Merge branch 'CW-394-mac-auth-2' of https://github.com/cake-tech/cake_wallet into CW-565-sign-messages

.github/workflows/pr_test_build.yml

@@ -42,7 +42,7 @@ jobs:
       - name: Flutter action
         uses: subosito/flutter-action@v1
         with:
-          flutter-version: "3.13.9"
+          flutter-version: "3.19.5"
           channel: stable
 
       - name: Install package dependencies

cw_ethereum/pubspec.yaml

@@ -24,15 +24,13 @@ dependency_overrides:
     git:
       url: https://github.com/cake-tech/web3dart.git
       ref: cake
+  watcher: ^1.1.0
 
 dev_dependencies:
   flutter_test:
     sdk: flutter
   build_runner: ^2.4.7
 
-dependency_overrides:
-  watcher: ^1.1.0
-
 flutter:
   # assets:
   #   - images/a_dot_burr.jpeg

cw_evm/pubspec.yaml

@@ -38,6 +38,7 @@ dependency_overrides:
     git:
       url: https://github.com/cake-tech/ledger-flutter.git
       ref: cake
+  watcher: ^1.1.0
 
 dev_dependencies:
   flutter_test:

cw_polygon/pubspec.yaml

@@ -28,6 +28,7 @@ dependency_overrides:
     git:
       url: https://github.com/cake-tech/web3dart.git
       ref: cake
+  watcher: ^1.1.0
 
 dev_dependencies:
   flutter_test:
@@ -35,8 +36,6 @@ dev_dependencies:
   flutter_lints: ^2.0.0
   build_runner: ^2.4.7
 
-dependency_overrides:
-  watcher: ^1.1.0
 
 # For information on the generic Dart part of this file, see the
 # following page: https://dart.dev/tools/pub/pubspec

lib/core/auth_service.dart

@@ -42,12 +42,7 @@ class AuthService with Store {
   Future<void> setPassword(String password) async {
     final key = generateStoreKeyFor(key: SecretStoreKey.pinCodePassword);
     final encodedPassword = encodedPinCode(pin: password);
-    // secure storage has a weird bug on macOS, where overwriting a key doesn't work, unless
-    // we delete what's there first:
-    if (Platform.isMacOS) {
-      await secureStorage.delete(key: key);
-    }
-    await secureStorage.write(key: key, value: encodedPassword);
+    await writeSecureStorage(secureStorage, key: key, value: encodedPassword);
   }
 
   Future<bool> canAuthenticate() async {
@@ -74,7 +69,11 @@ class AuthService with Store {
 
   void saveLastAuthTime() {
     int timestamp = DateTime.now().millisecondsSinceEpoch;
-    secureStorage.write(key: SecureKey.lastAuthTimeMilliseconds, value: timestamp.toString());
+    writeSecureStorage(
+      secureStorage,
+      key: SecureKey.lastAuthTimeMilliseconds,
+      value: timestamp.toString(),
+    );
   }
 
   Future<bool> requireAuth() async {

lib/core/backup_service.dart

@@ -1,6 +1,7 @@
 import 'dart:convert';
 import 'dart:io';
 import 'dart:typed_data';
+import 'package:cake_wallet/core/secure_storage.dart';
 import 'package:cake_wallet/themes/theme_list.dart';
 import 'package:cake_wallet/utils/device_info.dart';
 import 'package:cw_core/wallet_type.dart';
@@ -275,7 +276,7 @@ class BackupService {
     if (currentTransactionPriorityKeyLegacy != null)
       await _sharedPreferences.setInt(
           PreferencesKey.currentTransactionPriorityKeyLegacy, currentTransactionPriorityKeyLegacy);
-    
+
     if (currentBitcoinElectrumSererId != null)
       await _sharedPreferences.setInt(
           PreferencesKey.currentBitcoinElectrumSererIdKey, currentBitcoinElectrumSererId);
@@ -373,16 +374,15 @@ class BackupService {
     final backupPasswordKey = generateStoreKeyFor(key: SecretStoreKey.backupPassword);
     final backupPassword = keychainJSON[backupPasswordKey] as String;
 
-    await _flutterSecureStorage.delete(key: backupPasswordKey);
-    await _flutterSecureStorage.write(key: backupPasswordKey, value: backupPassword);
+    await writeSecureStorage(_flutterSecureStorage, key: backupPasswordKey, value: backupPassword);
 
     keychainWalletsInfo.forEach((dynamic rawInfo) async {
       final info = rawInfo as Map<String, dynamic>;
       await importWalletKeychainInfo(info);
     });
 
-    await _flutterSecureStorage.delete(key: pinCodeKey);
-    await _flutterSecureStorage.write(key: pinCodeKey, value: encodedPinCode(pin: decodedPin));
+    await writeSecureStorage(_flutterSecureStorage,
+        key: pinCodeKey, value: encodedPinCode(pin: decodedPin));
 
     keychainDumpFile.deleteSync();
   }
@@ -401,16 +401,15 @@ class BackupService {
     final backupPasswordKey = generateStoreKeyFor(key: SecretStoreKey.backupPassword);
     final backupPassword = keychainJSON[backupPasswordKey] as String;
 
-    await _flutterSecureStorage.delete(key: backupPasswordKey);
-    await _flutterSecureStorage.write(key: backupPasswordKey, value: backupPassword);
+    await writeSecureStorage(_flutterSecureStorage, key: backupPasswordKey, value: backupPassword);
 
     keychainWalletsInfo.forEach((dynamic rawInfo) async {
       final info = rawInfo as Map<String, dynamic>;
       await importWalletKeychainInfo(info);
     });
 
-    await _flutterSecureStorage.delete(key: pinCodeKey);
-    await _flutterSecureStorage.write(key: pinCodeKey, value: encodedPinCode(pin: decodedPin));
+    await writeSecureStorage(_flutterSecureStorage,
+        key: pinCodeKey, value: encodedPinCode(pin: decodedPin));
 
     keychainDumpFile.deleteSync();
   }

lib/core/key_service.dart

@@ -20,8 +20,7 @@ class KeyService {
         key: SecretStoreKey.moneroWalletPassword, walletName: walletName);
     final encodedPassword = encodeWalletPassword(password: password);
 
-    await _secureStorage.delete(key: key);
-    await _secureStorage.write(key: key, value: encodedPassword);
+    await writeSecureStorage(_secureStorage, key: key, value: encodedPassword);
   }
 
   Future<void> deleteWalletPassword({required String walletName}) async {

lib/core/secure_storage.dart

@@ -1,4 +1,5 @@
 import 'dart:async';
+import 'dart:io';
 import 'package:flutter_secure_storage/flutter_secure_storage.dart';
 // For now, we can create a utility function to handle this.
 //
@@ -25,3 +26,13 @@ Future<String?> readSecureStorage(FlutterSecureStorage secureStorage, String key
 
   return result;
 }
+
+Future<void> writeSecureStorage(FlutterSecureStorage secureStorage,
+    {required String key, required String value}) async {
+  // delete the value before writing on macOS because of a weird bug
+  // https://github.com/mogol/flutter_secure_storage/issues/581
+  if (Platform.isMacOS) {
+    await secureStorage.delete(key: key);
+  }
+  await secureStorage.write(key: key, value: value);
+}

lib/entities/biometric_auth.dart

@@ -18,6 +18,7 @@ class BiometricAuth {
     bool canAuthenticate;
     try {
       canAuthenticate = await _flutterLocalAuthenticationPlugin.canAuthenticate();
+      await _flutterLocalAuthenticationPlugin.setTouchIDAuthenticationAllowableReuseDuration(0);
     } catch (error) {
       print("Exception checking support. $error");
       canAuthenticate = false;

lib/entities/fs_migration.dart

@@ -1,5 +1,6 @@
 import 'dart:io';
 import 'dart:convert';
+import 'package:cake_wallet/core/secure_storage.dart';
 import 'package:collection/collection.dart';
 import 'package:flutter_secure_storage/flutter_secure_storage.dart';
 import 'package:shared_preferences/shared_preferences.dart';
@@ -147,8 +148,8 @@ Future<void> ios_migrate_pin() async {
 
   final key = generateStoreKeyFor(key: SecretStoreKey.pinCodePassword);
   final encodedPassword = encodedPinCode(pin: pinPassword);
-  await flutterSecureStorage.delete(key: key);
-  await flutterSecureStorage.write(key: key, value: encodedPassword);
+  await writeSecureStorage(flutterSecureStorage, key: key, value: encodedPassword);
+
   await prefs.setBool('ios_migration_pin_completed', true);
 }
 

lib/entities/get_encryption_key.dart

@@ -1,3 +1,4 @@
+import 'package:cake_wallet/core/secure_storage.dart';
 import 'package:flutter_secure_storage/flutter_secure_storage.dart';
 import 'package:cw_core/cake_hive.dart';
 
