* save chunk 1e work
* chunk 2f
* pr feedback
* fix pr feedback
* cr feedback
* remove dupe var
* feedback from cr
* add kmp:start dx helper
* save web consolidtion work for later
* add specs
* update
* pr fixes
* update reorg plan
* add coverage gaps spec
* pr feedback
* save current wip iteration
* finalize spec work
* save chunk 1e work
* chunk 2f
* pr feedback
* fix pr feedback
* cr feedback
* remove dupe var
* feedback from cr
* add kmp:start dx helper
* save web consolidtion work for later
* add specs
* update
* pr fixes
* update reorg plan
tsup wraps require() as __require() in ESM builds for externalized
modules. Metro's dependency collector only recognizes standard require()
calls, so __require() calls for .lottie assets are invisible during
bundling, causing "Unknown named module" errors at runtime.
This Babel plugin converts __require(stringLiteral) back to
require(stringLiteral) before Metro's dependency collection pass,
allowing the custom resolver to properly locate and bundle .lottie
assets from the SDK dist.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: common refactor (WIP)
* finish the rest of new-common and use new-common in circuits + contracts tests
* fix: prettier
* fix: yarn.lock
* fix: formatting
* fix: use prod urls for websocket
* fix: websocket url
* fix: remove the ||el flag
* add skipPace switch to android
* use specific commit of PRIVATE_MODULES
* bump version
* bump build to 139
* use latest passport-reader
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
* Add tmate session to debug e2e workflow
* Don't run ios e2e
* Debug wip
* Debug wip
* Debug wip
* Enhance mobile E2E workflow by adding pre-installation step for emulator dependencies. This ensures the necessary Android SDK components are available for testing, improving the reliability of the build verification process.
* Add KVM group permissions setup to mobile E2E workflow
This update introduces a step to enable KVM group permissions in the mobile E2E workflow. This change ensures that the necessary permissions are configured for KVM, enhancing the environment setup for emulator testing and improving overall build verification reliability.
* Run e2e in self-hosted runners
* Fix JVM install
* Fix JVM install
* KVM check
* Refactor KVM access check in mobile E2E workflow
This update modifies the KVM access check step to provide a warning if /dev/kvm is not found, allowing the emulator to run in software mode instead of failing the workflow. Additionally, it dynamically adjusts the emulator options based on KVM availability, improving performance and flexibility in the testing environment.
* Adding tmate for debugging
* Adding retry logc to sdkmanger install
* Changing android channel to stable
* Add installation of emulator runtime dependencies in mobile E2E workflow
This update introduces a step to install necessary runtime dependencies for the Android emulator, ensuring a smoother testing environment and improving the reliability of the mobile end-to-end testing process.
* Fix APK install command
* Update Android api
* Update android emulator version
* Add E2E test script to mobile workflow
This commit introduces a new script for running end-to-end tests on the Android emulator. The script handles app installation and execution of Maestro tests, improving the organization and readability of the workflow. The previous inline commands have been replaced with a dedicated script, enhancing maintainability and clarity in the testing process.
* fix e2e test
* improve maestro test
* try workflow again
* attempt fix
* fix
* another try
* clean up wording to reflect it's fixed
---------
Co-authored-by: Javier Cortejoso <javier.cortejoso@gmail.com>
* fix: automatically lowercase smart contract end points
To avoid getting scopeMismatch() errors which were caused by ethers.js returning checksummed addresses (mixed case, including upper case) by default. Forces to lowercase to match logic in on chain _calculateScope() function
* fix: auto lowercase for Go SDK
* chore: yarn prettier
* fix: show country nationality in view id card screen
Was showing country code, now tries to fetch the country name. If can't find, resolves back to raw country code.
* port fix over
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
* add ios swift handlers
* Add lifecycle completion and optional relay listener
* agent feedback
* save wip
* fix compiling
* finalize feedback
* agent feedback
* fix ci
* udpate specs
* feat: implement React Native adapters for authentication, documents, and networking
- Added new adapters for authentication, document management, and network communication tailored for React Native.
- Introduced `createAuthAdapter`, `createDocumentsAdapter`, and `createNetworkAdapter` to streamline integration with React Native's capabilities.
- Updated `SelfClientProvider` to utilize the new adapter factory for improved modularity and maintainability.
- Enhanced package dependencies to include necessary libraries for secure storage and hashing.
This update enhances the SDK's functionality and prepares it for better cross-platform compatibility.
* refactor: update specs to streamline documentation and remove obsolete entries
- Removed the "Keep / Modify / Delete" section from the specs to simplify the document structure.
- Updated the remaining specifications to reflect the current architecture and integration paths, including the introduction of the new `SPEC-RN-SDK.md` for the `<SelfVerification />` RN WebView wrapper component.
- This change enhances clarity and aligns the documentation with recent architectural decisions.
