* save chunk 1e work
* chunk 2f
* pr feedback
* fix pr feedback
* cr feedback
* remove dupe var
* feedback from cr
* add kmp:start dx helper
* save web consolidtion work for later
* add specs
* update
* pr fixes
* update reorg plan
* add coverage gaps spec
* pr feedback
* save current wip iteration
* finalize spec work
* save chunk 1e work
* chunk 2f
* pr feedback
* fix pr feedback
* cr feedback
* remove dupe var
* feedback from cr
* add kmp:start dx helper
* save web consolidtion work for later
* add specs
* update
* pr fixes
* update reorg plan
tsup wraps require() as __require() in ESM builds for externalized
modules. Metro's dependency collector only recognizes standard require()
calls, so __require() calls for .lottie assets are invisible during
bundling, causing "Unknown named module" errors at runtime.
This Babel plugin converts __require(stringLiteral) back to
require(stringLiteral) before Metro's dependency collection pass,
allowing the custom resolver to properly locate and bundle .lottie
assets from the SDK dist.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: common refactor (WIP)
* finish the rest of new-common and use new-common in circuits + contracts tests
* fix: prettier
* fix: yarn.lock
* fix: formatting
* fix: use prod urls for websocket
* fix: websocket url
* fix: remove the ||el flag
* add skipPace switch to android
* use specific commit of PRIVATE_MODULES
* bump version
* bump build to 139
* use latest passport-reader
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
* Add tmate session to debug e2e workflow
* Don't run ios e2e
* Debug wip
* Debug wip
* Debug wip
* Enhance mobile E2E workflow by adding pre-installation step for emulator dependencies. This ensures the necessary Android SDK components are available for testing, improving the reliability of the build verification process.
* Add KVM group permissions setup to mobile E2E workflow
This update introduces a step to enable KVM group permissions in the mobile E2E workflow. This change ensures that the necessary permissions are configured for KVM, enhancing the environment setup for emulator testing and improving overall build verification reliability.
* Run e2e in self-hosted runners
* Fix JVM install
* Fix JVM install
* KVM check
* Refactor KVM access check in mobile E2E workflow
This update modifies the KVM access check step to provide a warning if /dev/kvm is not found, allowing the emulator to run in software mode instead of failing the workflow. Additionally, it dynamically adjusts the emulator options based on KVM availability, improving performance and flexibility in the testing environment.
* Adding tmate for debugging
* Adding retry logc to sdkmanger install
* Changing android channel to stable
* Add installation of emulator runtime dependencies in mobile E2E workflow
This update introduces a step to install necessary runtime dependencies for the Android emulator, ensuring a smoother testing environment and improving the reliability of the mobile end-to-end testing process.
* Fix APK install command
* Update Android api
* Update android emulator version
* Add E2E test script to mobile workflow
This commit introduces a new script for running end-to-end tests on the Android emulator. The script handles app installation and execution of Maestro tests, improving the organization and readability of the workflow. The previous inline commands have been replaced with a dedicated script, enhancing maintainability and clarity in the testing process.
* fix e2e test
* improve maestro test
* try workflow again
* attempt fix
* fix
* another try
* clean up wording to reflect it's fixed
---------
Co-authored-by: Javier Cortejoso <javier.cortejoso@gmail.com>
* fix: automatically lowercase smart contract end points
To avoid getting scopeMismatch() errors which were caused by ethers.js returning checksummed addresses (mixed case, including upper case) by default. Forces to lowercase to match logic in on chain _calculateScope() function
* fix: auto lowercase for Go SDK
* chore: yarn prettier
* fix: show country nationality in view id card screen
Was showing country code, now tries to fetch the country name. If can't find, resolves back to raw country code.
* port fix over
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
* add ios swift handlers
* Add lifecycle completion and optional relay listener
* agent feedback
* save wip
* fix compiling
* finalize feedback
* agent feedback
* fix ci
* udpate specs
* feat: implement React Native adapters for authentication, documents, and networking
- Added new adapters for authentication, document management, and network communication tailored for React Native.
- Introduced `createAuthAdapter`, `createDocumentsAdapter`, and `createNetworkAdapter` to streamline integration with React Native's capabilities.
- Updated `SelfClientProvider` to utilize the new adapter factory for improved modularity and maintainability.
- Enhanced package dependencies to include necessary libraries for secure storage and hashing.
This update enhances the SDK's functionality and prepares it for better cross-platform compatibility.
* refactor: update specs to streamline documentation and remove obsolete entries
- Removed the "Keep / Modify / Delete" section from the specs to simplify the document structure.
- Updated the remaining specifications to reflect the current architecture and integration paths, including the introduction of the new `SPEC-RN-SDK.md` for the `<SelfVerification />` RN WebView wrapper component.
- This change enhances clarity and aligns the documentation with recent architectural decisions.
* prettier
* update gitignore to include swift build paths
* update gems
* address pr feedback and pipeline errors
* agent feedback. also include follow up work items
* add spec guide rules
* add markdown files to prettier formatting and update
* add status line update spec guide
* add new specs
* formatting
* format all markdown files
* more formatting
* consolidate into overview
* update spec and template guidelines
* refactor specs
* save wip
* move status up
* feat: add biometrics and camera bridge adapters
Create biometrics adapter (authenticate, isAvailable, getBiometryType) and camera adapter (scanMRZ, isAvailable) matching the native KMP handler response shapes. Wire both into webview-app SelfClientProvider. Includes 6 new tests (50 total, all passing).
* feat: add web fallback adapters and wire in SelfClientProvider
- Create IndexedDB documents adapter and console/fetch
analytics adapter in webview-bridge (documents-web.ts,
analytics-web.ts) per Person 1 spec Section 4
- Create equivalent browser adapters in mobile-sdk-alpha
per Person 4 Chunk 4F (documents, crypto, analytics,
haptic)
- Wire web fallbacks into SelfClientProvider — documents
and analytics no longer cross the bridge
- 32 new tests across both packages, all passing
- fake-indexeddb added as devDep to both packages
* feat: remove 4 Android web-fallback handlers
- Delete DocumentsBridgeHandler (146 LOC)
- Delete CryptoBridgeHandler (177 LOC)
- Delete AnalyticsBridgeHandler (94 LOC)
- Delete HapticBridgeHandler (94 LOC)
- Remove registrations from SelfVerificationActivity
- Android now registers 5 handlers: NFC, Camera,
Biometrics, SecureStorage, Lifecycle
- Documents, crypto, analytics, and haptic are now
handled by web fallback adapters in the WebView
* style: align DocumentsBridgeHandler param extraction
Standardize iOS DocumentsBridgeHandler to use
?.jsonPrimitive?.content for parameter extraction,
matching the convention used by all other iOS handlers.
* feat: add MiniPay sample app
Create Compose Multiplatform sample app showing how
third-party integrators embed Self identity verification
via SelfSdk.launch(). Two native screens (Home, Result);
all verification logic runs in the SDK's WebView.
Shared Kotlin (commonMain):
- App.kt: NavHost with home/result navigation
- MainViewModel.kt: SDK launch + callback routing
- HomeScreen.kt: status card + "Verify Identity" button
- ResultScreen.kt: success/failure with error mapping
- Theme.kt: MiniPay-style Material 3 colors
Android:
- MainApplication.kt: SelfSdk.configure() in onCreate
- MainActivity.kt: passes SDK instance to Compose
- AndroidManifest.xml: NFC, Camera, Biometric, Internet
permissions + NFC TECH_DISCOVERED intent filter
- res/xml/nfc_tech_filter.xml: IsoDep for passport NFC
iOS Kotlin:
- MainViewController.kt: ComposeUIViewController entry
iOS Swift (iosApp/):
- iOSApp.swift: provider registration with
SdkProviderRegistry (same pattern as kmp-test-app)
- ContentView.swift: UIViewControllerRepresentable
- Xcode project with NFC/Camera entitlements
Spec deviation — single-module vs two-module:
The spec directory diagram (lines 88-120) shows a
separate androidApp/ module, but the spec's own build
config (lines 384-447) has composeApp using the
androidApplication plugin — meaning composeApp IS the
Android app. These contradict: you cannot have two
androidApplication modules. The existing kmp-test-app
uses the same single composeApp pattern. We follow the
build config + test app precedent.
Build verified on all targets:
- compileDebugKotlinAndroid: BUILD SUCCESSFUL
- compileKotlinIosArm64: BUILD SUCCESSFUL
- compileKotlinIosSimulatorArm64: BUILD SUCCESSFUL
* style: Rename webAnalyticsAdapter to consoleAnalyticsAdapter
Align web analytics adapter naming with updated spec
(specs/person1-webview/SPEC.md section 4c).
- Rename webAnalyticsAdapter → consoleAnalyticsAdapter
- Rename WebAnalyticsOptions → ConsoleAnalyticsOptions
- Update barrel export in adapters/index.ts
- Update import in SelfClientProvider.tsx
- Update all references in analytics-web.test.ts
The new name better describes the adapter's purpose: a
console-logging (+ optional HTTP endpoint) fallback for
environments without a native bridge.
Verified: webview-bridge build clean, 63/63 tests pass,
webview-app type-check clean.
* refactor: Align Person 4 adapters with updated spec
Rename haptic + fix crypto algo normalization per updated
specs/person4-sdk-core/SPEC.md (Chunk 4F).
Haptic:
- createNoOpHapticFeedback → createNoOpHapticAdapter
- Updated barrel export, re-export, and test references
Crypto:
- Replace static ALGO_MAP lookup with regex normalization:
algo.toUpperCase().replace(/^SHA(\d)/, 'SHA-$1')
- Handles all variants: sha256, SHA256, sha-256, SHA-256
- Add tests for already-hyphenated and uppercase inputs
Verified: 20/20 browser adapter tests pass, tsc clean.
* fix: resolve 7 Android device testing bugs in SDK + MiniPay
Fix issues found during physical device testing (Pixel 8
Pro) of the MiniPay sample app end-to-end flow.
SDK fixes (kmp-sdk):
- Use activityResultRegistry.register() instead of
activity.registerForActivityResult() to avoid
IllegalStateException when registering after onStart
- Replace FragmentActivity with ComponentActivity
(AndroidX 1.9.x changed the class hierarchy)
- Change SelfVerificationActivity theme to
Theme.AppCompat.NoActionBar (AppCompatActivity
requires an AppCompat theme)
- Rewrite AndroidWebViewHost to use WebViewAssetLoader
with custom PathHandler, serving bundled Vite assets
under https://appassets.androidplatform.net/ to fix
CORS, history.replaceState, and asset path resolution
- Add runtime permission requests for Camera + NFC in
SelfVerificationActivity.onCreate()
MiniPay fixes (kmp-minipay-sample):
- Create expect/actual platformLaunch to thread Android
Activity to SDK without leaking platform types into
commonMain
- Set debug = false to load bundled assets instead of
emulator dev server URL
Tested on Pixel 8 Pro: app launches, verification
WebView opens, camera scans for MRZ. Full passport
scan untested (no document available).
* feat: implement @selfxyz/rn-sdk React Native SDK
Thin <SelfVerification /> component wrapping react-native-webview
that embeds Self's identity verification flow. Bridges NFC, camera,
biometrics, keychain, and lifecycle to native via MessageRouter.
- MessageRouter: routes WebView bridge messages to domain handlers
- 5 handlers: lifecycle, biometrics, secureStorage, nfc, camera
- Platform.select asset loading (Android file://, iOS RNFS bundle)
- 59 unit tests, build + typecheck clean
- ReactNativeWebView transport detection added to webview-bridge
* fix: Remove dead code and persist verification state
Claude identified some gaps in the spec. Fixed to match:
- Delete unused onVerificationSuccess/Failure/Cancelled methods
from MainViewModel (sdkCallback handles all cases)
- Add expect/actual AppStorage (SharedPreferences / NSUserDefaults)
to persist HomeState across app restarts
- Update homeState eagerly in sdkCallback.onSuccess() so Android
system back button shows correct state on HomeScreen
* refactor: migrate webview-app from Tamagui to @selfxyz/euclid-web
Replace Tamagui + react-native-web UI framework with Self's
official euclid-web component library across all 10 screens.
Simplify Vite config, remove RN aliases, and fix country flag
emoji rendering with proper ISO 3166-1 alpha-3 to alpha-2
conversion.
