WV-07 covers SelfClient assembly: exporting useProvingStore from the
browser entry point, mapping bridge adapters to SDK interfaces, creating
a keychain-backed DocumentsAdapter via the existing secureStorage bridge,
and wiring a real SelfClient in the webview-app provider.
WV-08 covers the tunnel proving flow: replacing the mock 3-second timer
with real provingMachine integration (register → disclose), storing
Sumsub KYC results as KycData documents in native keychain, and driving
UI from proving state transitions.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat(webview-app): add Euclid 3.0 settings sub-screens
Add SecurityScreen, NotificationPreferencesScreen, and DevModeScreen
wrappers that import Euclid 3.0 components and wire them with React
Router navigation and bridge adapters. Update SettingsScreen menu items
to navigate to real routes instead of /coming-soon.
Requires @selfxyz/euclid-web to be published with the new screen exports
(SecurityScreen, NotificationPreferencesScreen, DevModeScreen) before
type-check will pass. See docs/superpowers/plans/ for full context.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* docs: add settings integration plan and handover
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* chore: use euclid 1.2.0
* PoC tunnel flow
* updates
* update skills
---------
Co-authored-by: Tranquil-Flow <tranquil_flow@protonmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Leszek Stachowski <leszek.stachowski@self.xyz>
When CDN bundle loading lands, runtime checksum verification (SHA-256
manifest, fail-closed on mismatch) becomes a security boundary. This
adds the backlog item and context so it's picked up at the right time.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add iOS native shell package (NSL-02)
Plain Swift implementation of the WebView host with bridge handlers
for secure storage (Keychain), crypto (EC P-256), and lifecycle.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add Android native shell package (NSL-01)
Plain Kotlin implementation of the WebView host with bridge handlers
for secure storage (EncryptedSharedPreferences), crypto (Android Keystore
EC P-256), and lifecycle.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: integrate Sumsub Web SDK into ProviderLaunchScreen (WV-05)
Rewrites ProviderLaunchScreen to launch Sumsub Web SDK, adds KYC
provider types, result normalization, and a ProviderResultScreen
for displaying verification outcomes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs: update spec status for NSL-01, NSL-02, WV-05 to in-progress
All three items are code-complete but need integration testing
before marking done.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs: add build-pipeline workstream specs, update NSL-03 and BP-01 status
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add WebView bundle build pipeline (BP-01)
Build script copies webview-app dist into both native shell asset
directories. Gradle preBuild validation fails fast when bundle is
missing. Root package.json gets build:sdk-* scripts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add SDK test apps for Android and iOS (NSL-03)
Minimal test apps to exercise native shells end-to-end:
- Android: Jetpack Compose app using SelfSdk.launch() via composite build
- iOS: SwiftUI app using SelfSdk.createViewController() via local SPM dep
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* update lockfile
* fix: address CodeRabbit PR review findings for native shells
- Fix iOS double callback: add hasEmittedResult flag to LifecycleHandler
so dismiss() won't fire onCancelled after onResult already emitted
- Fix Android error result codes: use RESULT_FIRST_USER for failed
verifications instead of always RESULT_OK; add dedicated handler in
SelfSdk.handleResult
- Fix iOS production query params: append params to file URL via
URLComponents so WebView receives teeUrl/verificationId/userId
- Fix build:sdk-ios false-green: chain swift build after bundle script
- Add expectedRequestCode param to handleResult for flexibility
- Upgrade security-crypto 1.1.0-alpha06 → 1.1.0 stable
- Improve callback type safety: onSuccess takes raw JSON string,
onFailure takes SelfSdkException instead of generic Exception
- Add requireBiometric intent comments to both SecureStorageHandlers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address remaining CodeRabbit PR review findings (round 2)
- iOS BridgeResponse: add requestId/success fields, rename result→data to match JS bridge contract
- iOS test app: fix callback deallocation with Coordinator pattern
- ProviderLaunchScreen: fail closed on missing verificationId, fix retry via retryCount state
- ProviderResultScreen: guard unknown status with fallback to error config
- build-webview-bundle.sh: validate index.html before deleting targets
- Package.swift: fix SPM resource path with target path/sources
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* save chunk 1e work
* chunk 2f
* pr feedback
* fix pr feedback
* cr feedback
* remove dupe var
* feedback from cr
* add kmp:start dx helper
* save web consolidtion work for later
* add specs
* update
* pr fixes
* update reorg plan
* add coverage gaps spec
* pr feedback
* save current wip iteration
* finalize spec work
* save chunk 1e work
* chunk 2f
* pr feedback
* fix pr feedback
* cr feedback
* remove dupe var
* feedback from cr
* add kmp:start dx helper
* save web consolidtion work for later
* add specs
* update
* pr fixes
* update reorg plan
* add ios swift handlers
* Add lifecycle completion and optional relay listener
* agent feedback
* save wip
* fix compiling
* finalize feedback
* agent feedback
* fix ci
* udpate specs
* feat: implement React Native adapters for authentication, documents, and networking
- Added new adapters for authentication, document management, and network communication tailored for React Native.
