Skip to content

Commit 39c328e

Browse files
author
Neo
committed
harden: enforceGatedOwnerKeyForValue is now private(set)
The go-live gated-key value-signing wall (signForValue refuses a non-biometric-gated owner key when this flag is on) was a plain settable static. Nothing in the app or tests assigns it at runtime, so making it private(set) changes no behavior today — it just removes the ability for any code (including the Morpheus advisor) to disarm the wall by writing it false. Go-live still arms it by flipping the default. Pure-win hardening, independent of Morpheus.
1 parent 38c2c76 commit 39c328e

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

Core/Wallet/SecureEnclaveManager.swift

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ final class SecureEnclaveManager {
2323
/// tests — which use ungated keys — stay green). Flip to `true` at go-live so the weak path is
2424
/// REFUSED and a legacy ungated owner key can never move funds. Identity-proof signing is
2525
/// unaffected — it goes through `sign()`, not `signForValue()`.
26-
static var enforceGatedOwnerKeyForValue = false
26+
static private(set) var enforceGatedOwnerKeyForValue = false
2727

2828
enum KeyError: Error, LocalizedError {
2929
case keychainStatus(OSStatus)

0 commit comments

Comments
 (0)