Commit Graph

17 Commits

Author SHA1 Message Date
null e7b45cc84f fix: profile photo temp dir, Firestore rules field-level lockdown (batch v0.2.10)
- Move temp profile photos to filesDir/photos/ subdirectory with mkdirs
- Update file_paths.xml to scope FileProvider to photos/ subdirectory
- Firestore rules: restrict couple doc updates to only mutable fields (streakCount, lastAnsweredAt, wrappedCoupleKey, kdfSalt, kdfParams, encryptionVersion) — prevents client from overwriting currentQuestionId, activePackId, id
2026-06-19 20:33:08 -05:00
null 30fddcc2df feat: E2EE — Tink AEAD, Argon2id KDF, recovery phrase, encrypted Firestore fields (batch v0.2.6)
- Add crypto module: CoupleKeyStore (EncryptedSharedPreferences), RecoveryKeyManager (Argon2id + AES-256-GCM key wrap), FieldEncryptor (AEAD per-field), CoupleEncryptionManager (orchestration)
- Add Tink + Bouncy Castle dependencies to build.gradle.kts, register AeadConfig in CloserApp
- Encrypt answer fields (writtenText, selectedOptionIds, scaleValue) on write, decrypt on read
- Encrypt DesireSync, HowWell, WheelAnswer, QuestionThread fields via CoupleEncryptionManager
- Generate recovery phrase during invite creation, display in CreateInviteScreen
- Add recovery phrase input to InviteConfirmScreen for encrypted invites
- Add RecoveryScreen + RecoveryViewModel for post-pairing key recovery
- Update Couple model with encryptionVersion, wrappedCoupleKey, kdfSalt, kdfParams
- Update Firestore rules: allow couple doc creation by members, fcmTokens path, encryptionVersion monotonic check, invite doc extended fields
2026-06-19 19:52:35 -05:00
null 9e587a23dd feat: update question thread data source, repository, ViewModel, and Firestore security rules 2026-06-19 03:19:58 -05:00
null eaac8ffcc9 feat: couple-scoped daily question, answer sync, partner notifications, and answer review 2026-06-18 00:18:05 -05:00
null d86a5de2a0 fix: deny client access to entitlement_events collection 2026-06-17 19:42:41 -05:00
null 19c6b4a6cb fix: real uid in bucket list, Firestore rules hardening for date plans & bucket list 2026-06-17 19:41:27 -05:00
null b049024ba9 feat: update date_plan_preferences Firestore rules to use auto-IDs 2026-06-17 19:12:14 -05:00
null 2b1238a64c feat: add Firestore rules for entitlements and notification_queue collections 2026-06-17 19:10:45 -05:00
null 557af3e546 feat(dates): add Date Builder + Bucket List — backend models, Room DAOs, Firestore sources, repositories, UI screens, ViewModels, navigation routes, Firestore rules 2026-06-17 00:05:46 -05:00
null 512a6c9f42 feat(dates): add Date Match MVP Phase 1 — swipe UI, Firestore models, 30+ seed ideas, match reveal 2026-06-16 23:30:58 -05:00
null a412247bf3 security: kimi-k2.7 review fixes — Ed25519 crypto API, Firestore rules try/catch removal, atomic idempotency, RevenueCat 8.20.0, rate limiter fix, remove plaintext fallback, tighten push wording 2026-06-16 22:42:53 -05:00
null b8b2cc68c4 security: fix webhook signature fail-open (now throws 500 on missing key), fix overly restrictive couple update rules 2026-06-16 22:11:51 -05:00
null c28ce9c58d security: restrict couple-level Firestore writes — immutable fields, owner-only messages/reactions, server-only deletes, valid state transitions 2026-06-16 21:46:56 -05:00
null bd1ea5cecd security: fix invite rules missing-doc bypass, webhook timing attack, entitlement replay protection and entitlement_id check 2026-06-16 21:45:04 -05:00
null afeb1a1a03 docs: add README, add proguard rules, Firestore entitlement checker, network security config, update build config and onboarding 2026-06-16 20:16:47 -05:00
null e42de938e7 fix: update Invite model, backup rules, and Firestore security rules 2026-06-16 19:44:28 -05:00
null 1a33d4f2b9 feat(analytics): Firebase Analytics, Crashlytics, ObservabilityModule, Firestore rules 2026-06-16 01:13:20 -05:00