1.2.2: fix crash bugs and update circuit infra#10
Merged
Merged
Conversation
…ties to resolve CoreData materialization issues; update IdentityDataStore migration marker to v4
…ssport proof generation
…sed on build identifier changes
…cir and .json formats
Santiagorolas62-sudo
approved these changes
Apr 18, 2026
Santiagorolas62-sudo
approved these changes
Apr 18, 2026
Santiagorolas62-sudo
approved these changes
Apr 19, 2026
…flow in OIDC services
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
v1.2.2 covers three connected areas: biometric auth hardening, MoproProofService crash resilience, and OpenPassport circuit infrastructure groundwork.
Biometric auth —
BiometricGatekeeperandKeychainServicenow prefer.biometricsOnlypolicy with graceful passcode fallback for devices where Face ID is not enrolled. Face ID usage description added toInfo.plistto satisfy App Store review.MoproProofService stabilization — crash sentinel now uses snapshot-at-launch semantics so a past crash can't permanently disable proof generation across app versions. Auto-reset triggers when the build identifier changes, preventing stale sentinel state from blocking users after an update. Logging and error handling improved throughout the proof pipeline.
OpenPassport circuit infra — circuit file renamed from
.json→.acir(correct Aztec format). CI pre-build script no longer overwrites a bundled.acirfile, preventing silent regressions in CI. Resource lookup now falls back.acir→.jsonso existing installs aren't broken during the transition. Schema bumped to v4 to fix a CoreData materialization crash caused byArray<String>properties inIdentityEntities.🎯 Impact
IdentityDataStoreschema v4 — additive only (Array<String>columns replaced byData?). Lightweight migration; no data loss expected. Test on upgrade from 1.2.1 before ship.IdentityEntities.swift—Array<String>→Data?encoding/decoding round-trip correctnessMoproProofService.swift— crash sentinel snapshot logic; confirmlastCrashSentinelBuildIdreset path is correct on first launch after updateci_pre_xcodebuild.sh— CI no longer generates a stub.acir; confirm CI passes without itChanges
1) Biometric auth hardening
BiometricGatekeeper.swift— auth policy changed to.deviceOwnerAuthenticationWithBiometrics; falls back to.deviceOwnerAuthenticationwhen biometrics are unavailableKeychainService.swift— key creation and access control updated to match;KeychainService+Generation.swiftalignedsolidarity/Info.plist—NSFaceIDUsageDescriptionaddedMain files:
solidarity/Services/Identity/BiometricGatekeeper.swiftsolidarity/Services/Identity/KeychainService.swiftsolidarity/Info.plist2) MoproProofService crash sentinel
Three layered improvements:
a1d5806) — sentinel state is read once at app launch into an immutable snapshot; runtime proof calls can't be poisoned by a stale in-flight writee8e44a4) — sentinel is cleared whenCFBundleVersionchanges, so a crash in build N doesn't block proof generation in build N+174338d5) — structured log output at each fallback step (Mopro → Semaphore → SD-JWT); thrown errors carry contextMain files:
solidarity/Services/ZK/MoproProofService.swiftsolidarity/Services/ZK/MoproProofService+Fallbacks.swift3) OpenPassport circuit infrastructure
openpassport_disclosure.json→openpassport_disclosure.acir(correct Noir/Aztec artifact format)ci_pre_xcodebuild.sh— stub generation removed; CI will use the bundled.acirfile directly and fail fast if it's missing rather than silently falling back to a stubMoproProofService.swift— resource lookup tries.acirfirst, falls back to.jsonfor backward compatibilityPassportPipelineService.swift— updated resource referencesolidarity.xcscheme+xcschememanagement.plist— scheme committed to repo so Xcode Cloud picks it up consistentlyMain files:
ci_scripts/ci_pre_xcodebuild.shsolidarity/Services/ZK/MoproProofService.swiftsolidarity/Services/Identity/PassportPipelineService.swift4) CoreData schema v4
IdentityEntitieshad[String]properties that triggered a CoreData materialization crash on some devices. Replaced withData?(JSON-encoded internally).IdentityDataStoremigration marker bumped to v4.Main files:
solidarity/Models/IdentityEntities.swiftsolidarity/Services/Cache/IdentityDataStore.swift📝 Notes
MoproProofServicefallback chain (Mopro → Semaphore → SD-JWT) is unchanged from 1.2.1; only the crash guard logic around it changed..acir→.jsonfallback in resource lookup exists only as a safety net during the transition period; it can be removed in 1.2.3 once all CI environments are confirmed to carry.acir.NSFaceIDUsageDescriptionis required by App Store even if the app uses LocalAuthentication; omitting it causes a binary rejection at upload time.Package.resolvedchanges in this PR.