Design for moving off the deprecated androidx.security:security-crypto to Tink Android-Keystore-backed storage, without ever losing the couple key. Covers: the load-bearing hazard (SecurePreferencesFactory.reset() silently WIPES the couple key on any read failure) which must be removed first; lazy dual-read + re-wrap + verify-then-clean migration; fail-closed (recover, never delete) failure matrix; consumer ordering (couple key last); staged RC rollout + content-free telemetry; test plan; open questions for the owner. No implementation ships until the owner approves this design (Batch 5.1 gate). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| brand | ||
| crypto | ||
| qa | ||
| release | ||
| screenshots | ||
| store | ||
| Engineering_Reference_Manual.md | ||
| copy-guide.md | ||
| date-planning-roadmap.md | ||