@@ -10,8 +11,7 @@ Future<List<int>> getEncryptionKey(
     key = CakeHive.generateSecureKey();
     final keyStringified = key.join(',');
     String storageKey = 'transactionDescriptionsBoxKey';
-    await secureStorage.delete(key: storageKey);
-    await secureStorage.write(key: storageKey, value: keyStringified);
+    await writeSecureStorage(secureStorage, key: storageKey, value: keyStringified);
   } else {
     key = stringifiedKey.split(',').map((i) => int.parse(i)).toList();
   }

lib/src/screens/support_chat/widgets/chatwoot_widget.dart

@@ -1,5 +1,6 @@
 import 'dart:convert';
 
+import 'package:cake_wallet/core/secure_storage.dart';
 import 'package:flutter/material.dart';
 import 'package:flutter_inappwebview/flutter_inappwebview.dart';
 import 'package:flutter_secure_storage/flutter_secure_storage.dart';
@@ -58,7 +59,6 @@ class ChatwootWidgetState extends State<ChatwootWidget> {
   }
 
   Future<void> storeCookie(String value) async {
-    await widget.secureStorage.delete(key: COOKIE_KEY);
-    await widget.secureStorage.write(key: COOKIE_KEY, value: value);
+    await writeSecureStorage(widget.secureStorage, key: COOKIE_KEY, value: value);
   }
 }

lib/store/settings_store.dart

@@ -2,6 +2,7 @@ import 'dart:io';
 
 import 'package:cake_wallet/bitcoin/bitcoin.dart';
 import 'package:cake_wallet/bitcoin_cash/bitcoin_cash.dart';
+import 'package:cake_wallet/core/secure_storage.dart';
 import 'package:cake_wallet/entities/auto_generate_subaddress_status.dart';
 import 'package:cake_wallet/entities/provider_types.dart';
 import 'package:cake_wallet/entities/cake_2fa_preset_options.dart';
@@ -434,79 +435,83 @@ abstract class SettingsStoreBase with Store {
     // secure storage keys:
     reaction(
         (_) => allowBiometricalAuthentication,
-        (bool biometricalAuthentication) => secureStorage.write(
+        (bool biometricalAuthentication) => writeSecureStorage(secureStorage,
             key: SecureKey.allowBiometricalAuthenticationKey,
             value: biometricalAuthentication.toString()));
 
     reaction(
         (_) => selectedCake2FAPreset,
-        (Cake2FAPresetsOptions selectedCake2FAPreset) => secureStorage.write(
+        (Cake2FAPresetsOptions selectedCake2FAPreset) => writeSecureStorage(secureStorage,
             key: SecureKey.selectedCake2FAPreset,
             value: selectedCake2FAPreset.serialize().toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForAccessingWallet,
-        (bool requireTOTP2FAForAccessingWallet) => secureStorage.write(
+        (bool requireTOTP2FAForAccessingWallet) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForAccessingWallet,
             value: requireTOTP2FAForAccessingWallet.toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForSendsToContact,
-        (bool requireTOTP2FAForSendsToContact) => secureStorage.write(
+        (bool requireTOTP2FAForSendsToContact) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForSendsToContact,
             value: requireTOTP2FAForSendsToContact.toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForSendsToNonContact,
-        (bool requireTOTP2FAForSendsToNonContact) => secureStorage.write(
+        (bool requireTOTP2FAForSendsToNonContact) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForSendsToNonContact,
             value: requireTOTP2FAForSendsToNonContact.toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForSendsToInternalWallets,
-        (bool requireTOTP2FAForSendsToInternalWallets) => secureStorage.write(
+        (bool requireTOTP2FAForSendsToInternalWallets) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForSendsToInternalWallets,
             value: requireTOTP2FAForSendsToInternalWallets.toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForExchangesToInternalWallets,
-        (bool requireTOTP2FAForExchangesToInternalWallets) => secureStorage.write(
+        (bool requireTOTP2FAForExchangesToInternalWallets) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForExchangesToInternalWallets,
             value: requireTOTP2FAForExchangesToInternalWallets.toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForExchangesToExternalWallets,
-        (bool requireTOTP2FAForExchangesToExternalWallets) => secureStorage.write(
+        (bool requireTOTP2FAForExchangesToExternalWallets) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForExchangesToExternalWallets,
             value: requireTOTP2FAForExchangesToExternalWallets.toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForAddingContacts,
-        (bool requireTOTP2FAForAddingContacts) => secureStorage.write(
+        (bool requireTOTP2FAForAddingContacts) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForAddingContacts,
             value: requireTOTP2FAForAddingContacts.toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForCreatingNewWallets,
-        (bool requireTOTP2FAForCreatingNewWallets) => secureStorage.write(
+        (bool requireTOTP2FAForCreatingNewWallets) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForCreatingNewWallets,
             value: requireTOTP2FAForCreatingNewWallets.toString()));
 
