + wrappedKey fields; isImmutable uses diff().hasAny() instead of field equality
- Firestore rules tests: encryption migration scenarios, plaintext rejection, per-user answer ownership, game collection ciphertext enforcement
- firebase.json: emulator port 8180
- .gitignore: firestore-tests/node_modules
2026-06-19 20:53:52 -05:00
null 85bb8d9f69 feat: add DesireSync module with sexual_preferences questions and Room integration 2026-06-17 22:23:04 -05:00
null 6b964935d4 chore: remove functions/node_modules from git, add to .gitignore 2026-06-17 01:26:05 -05:00
null ddfe9e250a security: remove google-services.json from repo and git tracking, add to .gitignore 2026-06-16 21:47:42 -05:00
null e8274370d1 chore: add CONCERN.md to .gitignore 2026-06-16 21:32:14 -05:00
null bee617c493 chore(server): add Node.js backend with auth, questions, answers + update gitignore 2026-06-16 01:17:58 -05:00
null 5991acb283 chore(gitignore): exclude app/build/ from version control
app/build/ wasn't caught by /build pattern which only matches root dir. Removes ~200 build artifact files from tracking.
2026-06-15 21:38:39 -05:00
null 92c82e5fd4 chore: wipe RN/Expo stack, prepare for Kotlin/Compose project (batch 0.1.1) 2026-06-15 18:32:27 -05:00
null 1a1357d5c9 feat: Expo project bootstrap (v1.0.1) + untrack private docs 2026-05-13 04:21:43 -05:00