Fix mobile robustness gaps: HMAC-SHA256 signing, real RASP detection, centralized API client, configurable cert pinning#8
Open
devin-ai-integration[bot] wants to merge 11 commits intomainfrom
Conversation
Co-Authored-By: Patrick Munis <pmunis@gmail.com>
- activities_next_5.py: Replace 37 TODOs with production-ready Temporal workflow activities (QR payments, offline sync, 2FA, recurring payments, commission tracking, etc.) - agent-performance/main.py: Implement uptime calculation, float utilization, percentile ranking, and peer comparison queries - ml_monitoring.py: Implement AUC-PR calculation for ML model evaluation - generate_all_routers.py: Replace TODO with real database query execution - user-service/main.go: Implement email/phone verification, password reset, resend verification with Redis token storage and messaging integration - agent-hierarchy/main.go: Implement audit trail logging for agent suspension - kafka_consumer.py: Implement Kafka message processing with proper error handling - example_service_with_auth.py: Implement Keycloak token validation Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…lders, enforce env vars - Remove all hardcoded secrets/credentials across services - Enforce required env vars (JWT_SECRET, ILP_SECRET, ENCRYPTION_KEY, etc.) - Replace signature_placeholder with HMAC-SHA256 signing - Replace demo/hardcoded users with env-var-loaded user stores - Implement MFA setup/verify handlers in security-service - Implement message signing in POS management server - Replace mock exchange rate provider with fallback provider - Implement all 39 workflow activity stubs - Implement all 17 video KYC orchestrator stubs - Wire up TigerBeetle resilient client with conditional import - Replace mock Keycloak token with real API call - Remove hardcoded docker-compose passwords (use env var substitution) Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…-backed endpoints, AML screening API - agent_onboarding_service.py: Fix import typo (create_database_url -> create_engine), replace mock OCR with real OCR service call + fallback, replace mock KYC with real provider HTTP call + retry, replace mock KYB with real Ballerine workflow call + retry, require DATABASE_URL env var, restrict CORS origins - agent_onboarding_service_enhanced.py: Implement all 8 placeholder endpoints with real DB queries (list docs/verifications/reviews, approve/reject/suspend/reactivate, assign reviewer, search with filters, statistics with aggregations), require DATABASE_URL env var, restrict CORS origins - kyc_kyb_service.py: Replace pattern-matching AML screening with external sanctions/PEP API calls with retry, expand high-risk countries list - kyc_encryption.py: Require KYC_MASTER_KEY env var (fail hard instead of ephemeral key), add DB persistence for audit trail entries - agent_service.go: Implement 15 stub methods with real DB queries (transaction/commission/customer/compliance metrics, performance scoring, ranking, achievements, recommendations, bulk operations, CSV/XLSX export, admin check, new agent/approval processing) Co-Authored-By: Patrick Munis <pmunis@gmail.com>
… engine - Telco integration: Replace skeleton with real VTPass API integration, retry logic, commission tracking, transaction verification/requery, data plans endpoint - Biller integration: Multi-provider support (Baxi primary, VTpass fallback), 13 electricity providers, cable TV (DSTV/GOtv/Startimes), government bills, agent commission, retry with exponential backoff - Fee schedule engine: Configurable per-merchant/per-provider fee tiers with percentage caps, flat fees, tiered volume-based fees, batch calculation endpoint - Settlement service: Wire fee schedule engine into deduction calculations Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…le management Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…biometric capture Co-Authored-By: Patrick Munis <pmunis@gmail.com>
