Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add enhanced privacy #25

Closed
PeterRounce opened this issue Dec 2, 2022 · 3 comments
Closed

add enhanced privacy #25

PeterRounce opened this issue Dec 2, 2022 · 3 comments
Assignees

Comments

@PeterRounce
Copy link
Member

related issue boltcard/boltcard#21

With app v0.1.2 (bd0f5ec) it is possible to write and wipe cards from the bolt card service that includes the uid_privacy flag because it is ignored by the app.

The bolt card app enhancements should be implemented without affecting the LNbits bolt_card extension until that is ready to adopt the enhanced privacy updates.

The app should detect create_bolt_card_response v2 when it has uid_privacy set to Y
It should then authenticate with the card and set PICCConfig.UseRID=1
The UID will be random or zero after a card power cycle

In my testing, I've noticed this message when UseRID is set and the create card tests are run.
screenshot

Also the Card UID shown is random and it is easily detectable as the value is shorter than the previous static value.
Perhaps we should show Card UID: private instead

@PeterRounce
Copy link
Member Author

The TapLinx method to activate the 'random UID' feature is:

https://www.mifare.net/developer/javadoc/android/
Interface INTAG424DNA
void setPICCConfiguration(boolean enableRandomUID)

@robertclarkson
Copy link
Member

added this feature to test branch https://github.com/boltcard/bolt-nfc-android-app/tree/random-uid

@PeterRounce
Copy link
Member Author

all works except.. issue #29

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants