search

rsksmart / rwallet

The RSK Wallet is based on our rWallet open-source code-base, which will allow developers and organizations to use it to build their own apps.
https://developers.rsk.co/wallet/
GNU General Public License v3.0
43 stars 22 forks source link

Please provide instructions to reproduce your app found on Google Play #726

Open Giszmo opened 2 years ago

Giszmo commented 2 years ago

Is your feature request related to a problem? Please describe.

Not all users can configure and compile their own app. Most default to installing what is on Google Play, making this a lucrative target for thieves. If the release manager is compromised, not even team members can sound the alarm before all wallets get emptied.

Describe the solution you'd like

Please implement internal routines to reproduce release candidates and check what actually gets released using reproducible builds.

Please allow the public to also do these checks.

Additional context/Screenshots

I track Bitcoin wallets and their reproducibility and currently failed to reproduce RWallet due to missing .env file and a way of producing unsigned builds.

pointbiz commented 2 years ago

I also want this feature because I'd like to fork the open source code and work on the project.

emanuelb commented 2 years ago

@pointbiz here almost complete build instructions (as there is build failure) to compile latest version in git 2.0.2 which is the latest commit: https://github.com/rsksmart/rwallet/commit/04c2694cb757a78cf9a7533ca6f7364252823553 this version isn't released in google-play or via github release yet, opened issue about it at: #728

Run podman build --pull --rm -t rwallet2_build_apk_deb -f ContainerFileDeb

ContainerFileDeb file content:

FROM debian:sid-slim

RUN set -ex; \
    mkdir -p /usr/share/man/man1/; \
    apt-get update; \
    DEBIAN_FRONTEND=noninteractive apt-get install --yes -o APT::Install-Suggests=false --no-install-recommends \
        npm \
        git \
        binutils \
        openjdk-11-jdk ; \
    rm -rf /var/lib/apt/lists/*; \
    useradd -ms /bin/bash appuser;

USER appuser

ENV NODE_ENV="development" \
    ANDROID_SDK_ROOT="/home/appuser/app/sdk/" \
    ANDROID_HOME="/home/appuser/app/sdk/"

RUN set -ex; \
    mkdir -p "/home/appuser/app/sdk/licenses" "/home/appuser/app/"; \
    printf "\n24333f8a63b6825ea9c5514f83c2829b004d1fee" > "/home/appuser/app/sdk/licenses/android-sdk-license"; \
    cd /home/appuser/app/; \
    git clone https://github.com/rsksmart/rwallet/;

WORKDIR /home/appuser/app/rwallet/

RUN set -ex; \
    git checkout 04c2694cb757a78cf9a7533ca6f7364252823553; \
    cd ./android; \
    keytool -genkey -alias rwallet_alias -keystore /home/appuser/app/rwallet/android/app/rwallet.pfx -storetype PKCS12 -keyalg RSA -keysize 4096 -storepass rwallet_alias -keypass rwallet_alias -validity 10000 -dname CN=IL;

# json taken from https://github.com/blockchain/My-Wallet-V3-Android/blob/75ebe718cb99c6d302efb90447f1719973deb93f/scripts/quick_start.sh#L7-L46 just changed package_name to com.rsk.rwallet.v2
# Values in .env file are from APK: assets/index.android.bundle file.

RUN set -ex; \
echo 'PARSE_SERVER_URL=https://rwallet.app/v1\n\
RWALLET_API_KEY=0718353e-a003-4692-bbd0-fb4d4b122a1d\n\
RWALLET_ENV=' > /home/appuser/app/rwallet/.env; \
echo '\n\
MYAPP_UPLOAD_STORE_FILE=rwallet.pfx\n\
MYAPP_UPLOAD_KEY_ALIAS=rwallet_alias\n\
MYAPP_UPLOAD_STORE_PASSWORD=rwallet_alias\n\
MYAPP_UPLOAD_KEY_PASSWORD=rwallet_alias\n\
' >> /home/appuser/app/rwallet/android/gradle.properties; \
echo "{\
  \"project_info\": {\
    \"project_number\": \"623252783566\",\
    \"firebase_url\": \"https://blockchaintest-ecd1c.firebaseio.com\",\
    \"project_id\": \"blockchaintest-ecd1c\",\
    \"storage_bucket\": \"blockchaintest-ecd1c.appspot.com\"\
  },\
  \"client\": [\
    {\
      \"client_info\": {\
        \"mobilesdk_app_id\": \"1:623252783566:android:02baff6e6c46ed96232b9f\",\
        \"android_client_info\": {\
          \"package_name\": \"com.rsk.rwallet.v2\"\
        }\
      },\
      \"oauth_client\": [\
        {\
          \"client_id\": \"623252783566-o6j47jlpan97fnibnr0vosvc4lh71sm1.apps.googleusercontent.com\",\
          \"client_type\": 3\
        }\
      ],\
      \"api_key\": [\
        {\
          \"current_key\": \"INSERT KEY HERE\"\
        }\
      ],\
      \"services\": {\
        \"appinvite_service\": {\
          \"other_platform_oauth_client\": [\
            {\
              \"client_id\": \"623252783566-o6j47jlpan97fnibnr0vosvc4lh71sm1.apps.googleusercontent.com\",\
              \"client_type\": 3\
            }\
          ]\
        }\
      }\
    }\
  ],\
  \"configuration_version\": \"1\"\
}" > /home/appuser/app/rwallet/android/app/google-services.json;

Run: podman run --rm --name rwallet2_build_apk_deb -ti rwallet2_build_apk_deb

in container run commands:

npm install --no-audit --no-fund;
cd /home/appuser/app/rwallet/android/;
sed -i 's/android:minSdkVersion="16" //g' /home/appuser/app/rwallet/node_modules/react-native-i18n/android/src/main/AndroidManifest.xml;
sed -i '/buildToolsVersion/a lintOptions {\ncheckReleaseBuilds false\nabortOnError false\n}' /home/appuser/app/rwallet/android/app/build.gradle;
./gradlew assembleRelease;

There error in:

Execution failed for task ':react-native-camera:extractGeneralReleaseAnnotations'.
Caused by: java.lang.NullPointerException