- Introduced `createAuthAdapter`, `createDocumentsAdapter`, and `createNetworkAdapter` to streamline integration with React Native's capabilities.
- Updated `SelfClientProvider` to utilize the new adapter factory for improved modularity and maintainability.
- Enhanced package dependencies to include necessary libraries for secure storage and hashing.
This update enhances the SDK's functionality and prepares it for better cross-platform compatibility.
* refactor: update specs to streamline documentation and remove obsolete entries
- Removed the "Keep / Modify / Delete" section from the specs to simplify the document structure.
- Updated the remaining specifications to reflect the current architecture and integration paths, including the introduction of the new `SPEC-RN-SDK.md` for the `<SelfVerification />` RN WebView wrapper component.
- This change enhances clarity and aligns the documentation with recent architectural decisions.
* prettier
* update gitignore to include swift build paths
* update gems
* address pr feedback and pipeline errors
* agent feedback. also include follow up work items
* add spec guide rules
* add markdown files to prettier formatting and update
* add status line update spec guide
* add new specs
* formatting
* format all markdown files
* more formatting
* consolidate into overview
* update spec and template guidelines
* refactor specs
* save wip
* move status up
* feat: add biometrics and camera bridge adapters
Create biometrics adapter (authenticate, isAvailable, getBiometryType) and camera adapter (scanMRZ, isAvailable) matching the native KMP handler response shapes. Wire both into webview-app SelfClientProvider. Includes 6 new tests (50 total, all passing).
* feat: add web fallback adapters and wire in SelfClientProvider
- Create IndexedDB documents adapter and console/fetch
analytics adapter in webview-bridge (documents-web.ts,
analytics-web.ts) per Person 1 spec Section 4
- Create equivalent browser adapters in mobile-sdk-alpha
per Person 4 Chunk 4F (documents, crypto, analytics,
haptic)
- Wire web fallbacks into SelfClientProvider — documents
and analytics no longer cross the bridge
- 32 new tests across both packages, all passing
- fake-indexeddb added as devDep to both packages
* feat: remove 4 Android web-fallback handlers
- Delete DocumentsBridgeHandler (146 LOC)
- Delete CryptoBridgeHandler (177 LOC)
- Delete AnalyticsBridgeHandler (94 LOC)
- Delete HapticBridgeHandler (94 LOC)
- Remove registrations from SelfVerificationActivity
- Android now registers 5 handlers: NFC, Camera,
Biometrics, SecureStorage, Lifecycle
- Documents, crypto, analytics, and haptic are now
handled by web fallback adapters in the WebView
* style: align DocumentsBridgeHandler param extraction
Standardize iOS DocumentsBridgeHandler to use
?.jsonPrimitive?.content for parameter extraction,
matching the convention used by all other iOS handlers.
* feat: add MiniPay sample app
Create Compose Multiplatform sample app showing how
third-party integrators embed Self identity verification
via SelfSdk.launch(). Two native screens (Home, Result);
all verification logic runs in the SDK's WebView.
Shared Kotlin (commonMain):
- App.kt: NavHost with home/result navigation
- MainViewModel.kt: SDK launch + callback routing
- HomeScreen.kt: status card + "Verify Identity" button
- ResultScreen.kt: success/failure with error mapping
- Theme.kt: MiniPay-style Material 3 colors
Android:
- MainApplication.kt: SelfSdk.configure() in onCreate
- MainActivity.kt: passes SDK instance to Compose
- AndroidManifest.xml: NFC, Camera, Biometric, Internet
permissions + NFC TECH_DISCOVERED intent filter
- res/xml/nfc_tech_filter.xml: IsoDep for passport NFC
iOS Kotlin:
- MainViewController.kt: ComposeUIViewController entry
iOS Swift (iosApp/):
- iOSApp.swift: provider registration with
SdkProviderRegistry (same pattern as kmp-test-app)
- ContentView.swift: UIViewControllerRepresentable
- Xcode project with NFC/Camera entitlements
Spec deviation — single-module vs two-module:
The spec directory diagram (lines 88-120) shows a
separate androidApp/ module, but the spec's own build
config (lines 384-447) has composeApp using the
androidApplication plugin — meaning composeApp IS the
Android app. These contradict: you cannot have two
androidApplication modules. The existing kmp-test-app
uses the same single composeApp pattern. We follow the
build config + test app precedent.