     reaction(
         (_) => shouldRequireTOTP2FAForAllSecurityAndBackupSettings,
-        (bool requireTOTP2FAForAllSecurityAndBackupSettings) => secureStorage.write(
+        (bool requireTOTP2FAForAllSecurityAndBackupSettings) => writeSecureStorage(secureStorage,
             key: SecureKey.shouldRequireTOTP2FAForAllSecurityAndBackupSettings,
             value: requireTOTP2FAForAllSecurityAndBackupSettings.toString()));
 
-    reaction((_) => useTOTP2FA,
-        (bool use) => secureStorage.write(key: SecureKey.useTOTP2FA, value: use.toString()));
+    reaction(
+        (_) => useTOTP2FA,
+        (bool use) =>
+            writeSecureStorage(secureStorage, key: SecureKey.useTOTP2FA, value: use.toString()));
 
-    reaction((_) => totpSecretKey,
-        (String totpKey) => secureStorage.write(key: SecureKey.totpSecretKey, value: totpKey));
+    reaction(
+        (_) => totpSecretKey,
+        (String totpKey) =>
+            writeSecureStorage(secureStorage, key: SecureKey.totpSecretKey, value: totpKey));
 
     reaction(
         (_) => pinTimeOutDuration,
-        (PinCodeRequiredDuration pinCodeInterval) => secureStorage.write(
+        (PinCodeRequiredDuration pinCodeInterval) => writeSecureStorage(secureStorage,
             key: SecureKey.pinTimeOutDuration, value: pinCodeInterval.value.toString()));
 
     reaction(

lib/view_model/auth_view_model.dart

@@ -109,8 +109,9 @@ abstract class AuthViewModelBase with Store {
     final _flutterLocalAuthenticationPlugin = FlutterLocalAuthentication();
 
     try {
-      final authenticated = await _flutterLocalAuthenticationPlugin.authenticate();
-      if (!authenticated) {
+      if (await _biometricAuth.canCheckBiometrics() && await _biometricAuth.isAuthenticated()) {
+        state = ExecutedSuccessfullyState();
+      } else {
         throw Exception('Biometric authentication failed');
       }
       state = ExecutedSuccessfullyState();

lib/view_model/edit_backup_password_view_model.dart

@@ -1,3 +1,4 @@
+import 'package:cake_wallet/core/secure_storage.dart';
 import 'package:mobx/mobx.dart';
 import 'package:flutter_secure_storage/flutter_secure_storage.dart';
 import 'package:cake_wallet/entities/secret_store_key.dart';
@@ -37,8 +38,7 @@ abstract class EditBackupPasswordViewModelBase with Store {
   @action
   Future<void> save() async {
     final key = generateStoreKeyFor(key: SecretStoreKey.backupPassword);
-    await secureStorage.delete(key: key);
-    await secureStorage.write(key: key, value: backupPassword);
+    await writeSecureStorage(secureStorage, key: key, value: backupPassword);
     secretStore.write(key: key, value: backupPassword);
   }
 }

pubspec_base.yaml

@@ -34,7 +34,9 @@ dependencies:
   hive: ^2.2.3
   hive_flutter: ^1.1.0
   local_auth_android: 1.0.21
-  flutter_local_authentication: ^1.2.0
+  flutter_local_authentication:
+    git:
+      url: https://github.com/cake-tech/flutter_local_authentication
   package_info: ^2.0.0
   #package_info_plus: ^1.4.2
   devicelocale: