Page MenuHomePhabricator
Differential D12899

[Cashtab] Deprecate biometric authentication
ClosedPublic
Actions

Authored by bytesofman on Dec 15 2022, 18:49.

Details

Reviewers
emack
Group Reviewers
Restricted Project
Commits
rABC45ad3cc89c48: [Cashtab] Deprecate biometric authentication
Summary

T2881

Deprecate biometric authentication. The feature does not persist through Cashtab state change (i.e. a hard refresh). The feature would be technically complex to support through local storage, which is also not 100% reliable in a web app as it depends on the browser.

These gaps make the feature more a security threat vector than a security feature. It is only able to lock the app using the same lock a user has set on their phone. This redundant lock (that sometimes disables itself) should be deprecated.

Test Plan

npm start
App works fine
Settings page does not display lock setting
npm run build
netlify deploy
Test on mobile with app that was previously set to auth on -- should load with auth off, no issues
Test on mobile with app that was previously set to auth off -- should load with auth off, no issues

Diff Detail

Repository
rABC Bitcoin ABC
Branch
patch-auth-issue
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 21674
Build 42988: Build Diffcashtab-tests
Build 42987: arc lint + arc unit

Event Timeline

bytesofman created this revision.Dec 15 2022, 18:49
Herald added a reviewer: Restricted Project. · View Herald TranscriptDec 15 2022, 18:49
bytesofman requested review of this revision.Dec 15 2022, 18:49
Harbormaster completed remote builds in B21601: Diff 37327.Dec 15 2022, 18:52
emack requested changes to this revision.Dec 16 2022, 12:31
emack added a subscriber: emack.

Tested all ok on iOS and Android however I did a comparison with the genesis biometric diff D10443 and found some other elements for removal in the interest of reducing unnecessary resources that were only used for biometric purposes (I have grep'ed these to verify):

  • assets/fingerprint-solid.svg
  • theme.buttons.primary.disabledOverlay
  • theme.buttons.secondary.disabledOverlay
  • utils/convertArrBuffBase64.js
This revision now requires changes to proceed.Dec 16 2022, 12:31
bytesofman planned changes to this revision.Dec 19 2022, 17:52

Will keep this tabled for now.

IMO the feature is mostly security theater. However, some users do seem to like it, and there are niche applications.

bytesofman updated this revision to Diff 37428.Dec 26 2022, 17:39

responding to feedback + rebase

Harbormaster completed remote builds in B21674: Diff 37428.Dec 26 2022, 17:44
emack accepted this revision.Dec 27 2022, 01:38

verified via https://1167.netlify.app/#/wallet

This revision is now accepted and ready to land.Dec 27 2022, 01:38
Closed by commit rABC45ad3cc89c48: [Cashtab] Deprecate biometric authentication (authored by bytesofman). · Explain WhyDec 27 2022, 18:00
This revision was automatically updated to reflect the committed changes.
bytesofman added a commit: rABC45ad3cc89c48: [Cashtab] Deprecate biometric authentication.

Revision Contents
Changeset List

PathSize
web/
cashtab/
src/
assets/
styles/
2 lines
components/
Airdrop/
__tests__/
__snapshots__/
108 lines
Authentication/
Common/
4 lines
Configure/
56 lines
__tests__/
__snapshots__/
Home/
__tests__/
__snapshots__/
Receive/
__tests__/
__snapshots__/
Send/
__tests__/
__snapshots__/
SignVerifyMsg/
__tests__/
__snapshots__/
Tokens/
__tests__/
__snapshots__/
hooks/
16 lines
utils/
18 lines

Diff 37428

View Options

web/cashtab/src/assets/fingerprint-solid.svg

Loading...
View Options

web/cashtab/src/assets/styles/theme.js

Loading...
View Options

web/cashtab/src/components/Airdrop/__tests__/__snapshots__/Airdrop.test.js.snap

Loading...
View Options

web/cashtab/src/components/App.js

Loading...
View Options

web/cashtab/src/components/Authentication/ProtectableComponentWrapper.js

Loading...
View Options

web/cashtab/src/components/Authentication/SignIn.js

Loading...
View Options

web/cashtab/src/components/Common/CustomIcons.js

Loading...
View Options

web/cashtab/src/components/Configure/Configure.js

Loading...
View Options

web/cashtab/src/components/Configure/__tests__/__snapshots__/Configure.test.js.snap

Loading...
View Options

web/cashtab/src/components/Home/__tests__/__snapshots__/Home.test.js.snap

Loading...
View Options

web/cashtab/src/components/Receive/__tests__/__snapshots__/Receive.test.js.snap

Loading...
View Options

web/cashtab/src/components/Send/__tests__/__snapshots__/Send.test.js.snap

Loading...
View Options

web/cashtab/src/components/Send/__tests__/__snapshots__/SendToken.test.js.snap

Loading...
View Options

web/cashtab/src/components/SignVerifyMsg/__tests__/__snapshots__/SignVerifyMsg.test.js.snap

Loading...
View Options

web/cashtab/src/components/Tokens/__tests__/__snapshots__/CreateTokenForm.test.js.snap

Loading...
View Options

web/cashtab/src/components/Tokens/__tests__/__snapshots__/Tokens.test.js.snap

Loading...
View Options

web/cashtab/src/hooks/useWebAuthentication.js

Loading...
View Options

web/cashtab/src/index.js

Loading...
View Options

web/cashtab/src/utils/context.js

Loading...
View Options

web/cashtab/src/utils/convertArrBuffBase64.js

Loading...