Ongoing Collection: Bugs for version 1.16.2

[jdsika]

Hi team,

Setup: android: altme 1.16.2 browser: firefox 114.0.2 Temple extension: 1.16.3

1) Problem:

• go to https://talao.co/altme-identity
• connect temple account "alice" (not revealed)
• scan QR code
• confirm that I see the "account ownership card"

• press "add card"

  ! Card is not visible in altme

2. Problem:

   • rename account name in altme android app
   • endless "waiting"
   • kill app

   ! rename was completed

[jdsika]

3. Problem:
   • I see the "account ownership" card for the android hot wallet from the setup in "my blockchain accounts" twice
   • Screenshot below

[jdsika]

4. Problem:
   • I have to do the biometrics approval "draw pattern" twice
   • Pattern and Fingerprint do both work as intended but in both cases I have to repeat the approval

[hawkbee1]

Thanks for your feedback @jdsika, I will probably create several tickets. I understand you have twos ownership cards in "My blockchain accounts" section, both identical. Could you tell me which network is written on the cards ?

[jdsika]

[jdsika]

Update for Problem 1) I checked if the reveal of the address has any effect but even after revealing Alice I cannot store the Card correctly.

[jdsika]

5. Problem:

   • The Wallet application is called "altme wallet" on adroid but the domain used for the connection is: https://talao.co/altme-identity
   • As a cautious user I would expect the domian: altme.io
   • Alice does not know that Talao and Altme are the same company
   • The logo on the website does also say "altme"

   ! This is confusing for a user

[jdsika]

@hawkbee1 I confirm that Problem 1) is solved:

[jdsika]

6. Problem:
   • I want to delete a card but the option is greyed out

[hawkbee1]

Probleme 6: Cards generated during onboarding have delete option greyed out. If that's such card that's the expected behavior. If that's another card that's a bug.

[jdsika]

The added Card through the process of Problem 1. cannot be deleted. I also still have the duplicated one from the onboarding

[ThierryThevenet]

Proof of crypto account cannot be deleted, they are created at intialisation of crypto account. That is a normal behavior But the doulble card is an issue we are going tio solve.

[ThierryThevenet]

This one below needs more time, it will not be treated in teh coming weeks

---

Problem:
    The Wallet application is called "altme wallet" on adroid but the domain used for the connection is: https://talao.co/altme-identity
    As a cautious user I would expect the domian: altme.io
    Alice does not know that Talao and Altme are the same company
    The logo on the website does also say "altme"

! This is confusing for a user

[ThierryThevenet]

This one will be solved soon ................. Problem: I have to do the biometrics approval "draw pattern" twice Pattern and Fingerprint do both work as intended but in both cases I have to repeat the approval

[jdsika]

Proof of crypto account cannot be deleted, they are created at intialisation of crypto account. That is a normal behavior But the doulble card is an issue we are going tio solve.

But the 3rd one has been added by me and is also greyed out:

[ThierryThevenet]

yes it is normal behavior, those types of card cannot be deleted. That would be quite complexe for users to manage those type of VCs and there is no reason to delete it.

[jdsika]

yes it is normal behavior, those types of card cannot be deleted. That would be quite complexe for users to manage those type of VCs and there is no reason to delete it.

What is the purpose of this card? As I understand it I can now use the Altme Wallet Application as my personal vault for Verified Credentials in order to create a presentation from it. So, I, as the one with the application installed on my phone and the additional e.g. "Tezos Key Proof Card" added to the existing Cards from the initialization process of the application can present it WITHOUT current access to the initial key? The Card has an expiration date. What happens after it is expired? Will it be "deleted" automatically or will it stay there forever and just be "inactive"? I think there should be the option to delete those cards.

[ThierryThevenet]

those cards (VC/VP) are among the most important of the wallet.

From the SSI standpoint they are a proof of your crypto address ownership as they are double signed by the crypto wallet address and the identity key. ,It means that with both a proof of age and a proof of crypto account ownership you can prove that the owner of a crypto address is over 18 yo because both have the same subject which is the user DID.

One of the key points is that the Identity private key is never the same as a crypto private key. It could be a secpk256k key or ....a RSA key or whatever P-384 etc..... and you can so protect your privacy as your identity is never confused with the blockchain account you use for NFts or crypto transactions.

In the case of an external crypto account (a Temple account for instance) the website wallet-indentity is a verifier of the crypto account ownership and an issuer of VC. It first sends a challenge to the crypto wallet and if the signature is ok, the site issues a VC to Altme. That VC is a proof of ownership which is added to others. So in Altme you can have VCs proof of ownership issued by the wallet and VC proofs of ownership issued by the wallet-identity website.

[ThierryThevenet]

There is a subject about the expiration date of the VCs issued by the identity website. opinions vary....Probably we will change it as Unlimited.

[jdsika]

@hawkbee1 the issues (double entry VC and double draw pattern) are not fixed in the new version 1.18.3

[hawkbee1]

We were not able to reproduce this issue on android with fingerprints or iphone with faceId. Can you explain with more details when it is occurring ? You draw the pattern, that's OK and immediately you're asked again to draw the pattern?

[jdsika]

1) Start app - see loading screen 2) Enter PIN in Altme corporate identity flashes for ~1sec 3) Standard "draw pattern" screen occurs 4) I can either draw my pattern or put my finger on the scanner 5) Fingerprint accepted 6) Altme screen flashes for ~1sec 7) Standard draw pattern screen occurs again 8) Scan finger and is accepted 9) Altme screen is now permanently visible

[hawkbee1]

That's really strange, which phone model are you using?

[jdsika]

LM-G710EM Android 10 Kernel 4.9.193

Up to date

[jdsika]

1. Start app - see loading screen

   2. Enter PIN in Altme corporate identity flashes for ~1sec

   3. Standard "draw pattern" screen occurs

   4. I can either draw my pattern or put my finger on the scanner

   5. Fingerprint accepted

   6. Altme screen flashes for ~1sec

   7. Standard draw pattern screen occurs again

   8. Scan finger and is accepted

   9. Altme screen is now permanently visible

@hawkbee1 testing on 1.23.0: I started the app the first time after the update. The fingerprint at step 5. was accepted and the fingerprint was NOT requested again. I then wanted to report my finding here, closed the application and launched it again. Afterwards the wrong behavior is occuring again and I have to give my fingerprint twice again. This might be an interesting information for the debugging as it seems there is some temporary information that is causing the issue?

[jdsika]

I am now deleting the app and will reinstall it

[hawkbee1]

That should be an easy one to tackle if I was able to reproduce the issue :-/ I will receive an older android phone in a few days, I will see if I can activate patterns and reproduce this pattern.

[jdsika]

That should be an easy one to tackle if I was able to reproduce the issue :-/ I will receive an older android phone in a few days, I will see if I can activate patterns and reproduce this pattern.

The lesson should be to restrinct the application to new and fancy phones only :D

[jdsika]

@hawkbee1 deleting and re-installing / re-initializing the app with a secret words account import did RESOLVE the doubled Account Ownership card!!!

[jdsika]

Draw pattern issue was not resolved by re-installing

[jdsika]

I am closing this issue collection in favor of doing separate issues if they occur again in newer versions.