Paths

Table of Contentst

Differential D12899

[Cashtab] Deprecate biometric authentication
ClosedPublic
Actions

Authored by bytesofman on Dec 15 2022, 18:49.

Tags

None

Subscribers

Details

Reviewers

Group Reviewers

Restricted Project

Commits

rABC45ad3cc89c48: [Cashtab] Deprecate biometric authentication

Summary

T2881

Deprecate biometric authentication. The feature does not persist through Cashtab state change (i.e. a hard refresh). The feature would be technically complex to support through local storage, which is also not 100% reliable in a web app as it depends on the browser.

These gaps make the feature more a security threat vector than a security feature. It is only able to lock the app using the same lock a user has set on their phone. This redundant lock (that sometimes disables itself) should be deprecated.

Test Plan

npm start
App works fine
Settings page does not display lock setting
npm run build
netlify deploy
Test on mobile with app that was previously set to auth on -- should load with auth off, no issues
Test on mobile with app that was previously set to auth off -- should load with auth off, no issues

Diff Detail

Repository

rABC Bitcoin ABC

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

bytesofman created this revision.Dec 15 2022, 18:49

Herald added a reviewer: Restricted Project. · View Herald TranscriptDec 15 2022, 18:49

bytesofman requested review of this revision.Dec 15 2022, 18:49

Harbormaster completed remote builds in B21601: Diff 37327.Dec 15 2022, 18:52

Tested all ok on iOS and Android however I did a comparison with the genesis biometric diff D10443 and found some other elements for removal in the interest of reducing unnecessary resources that were only used for biometric purposes (I have grep'ed these to verify):

assets/fingerprint-solid.svg
theme.buttons.primary.disabledOverlay
theme.buttons.secondary.disabledOverlay
utils/convertArrBuffBase64.js

This revision now requires changes to proceed.Dec 16 2022, 12:31

Will keep this tabled for now.

IMO the feature is mostly security theater. However, some users do seem to like it, and there are niche applications.

responding to feedback + rebase

Harbormaster completed remote builds in B21674: Diff 37428.Dec 26 2022, 17:44

verified via https://1167.netlify.app/#/wallet

This revision is now accepted and ready to land.Dec 27 2022, 01:38

Closed by commit rABC45ad3cc89c48: [Cashtab] Deprecate biometric authentication (authored by bytesofman). · Explain WhyDec 27 2022, 18:00

This revision was automatically updated to reflect the committed changes.

bytesofman added a commit: rABC45ad3cc89c48: [Cashtab] Deprecate biometric authentication.

Revision Contents
Changeset List

Path

Size

web/

cashtab/

src/

assets/

fingerprint-solid.svg

styles/

2 lines

components/

Airdrop/

__tests__/

__snapshots__/

Airdrop.test.js.snap

108 lines

Authentication/

ProtectableComponentWrapper.js

Common/

4 lines

Configure/

56 lines

__tests__/

__snapshots__/

Configure.test.js.snap

Home/

__tests__/

__snapshots__/

Home.test.js.snap

Receive/

__tests__/

__snapshots__/

Receive.test.js.snap

Send/

__tests__/

__snapshots__/

Send.test.js.snap

SendToken.test.js.snap

SignVerifyMsg/

__tests__/

__snapshots__/

SignVerifyMsg.test.js.snap

Tokens/

__tests__/

__snapshots__/

CreateTokenForm.test.js.snap

Tokens.test.js.snap

hooks/

useWebAuthentication.js

16 lines

utils/

18 lines

convertArrBuffBase64.js

Diff 37433

web/cashtab/src/assets/fingerprint-solid.svg

Loading...

web/cashtab/src/assets/styles/theme.js

Loading...

web/cashtab/src/components/Airdrop/tests/snapshots/Airdrop.test.js.snap

Loading...

web/cashtab/src/components/App.js

Loading...

web/cashtab/src/components/Authentication/ProtectableComponentWrapper.js

Loading...

web/cashtab/src/components/Authentication/SignIn.js

Loading...

web/cashtab/src/components/Common/CustomIcons.js

Loading...

web/cashtab/src/components/Configure/Configure.js

Loading...

web/cashtab/src/components/Configure/tests/snapshots/Configure.test.js.snap

Loading...

web/cashtab/src/components/Home/tests/snapshots/Home.test.js.snap

Loading...

web/cashtab/src/components/Receive/tests/snapshots/Receive.test.js.snap

Loading...

web/cashtab/src/components/Send/tests/snapshots/Send.test.js.snap

Loading...

web/cashtab/src/components/Send/tests/snapshots/SendToken.test.js.snap

Loading...

web/cashtab/src/components/SignVerifyMsg/tests/snapshots/SignVerifyMsg.test.js.snap

Loading...

web/cashtab/src/components/Tokens/tests/snapshots/CreateTokenForm.test.js.snap

Loading...

web/cashtab/src/components/Tokens/tests/snapshots/Tokens.test.js.snap

Loading...

web/cashtab/src/hooks/useWebAuthentication.js

Loading...

web/cashtab/src/index.js

Loading...

web/cashtab/src/utils/context.js

Loading...

web/cashtab/src/utils/convertArrBuffBase64.js

Loading...