Build verified on all targets:
- compileDebugKotlinAndroid: BUILD SUCCESSFUL
- compileKotlinIosArm64: BUILD SUCCESSFUL
- compileKotlinIosSimulatorArm64: BUILD SUCCESSFUL
* style: Rename webAnalyticsAdapter to consoleAnalyticsAdapter
Align web analytics adapter naming with updated spec
(specs/person1-webview/SPEC.md section 4c).
- Rename webAnalyticsAdapter → consoleAnalyticsAdapter
- Rename WebAnalyticsOptions → ConsoleAnalyticsOptions
- Update barrel export in adapters/index.ts
- Update import in SelfClientProvider.tsx
- Update all references in analytics-web.test.ts
The new name better describes the adapter's purpose: a
console-logging (+ optional HTTP endpoint) fallback for
environments without a native bridge.
Verified: webview-bridge build clean, 63/63 tests pass,
webview-app type-check clean.
* refactor: Align Person 4 adapters with updated spec
Rename haptic + fix crypto algo normalization per updated
specs/person4-sdk-core/SPEC.md (Chunk 4F).
Haptic:
- createNoOpHapticFeedback → createNoOpHapticAdapter
- Updated barrel export, re-export, and test references
Crypto:
- Replace static ALGO_MAP lookup with regex normalization:
algo.toUpperCase().replace(/^SHA(\d)/, 'SHA-$1')
- Handles all variants: sha256, SHA256, sha-256, SHA-256
- Add tests for already-hyphenated and uppercase inputs
Verified: 20/20 browser adapter tests pass, tsc clean.
* fix: resolve 7 Android device testing bugs in SDK + MiniPay
Fix issues found during physical device testing (Pixel 8
Pro) of the MiniPay sample app end-to-end flow.
SDK fixes (kmp-sdk):
- Use activityResultRegistry.register() instead of
activity.registerForActivityResult() to avoid
IllegalStateException when registering after onStart
- Replace FragmentActivity with ComponentActivity
(AndroidX 1.9.x changed the class hierarchy)
- Change SelfVerificationActivity theme to
Theme.AppCompat.NoActionBar (AppCompatActivity
requires an AppCompat theme)
- Rewrite AndroidWebViewHost to use WebViewAssetLoader
with custom PathHandler, serving bundled Vite assets
under https://appassets.androidplatform.net/ to fix
CORS, history.replaceState, and asset path resolution
- Add runtime permission requests for Camera + NFC in
SelfVerificationActivity.onCreate()
MiniPay fixes (kmp-minipay-sample):
- Create expect/actual platformLaunch to thread Android
Activity to SDK without leaking platform types into
commonMain
- Set debug = false to load bundled assets instead of
emulator dev server URL
Tested on Pixel 8 Pro: app launches, verification
WebView opens, camera scans for MRZ. Full passport
scan untested (no document available).
* feat: implement @selfxyz/rn-sdk React Native SDK
Thin <SelfVerification /> component wrapping react-native-webview
that embeds Self's identity verification flow. Bridges NFC, camera,
biometrics, keychain, and lifecycle to native via MessageRouter.
- MessageRouter: routes WebView bridge messages to domain handlers
- 5 handlers: lifecycle, biometrics, secureStorage, nfc, camera
- Platform.select asset loading (Android file://, iOS RNFS bundle)
- 59 unit tests, build + typecheck clean
- ReactNativeWebView transport detection added to webview-bridge
* fix: Remove dead code and persist verification state
Claude identified some gaps in the spec. Fixed to match:
- Delete unused onVerificationSuccess/Failure/Cancelled methods
from MainViewModel (sdkCallback handles all cases)
- Add expect/actual AppStorage (SharedPreferences / NSUserDefaults)
to persist HomeState across app restarts
- Update homeState eagerly in sdkCallback.onSuccess() so Android
system back button shows correct state on HomeScreen
* refactor: migrate webview-app from Tamagui to @selfxyz/euclid-web
Replace Tamagui + react-native-web UI framework with Self's
official euclid-web component library across all 10 screens.
Simplify Vite config, remove RN aliases, and fix country flag
emoji rendering with proper ISO 3166-1 alpha-3 to alpha-2
conversion.