* prettier
* update gitignore to include swift build paths
* update gems
* address pr feedback and pipeline errors
* agent feedback. also include follow up work items
* add spec guide rules
* add markdown files to prettier formatting and update
* add status line update spec guide
* add new specs
* formatting
* format all markdown files
* more formatting
* consolidate into overview
* update spec and template guidelines
* refactor specs
* save wip
* move status up
* feat: add biometrics and camera bridge adapters
Create biometrics adapter (authenticate, isAvailable, getBiometryType) and camera adapter (scanMRZ, isAvailable) matching the native KMP handler response shapes. Wire both into webview-app SelfClientProvider. Includes 6 new tests (50 total, all passing).
* feat: add web fallback adapters and wire in SelfClientProvider
- Create IndexedDB documents adapter and console/fetch
analytics adapter in webview-bridge (documents-web.ts,
analytics-web.ts) per Person 1 spec Section 4
- Create equivalent browser adapters in mobile-sdk-alpha
per Person 4 Chunk 4F (documents, crypto, analytics,
haptic)
- Wire web fallbacks into SelfClientProvider — documents
and analytics no longer cross the bridge
- 32 new tests across both packages, all passing
- fake-indexeddb added as devDep to both packages
* feat: remove 4 Android web-fallback handlers
- Delete DocumentsBridgeHandler (146 LOC)
- Delete CryptoBridgeHandler (177 LOC)
- Delete AnalyticsBridgeHandler (94 LOC)
- Delete HapticBridgeHandler (94 LOC)
- Remove registrations from SelfVerificationActivity
- Android now registers 5 handlers: NFC, Camera,
Biometrics, SecureStorage, Lifecycle
- Documents, crypto, analytics, and haptic are now
handled by web fallback adapters in the WebView
* style: align DocumentsBridgeHandler param extraction
Standardize iOS DocumentsBridgeHandler to use
?.jsonPrimitive?.content for parameter extraction,
matching the convention used by all other iOS handlers.
* feat: add MiniPay sample app
Create Compose Multiplatform sample app showing how
third-party integrators embed Self identity verification
via SelfSdk.launch(). Two native screens (Home, Result);
all verification logic runs in the SDK's WebView.
Shared Kotlin (commonMain):
- App.kt: NavHost with home/result navigation
- MainViewModel.kt: SDK launch + callback routing
- HomeScreen.kt: status card + "Verify Identity" button
- ResultScreen.kt: success/failure with error mapping
- Theme.kt: MiniPay-style Material 3 colors
Android:
- MainApplication.kt: SelfSdk.configure() in onCreate
- MainActivity.kt: passes SDK instance to Compose
- AndroidManifest.xml: NFC, Camera, Biometric, Internet
permissions + NFC TECH_DISCOVERED intent filter
- res/xml/nfc_tech_filter.xml: IsoDep for passport NFC
iOS Kotlin:
- MainViewController.kt: ComposeUIViewController entry
iOS Swift (iosApp/):
- iOSApp.swift: provider registration with
SdkProviderRegistry (same pattern as kmp-test-app)
- ContentView.swift: UIViewControllerRepresentable
- Xcode project with NFC/Camera entitlements
Spec deviation — single-module vs two-module:
The spec directory diagram (lines 88-120) shows a
separate androidApp/ module, but the spec's own build
config (lines 384-447) has composeApp using the
androidApplication plugin — meaning composeApp IS the
Android app. These contradict: you cannot have two
androidApplication modules. The existing kmp-test-app
uses the same single composeApp pattern. We follow the
build config + test app precedent.
Build verified on all targets:
- compileDebugKotlinAndroid: BUILD SUCCESSFUL
- compileKotlinIosArm64: BUILD SUCCESSFUL
- compileKotlinIosSimulatorArm64: BUILD SUCCESSFUL
* style: Rename webAnalyticsAdapter to consoleAnalyticsAdapter
Align web analytics adapter naming with updated spec
(specs/person1-webview/SPEC.md section 4c).
- Rename webAnalyticsAdapter → consoleAnalyticsAdapter
- Rename WebAnalyticsOptions → ConsoleAnalyticsOptions
- Update barrel export in adapters/index.ts
- Update import in SelfClientProvider.tsx
- Update all references in analytics-web.test.ts
The new name better describes the adapter's purpose: a
console-logging (+ optional HTTP endpoint) fallback for
environments without a native bridge.
Verified: webview-bridge build clean, 63/63 tests pass,
webview-app type-check clean.
* refactor: Align Person 4 adapters with updated spec
Rename haptic + fix crypto algo normalization per updated
specs/person4-sdk-core/SPEC.md (Chunk 4F).
Haptic:
- createNoOpHapticFeedback → createNoOpHapticAdapter
- Updated barrel export, re-export, and test references
Crypto:
- Replace static ALGO_MAP lookup with regex normalization:
algo.toUpperCase().replace(/^SHA(\d)/, 'SHA-$1')
- Handles all variants: sha256, SHA256, sha-256, SHA-256
- Add tests for already-hyphenated and uppercase inputs
Verified: 20/20 browser adapter tests pass, tsc clean.
* fix: resolve 7 Android device testing bugs in SDK + MiniPay
Fix issues found during physical device testing (Pixel 8
Pro) of the MiniPay sample app end-to-end flow.
SDK fixes (kmp-sdk):
- Use activityResultRegistry.register() instead of
activity.registerForActivityResult() to avoid
IllegalStateException when registering after onStart
- Replace FragmentActivity with ComponentActivity
(AndroidX 1.9.x changed the class hierarchy)
- Change SelfVerificationActivity theme to
Theme.AppCompat.NoActionBar (AppCompatActivity
requires an AppCompat theme)
- Rewrite AndroidWebViewHost to use WebViewAssetLoader
with custom PathHandler, serving bundled Vite assets
under https://appassets.androidplatform.net/ to fix
CORS, history.replaceState, and asset path resolution
- Add runtime permission requests for Camera + NFC in
SelfVerificationActivity.onCreate()
MiniPay fixes (kmp-minipay-sample):
- Create expect/actual platformLaunch to thread Android
Activity to SDK without leaking platform types into
commonMain
- Set debug = false to load bundled assets instead of
emulator dev server URL
Tested on Pixel 8 Pro: app launches, verification
WebView opens, camera scans for MRZ. Full passport
scan untested (no document available).
* feat: implement @selfxyz/rn-sdk React Native SDK
Thin <SelfVerification /> component wrapping react-native-webview
that embeds Self's identity verification flow. Bridges NFC, camera,
biometrics, keychain, and lifecycle to native via MessageRouter.
- MessageRouter: routes WebView bridge messages to domain handlers
- 5 handlers: lifecycle, biometrics, secureStorage, nfc, camera
- Platform.select asset loading (Android file://, iOS RNFS bundle)
- 59 unit tests, build + typecheck clean
- ReactNativeWebView transport detection added to webview-bridge
* fix: Remove dead code and persist verification state
Claude identified some gaps in the spec. Fixed to match:
- Delete unused onVerificationSuccess/Failure/Cancelled methods
from MainViewModel (sdkCallback handles all cases)
- Add expect/actual AppStorage (SharedPreferences / NSUserDefaults)
to persist HomeState across app restarts
- Update homeState eagerly in sdkCallback.onSuccess() so Android
system back button shows correct state on HomeScreen
* refactor: migrate webview-app from Tamagui to @selfxyz/euclid-web
Replace Tamagui + react-native-web UI framework with Self's
official euclid-web component library across all 10 screens.
Simplify Vite config, remove RN aliases, and fix country flag
emoji rendering with proper ISO 3166-1 alpha-3 to alpha-2
conversion.
- Remove tamagui, @tamagui/config, react-native-web deps
- Add @selfxyz/euclid-web and @selfxyz/euclid-core
- Rewrite 6 screens as euclid direct replacements
- Compose 4 screens from euclid primitives
- Fix fonts.css for euclid font family names
- Add shared countryFlags utility (alpha-3 → alpha-2 lookup)
- Clean up tsconfig.json and stale .tamagui cache
* fix pipeline
* formatting
* fix tests
* fix type error
* address feedback
* fix formatting
* update specs and create handoff doc for new pull request
---------
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
Co-authored-by: Tranquil-Flow <tranquil_flow@protonmail.com>
* fix spec consistencies
* update inconsistnecies
* fix: address PR review feedback on spec inconsistencies
- Fix proof type in MiniPay sample to use String? (matching canonical
Kotlin VerificationResult), not a map
- Fix HomeState.verifiedClaims to Map<String, String> matching actual SDK
- Fix returnToHome description to not reference proof?.timestamp
- Clarify crypto domain routing: sign/generateKey/getPublicKey still use
bridge.request('crypto', ...), native handler uses secure storage
internally — key never leaves native
- Change crypto domain from "Deprecated" to "Native †" in domain catalog
- Fix Adapter Interface Mapping for CryptoAdapter.sign()
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: resolve remaining spec inconsistencies in SDK-OVERVIEW
- Update North Star constraint to include crypto signing/key-gen as
native-only (was missing after crypto domain reclassification)
- Fix status checklist: "Delete 3 handlers" not 4 — crypto domain
still routed natively for signing/key-gen
- Update iOS handler count from 3 to 4 (SecureStorage now required)
- Fix architecture diagram footnote to list SecureStorage as required
provider, remove "managed directly by host app" language
- Remove "crypto" from Swift Providers module table (no separate
CryptoProvider exists; crypto ops route through secure storage)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add crypto signing/key-gen to Design Principles native list
Aligns Design Principle #2 with the updated constraint and crypto
domain note — crypto signing stays native so keys never leave
secure storage.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address 3 review findings — claim type, regex, trust boundary
- Fix MiniPay sample comment: claims is Map<String, Any?>? (canonical
target type), not Map<String, String>?
- Fix CI guard regex: add \b word boundary to "verified" pattern so it
won't false-positive on isVerified; drop overly broad .timestamp check
- Add trust boundary statement to crypto domain note: native signing
handler signs whatever the WebView sends, which is safe only because
the Vite bundle is statically embedded at build time
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
