From 56c0213cbe5fa6068326e16009c70c191818583c Mon Sep 17 00:00:00 2001 From: Simon McLoughlin Date: Tue, 19 Dec 2023 12:05:02 +0000 Subject: [PATCH 1/3] add security plist for researchers to know where to report issues --- Kukai Mobile.xcodeproj/project.pbxproj | 4 ++++ Kukai Mobile/security.plist | 11 +++++++++++ 2 files changed, 15 insertions(+) create mode 100644 Kukai Mobile/security.plist diff --git a/Kukai Mobile.xcodeproj/project.pbxproj b/Kukai Mobile.xcodeproj/project.pbxproj index ccb0a1bd..692cb0f3 100644 --- a/Kukai Mobile.xcodeproj/project.pbxproj +++ b/Kukai Mobile.xcodeproj/project.pbxproj @@ -240,6 +240,7 @@ C08F6913273ABD7300CCB6E3 /* SwapTokenViewModel.swift in Sources */ = {isa = PBXBuildFile; fileRef = C08F6912273ABD7300CCB6E3 /* SwapTokenViewModel.swift */; }; C08FE23A2AD4343500327BF9 /* BackupViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = C08FE2392AD4343500327BF9 /* BackupViewController.swift */; }; C090A6732B0BA1C000F50C76 /* TokenDetailsHeaderCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = C090A6722B0BA1C000F50C76 /* TokenDetailsHeaderCell.swift */; }; + C09392BF2B31BE4C0094DFC8 /* security.plist in Resources */ = {isa = PBXBuildFile; fileRef = C09392BE2B31BE4C0094DFC8 /* security.plist */; }; C095367D2A0A9284001B20C4 /* StorageService.swift in Sources */ = {isa = PBXBuildFile; fileRef = C095367C2A0A9284001B20C4 /* StorageService.swift */; }; C09536812A0A94E4001B20C4 /* LengthValidator.swift in Sources */ = {isa = PBXBuildFile; fileRef = C09536802A0A94E4001B20C4 /* LengthValidator.swift */; }; C09536832A0A9587001B20C4 /* ConfirmationValidator.swift in Sources */ = {isa = PBXBuildFile; fileRef = C09536822A0A9587001B20C4 /* ConfirmationValidator.swift */; }; @@ -642,6 +643,7 @@ C08F6912273ABD7300CCB6E3 /* SwapTokenViewModel.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SwapTokenViewModel.swift; sourceTree = ""; }; C08FE2392AD4343500327BF9 /* BackupViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BackupViewController.swift; sourceTree = ""; }; C090A6722B0BA1C000F50C76 /* TokenDetailsHeaderCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TokenDetailsHeaderCell.swift; sourceTree = ""; }; + C09392BE2B31BE4C0094DFC8 /* security.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = security.plist; sourceTree = ""; }; C095367C2A0A9284001B20C4 /* StorageService.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StorageService.swift; sourceTree = ""; }; C09536802A0A94E4001B20C4 /* LengthValidator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LengthValidator.swift; sourceTree = ""; }; C09536822A0A9587001B20C4 /* ConfirmationValidator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ConfirmationValidator.swift; sourceTree = ""; }; @@ -1354,6 +1356,7 @@ C0B03650269EE2070071ACD0 /* Info.plist */, C0B0367B269F37340071ACD0 /* ExportOptions-Beta.plist */, C0B03679269F1E450071ACD0 /* ExportOptions.plist */, + C09392BE2B31BE4C0094DFC8 /* security.plist */, C0BADFFE291554D200E78C26 /* Fonts */, C0678DC0272056A900DEF1CB /* Localization */, C049B59F26A0492600F1C5E0 /* Modules */, @@ -1740,6 +1743,7 @@ C0503657271ED88700E7A664 /* Main.storyboard in Resources */, C09860C127C3F7CB00F888AF /* EnterAddressComponent.xib in Resources */, C0678DC3272056D400DEF1CB /* Localizable.strings in Resources */, + C09392BF2B31BE4C0094DFC8 /* security.plist in Resources */, C0EA19CB29096DD200E6B40D /* CollectibleDetailNameCell.xib in Resources */, C0C7DFB829BF34ED00F60E0C /* SideMenu.storyboard in Resources */, C0EA19C129096D9400E6B40D /* CollectibleDetailImageCell.xib in Resources */, diff --git a/Kukai Mobile/security.plist b/Kukai Mobile/security.plist new file mode 100644 index 00000000..aec3447a --- /dev/null +++ b/Kukai Mobile/security.plist @@ -0,0 +1,11 @@ + + + + + Contact + security@kukai.app + Preferred-Languages + en + + + \ No newline at end of file From e70065ec8f2dab51610d8cb96e2c362333bf1f67 Mon Sep 17 00:00:00 2001 From: Simon McLoughlin Date: Wed, 20 Dec 2023 14:53:01 +0000 Subject: [PATCH 2/3] - update to latest WC2 version to fix some issues - add an app group as now required for WC2 --- Kukai Mobile.xcodeproj/project.pbxproj | 2 +- .../xcshareddata/swiftpm/Package.resolved | 10 +++++----- Kukai Mobile/Kukai Mobile.entitlements | 4 ++++ Kukai Mobile/Services/WalletConnectService.swift | 8 +++++++- 4 files changed, 17 insertions(+), 7 deletions(-) diff --git a/Kukai Mobile.xcodeproj/project.pbxproj b/Kukai Mobile.xcodeproj/project.pbxproj index 692cb0f3..4d27acdf 100644 --- a/Kukai Mobile.xcodeproj/project.pbxproj +++ b/Kukai Mobile.xcodeproj/project.pbxproj @@ -2712,7 +2712,7 @@ repositoryURL = "https://github.com/WalletConnect/WalletConnectSwiftV2"; requirement = { kind = upToNextMajorVersion; - minimumVersion = 1.9.9; + minimumVersion = 1.10.0; }; }; C07A2DEE2AEA76BF00550E32 /* XCRemoteSwiftPackageReference "Starscream" */ = { diff --git a/Kukai Mobile.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved b/Kukai Mobile.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved index be6c1131..91d44270 100644 --- a/Kukai Mobile.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved +++ b/Kukai Mobile.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved @@ -78,7 +78,7 @@ "location" : "https://github.com/kukai-wallet/kukai-core-swift", "state" : { "branch" : "develop", - "revision" : "6cb7cd0d3ad54ad28fa2320ae862a6a423a33160" + "revision" : "2190546a68b7f3815f6b3d5c26a80efae8a8e775" } }, { @@ -86,8 +86,8 @@ "kind" : "remoteSourceControl", "location" : "https://github.com/kukai-wallet/kukai-crypto-swift", "state" : { - "revision" : "c6533ce0cdbd24803358b765c5b2e570381f1087", - "version" : "1.0.14" + "revision" : "af91c5211fce941ccb6fba51629b145745b7cc12", + "version" : "1.0.16" } }, { @@ -185,8 +185,8 @@ "kind" : "remoteSourceControl", "location" : "https://github.com/WalletConnect/WalletConnectSwiftV2", "state" : { - "revision" : "58d2b49eeac5cf94432e2647b9107577c156a25c", - "version" : "1.9.9" + "revision" : "031c61bfbd4c4eed4a5cb6790152ce736a4f1fba", + "version" : "1.10.0" } }, { diff --git a/Kukai Mobile/Kukai Mobile.entitlements b/Kukai Mobile/Kukai Mobile.entitlements index 180a0383..91477e97 100644 --- a/Kukai Mobile/Kukai Mobile.entitlements +++ b/Kukai Mobile/Kukai Mobile.entitlements @@ -16,5 +16,9 @@ CloudKit + com.apple.security.application-groups + + group.app.kukai.mobile + diff --git a/Kukai Mobile/Services/WalletConnectService.swift b/Kukai Mobile/Services/WalletConnectService.swift index 8b3a6cb9..a99a678c 100644 --- a/Kukai Mobile/Services/WalletConnectService.swift +++ b/Kukai Mobile/Services/WalletConnectService.swift @@ -75,7 +75,7 @@ public class WalletConnectService { public func setup() { // Objects and metadata - Networking.configure(projectId: WalletConnectService.projectId, socketFactory: DefaultSocketFactory()) + Networking.configure(groupIdentifier: "group.app.kukai.mobile", projectId: WalletConnectService.projectId, socketFactory: DefaultSocketFactory()) Pair.configure(metadata: WalletConnectService.metadata) @@ -108,6 +108,12 @@ public class WalletConnectService { self?.didCleanAfterDelete = true }.store(in: &bag) + (Pair.instance as? PairingClient)?.pairingDeletePublisher + .receive(on: DispatchQueue.main) + .sink { data in + Logger.app.info("WC pairingDeletePublisher \(data.code), \(data.message)") + }.store(in: &bag) + Sign.instance.sessionRequestPublisher .buffer(size: 10, prefetch: .byRequest, whenFull: .dropNewest) .flatMap(maxPublishers: .max(1)) { [weak self] sessionRequest in From 47e6f03325b86decc982b602e8393956210b6d19 Mon Sep 17 00:00:00 2001 From: Simon McLoughlin Date: Wed, 20 Dec 2023 15:06:33 +0000 Subject: [PATCH 3/3] - updated CI script to contain more instructions on cert update proceedure --- .github/workflows/build-and-deploy.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index 4420abf8..9ee9aa4b 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -40,6 +40,13 @@ jobs: # Upload Base64 copies of apple certs to github following these instructions: # Note: Use app store distribution certs # https://docs.github.com/en/actions/guides/installing-an-apple-certificate-on-macos-runners-for-xcode-development + # + # Every time we update certs / profiles or they expire, we need to update the following github actions secrets + # BUILD_CERTIFICATE_BASE64 = exported distribution cert from inside Xcode account settings, copied with `base64 -i | pbcopy` + # P12_PASSWORD = whatever new password created for previous file + # BUILD_PROVISION_PROFILE_BASE64 = download "Kukai Mobile Prov Dist App Store" from app store connect, copied with `base64 -i | pbcopy` + # BUILD_PROVISION_PROFILE_BETA_BASE64 = download "Kukai Mobile Beta Prov Dist App Store" from app store connect, copied with `base64 -i | pbcopy` + # - name: Install the Apple certificate and provisioning profile run: | # create variables