- Remove tamagui, @tamagui/config, react-native-web deps
- Add @selfxyz/euclid-web and @selfxyz/euclid-core
- Rewrite 6 screens as euclid direct replacements
- Compose 4 screens from euclid primitives
- Fix fonts.css for euclid font family names
- Add shared countryFlags utility (alpha-3 → alpha-2 lookup)
- Clean up tsconfig.json and stale .tamagui cache
* fix pipeline
* formatting
* fix tests
* fix type error
* address feedback
* fix formatting
* update specs and create handoff doc for new pull request
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
Co-authored-by: Tranquil-Flow <tranquil_flow@protonmail.com>
* fix spec consistencies
* update inconsistnecies
* fix: address PR review feedback on spec inconsistencies
- Fix proof type in MiniPay sample to use String? (matching canonical
Kotlin VerificationResult), not a map
- Fix HomeState.verifiedClaims to Map<String, String> matching actual SDK
- Fix returnToHome description to not reference proof?.timestamp
- Clarify crypto domain routing: sign/generateKey/getPublicKey still use
bridge.request('crypto', ...), native handler uses secure storage
internally — key never leaves native
- Change crypto domain from "Deprecated" to "Native †" in domain catalog
- Fix Adapter Interface Mapping for CryptoAdapter.sign()
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: resolve remaining spec inconsistencies in SDK-OVERVIEW
- Update North Star constraint to include crypto signing/key-gen as
native-only (was missing after crypto domain reclassification)
- Fix status checklist: "Delete 3 handlers" not 4 — crypto domain
still routed natively for signing/key-gen
- Update iOS handler count from 3 to 4 (SecureStorage now required)
- Fix architecture diagram footnote to list SecureStorage as required
provider, remove "managed directly by host app" language
- Remove "crypto" from Swift Providers module table (no separate
CryptoProvider exists; crypto ops route through secure storage)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add crypto signing/key-gen to Design Principles native list
Aligns Design Principle #2 with the updated constraint and crypto
domain note — crypto signing stays native so keys never leave
secure storage.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address 3 review findings — claim type, regex, trust boundary
- Fix MiniPay sample comment: claims is Map<String, Any?>? (canonical
target type), not Map<String, String>?
- Fix CI guard regex: add \b word boundary to "verified" pattern so it
won't false-positive on isVerified; drop overly broad .timestamp check
- Add trust boundary statement to crypto domain note: native signing
handler signs whatever the WebView sends, which is safe only because
the Vite bundle is statically embedded at build time
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Add lifecycle completion and optional relay listener
* fix ci
* udpate specs
* feat: implement React Native adapters for authentication, documents, and networking
- Added new adapters for authentication, document management, and network communication tailored for React Native.
- Introduced `createAuthAdapter`, `createDocumentsAdapter`, and `createNetworkAdapter` to streamline integration with React Native's capabilities.
- Updated `SelfClientProvider` to utilize the new adapter factory for improved modularity and maintainability.
- Enhanced package dependencies to include necessary libraries for secure storage and hashing.
This update enhances the SDK's functionality and prepares it for better cross-platform compatibility.
* refactor: update specs to streamline documentation and remove obsolete entries
- Removed the "Keep / Modify / Delete" section from the specs to simplify the document structure.
- Updated the remaining specifications to reflect the current architecture and integration paths, including the introduction of the new `SPEC-RN-SDK.md` for the `<SelfVerification />` RN WebView wrapper component.
- This change enhances clarity and aligns the documentation with recent architectural decisions.
* prettier
* update gitignore to include swift build paths
* update gems
* address pr feedback and pipeline errors
* agent feedback. also include follow up work items
* fix ws send guard + document unresolved coderabbit review items in specs
- Add readyState guard to WsConn.send() to throw a clear error instead of
InvalidStateError when socket is not OPEN
- Fix stale abort listener leak: clean up abort handler unconditionally on
socket close, not only when caller registers onClose
- Add "Chunk 3F implementation notes" to SPEC-PERSON3-SDK-CORE for SHA
algorithm name mapping and fake-indexeddb test requirement
- Add "Spec Corrections" section to SPEC-RN-SDK documenting 5 issues
(peerDep, missing router arg, iOS source, randomUUID, RNFS) to address
during implementation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* formatting
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Introduced a new specification document for making the mobile-sdk-alpha work in a browser/WebView context.
- Updated SPEC-OVERVIEW.md to include Person 3's role in SDK Core Adaptation.
- The new spec outlines the removal of React Native dependencies from core logic, ensuring compatibility across platforms.
- Key changes include adapting platform detection, debugging configurations, and font handling for a seamless WebView experience.
* add kotlin debug app
* add specs
* first kmp sdk version
* add deploy script
* save working nfc implementation
* save demo app flow wip
* agent feedback
* show viewfinder on mrz
* save working scan
* add kotlin formatting
* remove mrz overlay
* fix expiry date
* add feedback to mrz san
* save improved nfc scanning
* save wip
* save gitignore and md state
* add logging and error handling. get iOS demo app working
* format
* add swift formatting
* enable iOS camera
* save ios mrz implementation
* nfc scanning works
* final optimizations
* add tests
* fixes
* better linting
* agent feedback
* bug fixes
* formatting
* agent feedback
* fix app breaking on run
* consolidate kotlin and swift clean up commands
* fix pipeline by installing swiftlint
* fix blurry scanning
* fix ci
---------
Co-authored-by: turnoffthiscomputer <colin.remi07@gmail.com>
