cloud based backup

CHANGELOG.md

@@ -4,6 +4,7 @@
 
 ### Features
 
+* [FEATURE][all] Cloud backup & restore via Google Drive. Wallet state (accounts, settings, miden-client DB, transaction DB) is encrypted with either a user-supplied password (PBKDF2) or a WebAuthn / native iOS passkey (PRF-derived key) and uploaded to the user's Google Drive `appDataFolder`. Auto-backup fires after account creation, settings changes, transaction completion, and when new consumable notes arrive; the encryption key is persisted in vault storage so subsequent backups run silently. Onboarding and Forgot Password flows gain an **Import from Cloud** path that downloads + decrypts the backup and restores the wallet end-to-end; auto-backup is re-enabled automatically after a cloud restore (skipping the redundant initial upload). Cloud Backup settings exposes a **Restore from Backup** button that pulls fresh state from Drive on-demand using the vault's stored encryption key — no password / passkey prompt required, no onboarding detour. iOS uses native Keychain-backed passkeys bridged to the JS layer via Capacitor; extension uses `chrome.identity` OAuth with PKCE and a tab-based bridge for passkey registration.
 * [FEATURE][all] Transaction-complete modal now surfaces a **View on Midenscan** action alongside **Done**. Desktop / extension opens the explorer in a new tab; mobile opens it as a native `InAppBrowser` overlay so dismissing the overlay returns the user to the completion screen with no state loss. URL resolved per-network via a new `MIDEN_EXPLORER_ENDPOINTS` map (testnet / devnet); localnet has no explorer → button hidden. The on-chain tx hash is plumbed through `SendManager.onSubmit` → `lastCompletedTxHash` in the Zustand store, cleared at the start of each send so the button never points at a stale hash. (#203)
 * [UX][all] Transaction-complete modal no longer auto-closes 3 s after success — user now dismisses explicitly, giving time to read the confirmation and tap **View on Midenscan**. (#203)
 

android/app/build.gradle

@@ -65,6 +65,8 @@ dependencies {
     implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
     // Biometric authentication for hardware security
     implementation 'androidx.biometric:biometric:1.1.0'
+    // Google Identity Services — AuthorizationClient for Drive scope OAuth (cloud backup)
+    implementation 'com.google.android.gms:play-services-auth:21.3.0'
 }
 
 apply from: 'capacitor.build.gradle'

android/app/capacitor.build.gradle

@@ -10,6 +10,7 @@ android {
 apply from: "../capacitor-cordova-android-plugins/cordova.variables.gradle"
 dependencies {
     implementation project(':capacitor-app')
+    implementation project(':capacitor-browser')
     implementation project(':capacitor-filesystem')
     implementation project(':capacitor-haptics')
     implementation project(':capacitor-keyboard')

android/app/src/main/java/com/miden/wallet/GoogleAuthPlugin.kt

@@ -0,0 +1,147 @@
+package com.miden.wallet
+
+import android.app.Activity
+import android.content.Intent
+import android.util.Log
+import com.getcapacitor.JSArray
+import com.getcapacitor.JSObject
+import com.getcapacitor.Plugin
+import com.getcapacitor.PluginCall
+import com.getcapacitor.PluginMethod
+import com.getcapacitor.annotation.CapacitorPlugin
+import com.google.android.gms.auth.api.identity.AuthorizationRequest
+import com.google.android.gms.auth.api.identity.AuthorizationResult
+import com.google.android.gms.auth.api.identity.Identity
+import com.google.android.gms.common.api.Scope
+
+/**
+ * Native Google OAuth bridge for cloud backup on Android.
+ *
+ * Uses the Google Identity Services `AuthorizationClient` (Google Play Services)
+ * to obtain an OAuth access token for the requested scopes — native UI, no
+ * browser redirect or custom URI scheme. The OAuth client is picked up
+ * implicitly from the app's package name + signing SHA-1 (registered as an
+ * Android-type OAuth client in Google Cloud Console), so no client ID needs
+ * to be passed in from JS.
+ *
+ * Access tokens returned by this API live ~1 hour; Google manages silent
+ * refresh internally on subsequent `signInSilently` calls — we don't persist
+ * a refresh token on device (matches chrome.identity behavior on the
+ * extension path).
+ */
+@CapacitorPlugin(name = "GoogleAuthAndroid")
+class GoogleAuthPlugin : Plugin() {
+
+    companion object {
+        private const val TAG = "GoogleAuthAndroid"
+        private const val REQUEST_AUTHORIZE = 9001
+        // Google access tokens live ~1h; use a slightly conservative expiry so the
+        // JS layer eagerly re-requests via signInSilently (which returns cached).
+        private const val TOKEN_LIFETIME_SECONDS = 55 * 60
+    }
+
+    private var pendingCall: PluginCall? = null
+
+    @PluginMethod
+    fun signIn(call: PluginCall) {
+        authorize(call, interactive = true)
+    }
+
+    @PluginMethod
+    fun signInSilently(call: PluginCall) {
+        authorize(call, interactive = false)
+    }
+
+    private fun authorize(call: PluginCall, interactive: Boolean) {
+        val scopesArray: JSArray = call.getArray("scopes") ?: run {
+            call.reject("scopes array is required")
+            return
+        }
+
+        val scopes = try {
+            (0 until scopesArray.length()).map { Scope(scopesArray.getString(it)) }
+        } catch (e: Exception) {
+            call.reject("scopes must be an array of strings", e)
+            return
+        }
+
+        val request = AuthorizationRequest.Builder()
+            .setRequestedScopes(scopes)
+            .build()
+
+        Identity.getAuthorizationClient(activity)
+            .authorize(request)
+            .addOnSuccessListener { result ->
+                if (result.hasResolution()) {
+                    // User consent required.
+                    if (!interactive) {
+                        // Silent mode — signal that interactive auth is needed
+                        // without triggering any UI.
+                        val ret = JSObject()
+                        ret.put("needsConsent", true)
+                        call.resolve(ret)
+                        return@addOnSuccessListener
+                    }
+                    val pendingIntent = result.pendingIntent ?: run {
+                        call.reject("Authorization requires consent but no pending intent was returned")
+                        return@addOnSuccessListener
+                    }
+                    try {
+                        pendingCall = call
+                        activity.startIntentSenderForResult(
+                            pendingIntent.intentSender,
+                            REQUEST_AUTHORIZE,
+                            null,
+                            0,
+                            0,
+                            0,
+                            null
+                        )
+                    } catch (e: Exception) {
+                        pendingCall = null
+                        call.reject("Failed to launch authorization consent: ${e.message}", e)
+                    }
+                } else {
+                    resolveWithResult(call, result)
+                }
+            }
+            .addOnFailureListener { e ->
+                Log.w(TAG, "authorize failed", e)
+                call.reject("Authorization failed: ${e.message}", e)
+            }
+    }
+
+    override fun handleOnActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
+        super.handleOnActivityResult(requestCode, resultCode, data)
+        if (requestCode != REQUEST_AUTHORIZE) return
+
+        val call = pendingCall ?: return
+        pendingCall = null
+
+        if (resultCode != Activity.RESULT_OK) {
+            call.reject("User cancelled Google authorization")
+            return
+        }
+
+        try {
+            val result = Identity.getAuthorizationClient(activity).getAuthorizationResultFromIntent(data)
+            resolveWithResult(call, result)
+        } catch (e: Exception) {
+            Log.w(TAG, "Failed to parse authorization result", e)
+            call.reject("Failed to parse authorization result: ${e.message}", e)
+        }
+    }
+
+    private fun resolveWithResult(call: PluginCall, result: AuthorizationResult) {
+        val accessToken = result.accessToken
+        if (accessToken == null) {
+            call.reject("Authorization succeeded but no access token was returned")
+            return
+        }
+        val ret = JSObject()
+        ret.put("accessToken", accessToken)
+        ret.put("grantedScopes", JSArray(result.grantedScopes))
+        ret.put("expiresIn", TOKEN_LIFETIME_SECONDS)
+        call.resolve(ret)
+    }
+}

android/app/src/main/java/com/miden/wallet/MainActivity.java

@@ -17,6 +17,7 @@ public class MainActivity extends BridgeActivity {
     protected void onCreate(Bundle savedInstanceState) {
         // Register custom plugins before super.onCreate
         registerPlugin(HardwareSecurityPlugin.class);
+        registerPlugin(GoogleAuthPlugin.class);
 
         super.onCreate(savedInstanceState);
         setupStatusBar();

android/capacitor.settings.gradle

@@ -5,6 +5,9 @@ project(':capacitor-android').projectDir = new File('../node_modules/@capacitor/
 include ':capacitor-app'
 project(':capacitor-app').projectDir = new File('../node_modules/@capacitor/app/android')
 
+include ':capacitor-browser'
+project(':capacitor-browser').projectDir = new File('../node_modules/@capacitor/browser/android')
+
 include ':capacitor-filesystem'
 project(':capacitor-filesystem').projectDir = new File('../node_modules/@capacitor/filesystem/android')
 

ios/App/App.xcodeproj/project.pbxproj

@@ -18,6 +18,7 @@
 		83CCE39C02FD0BF8DD39551F /* AppViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 1A6B2865F76F213517CFCCD1 /* AppViewController.swift */; };
 		B54E83DC5BCCDB512256423A /* LocalBiometricPlugin.swift in Sources */ = {isa = PBXBuildFile; fileRef = 21A34DAD709C71D553F88951 /* LocalBiometricPlugin.swift */; };
 		C7D4E92A3F8B1C5D00A2B9E1 /* BarcodeScannerPlugin.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7D4E92B3F8B1C5D00A2B9E2 /* BarcodeScannerPlugin.swift */; };
+		D1A2B3C4E5F607890A1B2C3D /* PasskeyPlugin.swift in Sources */ = {isa = PBXBuildFile; fileRef = D1A2B3C4E5F607890A1B2C3E /* PasskeyPlugin.swift */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXFileReference section */
@@ -35,6 +36,7 @@
 		873F0344C8952CB5585102E0 /* App.entitlements */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.plist.entitlements; path = App.entitlements; sourceTree = "<group>"; };
 		958DCC722DB07C7200EA8C5F /* debug.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; name = debug.xcconfig; path = ../debug.xcconfig; sourceTree = SOURCE_ROOT; };
 		C7D4E92B3F8B1C5D00A2B9E2 /* BarcodeScannerPlugin.swift */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = sourcecode.swift; path = BarcodeScannerPlugin.swift; sourceTree = "<group>"; };
+		D1A2B3C4E5F607890A1B2C3E /* PasskeyPlugin.swift */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = sourcecode.swift; path = PasskeyPlugin.swift; sourceTree = "<group>"; };
 /* End PBXFileReference section */
 
 /* Begin PBXFrameworksBuildPhase section */
@@ -80,6 +82,7 @@
 				50B271D01FEDC1A000F3C39B /* public */,
 				21A34DAD709C71D553F88951 /* LocalBiometricPlugin.swift */,
 				C7D4E92B3F8B1C5D00A2B9E2 /* BarcodeScannerPlugin.swift */,
+				D1A2B3C4E5F607890A1B2C3E /* PasskeyPlugin.swift */,
 				1A6B2865F76F213517CFCCD1 /* AppViewController.swift */,
 				873F0344C8952CB5585102E0 /* App.entitlements */,
 			);
@@ -179,6 +182,7 @@
 				B54E83DC5BCCDB512256423A /* LocalBiometricPlugin.swift in Sources */,
 				C7D4E92A3F8B1C5D00A2B9E1 /* BarcodeScannerPlugin.swift in Sources */,
 				83CCE39C02FD0BF8DD39551F /* AppViewController.swift in Sources */,
+				D1A2B3C4E5F607890A1B2C3D /* PasskeyPlugin.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};

ios/App/App/App.entitlements

@@ -6,5 +6,9 @@
 	<array>
 		<string>$(AppIdentifierPrefix)com.miden.wallet</string>
 	</array>
+	<key>com.apple.developer.associated-domains</key>
+	<array>
+		<string>webcredentials:api.midenbrowserwallet.com</string>
+	</array>
 </dict>
 </plist>

ios/App/App/AppViewController.swift

@@ -5,5 +5,6 @@ class AppViewController: CAPBridgeViewController {
     override open func capacitorDidLoad() {
         bridge?.registerPluginInstance(LocalBiometricPlugin())
         bridge?.registerPluginInstance(BarcodeScannerPlugin())
+        bridge?.registerPluginInstance(PasskeyPlugin())
     }
 }

ios/App/App/Info.plist

@@ -51,6 +51,15 @@
 	</array>
 	<key>UIViewControllerBasedStatusBarAppearance</key>
 	<true/>
+	<key>CFBundleURLTypes</key>
+	<array>
+		<dict>
+			<key>CFBundleURLSchemes</key>
+			<array>
+				<string>com.googleusercontent.apps.849882985138-gbl44m5nmvuim6eiv4vmtg5rvoq4knqi</string>
+			</array>
+		</dict>
+	</array>
 	<key>NSAppTransportSecurity</key>
 	<dict>
 		<key>NSAllowsArbitraryLoads</key>