- Replace single OCR service call with parallel PaddleOCR + VLM + Docling pipeline - Add _run_paddleocr(), _run_vlm(), _run_docling() async engine functions - Aggregate results using confidence-weighted selection across all engines - Replace DeepSeekOCRClient with PaddleOCRClient in ocr_service.py - Add VLMClient for semantic document understanding - Update OCREngine enum: PADDLEOCR, VLM, DOCLING, TESSERACT, AUTO - Frontend: add processing pipeline visualization with live stage indicators - Show per-document PaddleOCR/VLM/Docling progress and confidence bars - Update submission success screen to reference new pipeline Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…t backend Co-Authored-By: Patrick Munis <pmunis@gmail.com>
Co-Authored-By: Patrick Munis <pmunis@gmail.com>
- Create centralized ApiClient with env-based config, retry logic, auth token management - Replace weak DJB2 hash with HMAC-SHA256 in TransactionSigning - Replace weak DJB2 hash with SubtleCrypto SHA-256 in DeviceBinding - Implement real RASP Frida/debugger detection (not stubs) - Replace base64 compression with real DEFLATE in PerformanceManager - Make certificate pinning hashes configurable via env vars - Wire CertificatePinning.fetch() into ApiClient for all API calls - Fix USSD manager to use real native module bridge with system dialer fallback - Fix PWA broken platform checks (hardcoded 'web' string comparisons) - Replace all hardcoded API URLs with centralized ApiClient - Applied consistently across native-enhanced, hybrid, and PWA variants Co-Authored-By: Patrick Munis <pmunis@gmail.com>
Author
Original prompt from Patrick |
Author
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
Trivy found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
Open
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix mobile robustness gaps across all 3 variants (native, hybrid, PWA)
Summary
Addresses critical security and integration gaps identified in the mobile layer (168 source files across native-enhanced, hybrid, and PWA variants). The key changes are:
Security hardening:
crypto.subtle) inTransactionSigning.tsacross all 3 variantsDeviceBinding.tsacross all 3 variantsfalseREACT_NATIVE_PIN_*,VITE_PIN_*) instead of hardcoded placeholder stringsAPI client centralization:
ApiClient.tssingleton with env-based URL resolution, retry with exponential backoff, auth token management, and timeout handlingCertificatePinning.fetch()intoApiClientso all API calls go through SSL pinningfetch('https://api.agentbanking.com/...')calls across security/performance modulesBug fixes:
if ('web' === 'ios')with propernavigator.userAgentdetection viagetPlatform()helperNativeModules.USSDModule) + system dialer fallback (Linking.openURL)PerformanceManager.tsAll changes applied consistently to
mobile-native-enhanced/,mobile-hybrid/, andmobile-pwa/with platform-appropriate adaptations (React NativePlatform.OS/ CapacitorCapacitor.getPlatform()/ user-agent sniffing for PWA).Review & Testing Checklist for Human
deflateSync/inflateSyncinPerformanceManager.tsare hand-rolled stored-block DEFLATE. Verify round-trip correctness with non-trivial payloads and compatibility with any backend expecting standard zlib/deflate. This is the highest-risk change in the PR.ApiClient↔CertificatePinning—ApiClient.tsimportsCertificatePinning, whileCertificatePinningusesfetchinternally. Other security modules (RASP, DeviceBinding, TransactionSigning) importApiClient. Verify no circular dependency at runtime across all 3 variants.tsc --noEmitin each mobile variant directory to catch type errors (e.g., missing@types/react-native, Capacitor types).process.envat runtime — PWA files referenceprocess.env.VITE_*which requires Vite'sdefineplugin. Verify these are replaced at build time and don't cause runtime errors in the browser.fetch('http://127.0.0.1:27042')which could trigger CORS errors or network failures in production. Test on real devices to ensure this doesn't cause app crashes or false alarms.Test Plan
CertificatePinning.fetch()is invoked (check network logs for SSL pinning behavior)PerformanceManager.compressData()→decompressData()with a large JSON payload and verify data integritygetPlatform()returns correct valuesREACT_NATIVE_PIN_API_PRIMARY/VITE_PIN_API_PRIMARYand confirm cert pinning uses those values instead of placeholder stringsNotes
Link to Devin run: https://app.devin.ai/sessions/d1d1a2af0045435da944c1a7e061484d
Requested by: @munisp