- Remove tamagui, @tamagui/config, react-native-web deps
- Add @selfxyz/euclid-web and @selfxyz/euclid-core
- Rewrite 6 screens as euclid direct replacements
- Compose 4 screens from euclid primitives
- Fix fonts.css for euclid font family names
- Add shared countryFlags utility (alpha-3 → alpha-2 lookup)
- Clean up tsconfig.json and stale .tamagui cache
* fix pipeline
* formatting
* fix tests
* fix type error
* address feedback
* fix formatting
* update specs and create handoff doc for new pull request
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
Co-authored-by: Tranquil-Flow <tranquil_flow@protonmail.com>
* fix spec consistencies
* update inconsistnecies
* fix: address PR review feedback on spec inconsistencies
- Fix proof type in MiniPay sample to use String? (matching canonical
Kotlin VerificationResult), not a map
- Fix HomeState.verifiedClaims to Map<String, String> matching actual SDK
- Fix returnToHome description to not reference proof?.timestamp
- Clarify crypto domain routing: sign/generateKey/getPublicKey still use
bridge.request('crypto', ...), native handler uses secure storage
internally — key never leaves native
- Change crypto domain from "Deprecated" to "Native †" in domain catalog
- Fix Adapter Interface Mapping for CryptoAdapter.sign()
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: resolve remaining spec inconsistencies in SDK-OVERVIEW
- Update North Star constraint to include crypto signing/key-gen as
native-only (was missing after crypto domain reclassification)
- Fix status checklist: "Delete 3 handlers" not 4 — crypto domain
still routed natively for signing/key-gen
- Update iOS handler count from 3 to 4 (SecureStorage now required)
- Fix architecture diagram footnote to list SecureStorage as required
provider, remove "managed directly by host app" language
- Remove "crypto" from Swift Providers module table (no separate
CryptoProvider exists; crypto ops route through secure storage)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add crypto signing/key-gen to Design Principles native list
Aligns Design Principle #2 with the updated constraint and crypto
domain note — crypto signing stays native so keys never leave
secure storage.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address 3 review findings — claim type, regex, trust boundary
- Fix MiniPay sample comment: claims is Map<String, Any?>? (canonical
target type), not Map<String, String>?
- Fix CI guard regex: add \b word boundary to "verified" pattern so it
won't false-positive on isVerified; drop overly broad .timestamp check
- Add trust boundary statement to crypto domain note: native signing
handler signs whatever the WebView sends, which is safe only because
the Vite bundle is statically embedded at build time
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Add lifecycle completion and optional relay listener
* fix ci
* udpate specs
* feat: implement React Native adapters for authentication, documents, and networking
- Added new adapters for authentication, document management, and network communication tailored for React Native.
- Introduced `createAuthAdapter`, `createDocumentsAdapter`, and `createNetworkAdapter` to streamline integration with React Native's capabilities.
- Updated `SelfClientProvider` to utilize the new adapter factory for improved modularity and maintainability.
- Enhanced package dependencies to include necessary libraries for secure storage and hashing.
This update enhances the SDK's functionality and prepares it for better cross-platform compatibility.
* refactor: update specs to streamline documentation and remove obsolete entries
- Removed the "Keep / Modify / Delete" section from the specs to simplify the document structure.
- Updated the remaining specifications to reflect the current architecture and integration paths, including the introduction of the new `SPEC-RN-SDK.md` for the `<SelfVerification />` RN WebView wrapper component.
- This change enhances clarity and aligns the documentation with recent architectural decisions.
* prettier
* update gitignore to include swift build paths
* update gems
* address pr feedback and pipeline errors
* agent feedback. also include follow up work items
* fix ws send guard + document unresolved coderabbit review items in specs
- Add readyState guard to WsConn.send() to throw a clear error instead of
InvalidStateError when socket is not OPEN
- Fix stale abort listener leak: clean up abort handler unconditionally on
socket close, not only when caller registers onClose
- Add "Chunk 3F implementation notes" to SPEC-PERSON3-SDK-CORE for SHA
algorithm name mapping and fake-indexeddb test requirement
- Add "Spec Corrections" section to SPEC-RN-SDK documenting 5 issues
(peerDep, missing router arg, iOS source, randomUUID, RNFS) to address
during implementation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* formatting
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Claude noticed some stuff to clean up in previous day's code.
* fix: add missing uuid dep, fix redundant ternary, register DINOT-Bold
- Add uuid as direct dependency instead of relying on hoisting
- Remove redundant success ternary in VerificationResultScreen
- Fix ComingSoonScreen to match documentType codes from IDSelectionScreen
- Register DINOT-Bold font family in Tamagui config
* chore: unpushed fixes
* chore: force CI
The kmp-sdk requires Android SDK + Gradle which aren't available in
Codex/CI environments. Exclude it from `yarn build` like contracts
and circuits already are.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace assert() with assertTrue() in MrzKeyUtilsTest to avoid
ExperimentalNativeApi opt-in requirement on Kotlin/Native. Also
gitignore the copyWebViewAssets build artifact (shared/src/main/).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Introduced a new specification document for making the mobile-sdk-alpha work in a browser/WebView context.
- Updated SPEC-OVERVIEW.md to include Person 3's role in SDK Core Adaptation.
- The new spec outlines the removal of React Native dependencies from core logic, ensuring compatibility across platforms.
- Key changes include adapting platform detection, debugging configurations, and font handling for a seamless WebView experience.
* chore: simplify npm publish workflow by removing NPM token checks
- Removed redundant checks for NPM_TOKEN before publishing packages to npm.
- Updated publish result messages to reflect the use of Trusted Publishers (OIDC) for package publishing.
- Streamlined the workflow for better clarity and efficiency.
* chore: update npm publish workflow to use ubuntu-slim
- Changed the runner from 'ubuntu-latest' to 'ubuntu-slim' for improved efficiency and reduced resource usage during the npm publish process.
* chore: enhance npm publish workflow with dry run option
- Added a 'dry_run' input to the npm publish workflow to validate authentication and Trusted Publishers without uploading packages.
- Updated publish result messages to indicate when a dry run is completed, improving feedback during the publishing process.
* chore: refine npm publish workflow by removing strict mode input
- Eliminated the 'strict_mode' input from the npm publish workflow to simplify the process.
- Removed associated error handling comments and environment variable for stricter publish mode.
- Streamlined the workflow for improved clarity and efficiency during package publishing.
* chore: update npm publish workflow to use npx for publishing
- Replaced `yarn npm publish` with `npx npm@latest publish` to ensure the latest npm CLI is used for package publishing.
- Removed unnecessary `yarn config set npmPublishAccess` commands to streamline the workflow.
- Maintained the existing dry run functionality for testing without actual publishing.
* chore: enhance npm publish workflow to include version tagging
- Updated the npm publish workflow to dynamically determine the package version and apply a beta tag for pre-release versions.
- This change ensures that the correct versioning is maintained during the publishing process, improving clarity for users regarding package stability.
- Retained existing dry run functionality for testing without actual publishing.
* chore: remove npm publish command from package.json files
- Eliminated the `publish` script from multiple package.json files across contracts, sdk/core, sdk/qrcode, and sdk/qrcode-angular.
- This change streamlines the package management process by removing unnecessary publish commands, ensuring a cleaner configuration for future development.
* Temporary bump versions for check package publishing
* Revert "Temporary bump versions for check package publishing"
This reverts commit 180f5d538a.
* chore: add version check before npm publishing
- Implemented a version check in the npm publish workflow to prevent publishing of already published package versions.
- This enhancement ensures that developers are notified to bump the version in package.json if the version is already published, improving the publishing process and reducing errors.
* chore: improve npm publish workflow with enhanced outcome handling
- Updated the npm publish workflow to include detailed outcome handling for publish results, including checks for version publication status and improved messaging for skipped or failed publishes.
- This enhancement provides clearer feedback to developers regarding the publishing process, ensuring they are informed about the status of their package versions and necessary actions to take.
* chore: update npm publish workflow to include yarn packing for workspace resolution
- Added steps to pack each workspace using `yarn pack` before publishing to npm, ensuring that the correct package is published from each directory.
- This change resolves issues related to workspace protocol and improves the reliability of the publishing process across multiple packages.
* chore: simplify npm publish workflow by removing version check step
- Removed the version check for publish-msdk, as it did not work for private packages.
- Updated outcome handling to ensure clear messaging for skipped publishes without the version check dependency, improving overall workflow clarity.
* add kotlin debug app
* add specs
* first kmp sdk version
* add deploy script
* save working nfc implementation
* save demo app flow wip
* agent feedback
* show viewfinder on mrz
* save working scan
* add kotlin formatting
* remove mrz overlay
* fix expiry date
* add feedback to mrz san
* save improved nfc scanning
* save wip
* save gitignore and md state
* add logging and error handling. get iOS demo app working
* format
* add swift formatting
* enable iOS camera
* save ios mrz implementation
* nfc scanning works
* final optimizations
* add tests
* fixes
* better linting
* agent feedback
* bug fixes
* formatting
* agent feedback
* fix app breaking on run
* consolidate kotlin and swift clean up commands
* fix pipeline by installing swiftlint
* fix blurry scanning
* fix ci
---------
Co-authored-by: turnoffthiscomputer <colin.remi07@gmail.com>
