feat: Implement PIN verification for escrow actions and wallet creation

- Added PIN verification before performing escrow transactions in `escrow_screen.dart`.
- Integrated PIN verification when creating a new wallet in `home_screen.dart`.
- Introduced PIN entry for setting a new PIN during wallet import in `login_screen.dart`.
- Enhanced PIN change functionality in `setting_screen.dart` with verification steps.
- Created reusable PIN verification and entry sheets in `app_ui.dart`.
- Updated `security_card.dart` to require PIN verification before expanding to show wallet secrets.
- Added PIN verification for transaction confirmation in `transfer_bottom_sheet.dart`.
- Refactored wallet storage to support PIN-based encryption and verification in `wallet_storage.dart`.
- Updated dependencies in `pubspec.yaml` to include `local_auth` for biometric support.
- Adjusted CMake settings for Windows build to suppress warnings related to coroutines.

Author: jamesatomc

sdk/kanari_pay/lib/src/providers/wallet_provider.dart

@@ -14,6 +14,7 @@ class WalletState extends ChangeNotifier {
   String? _error;
   String? _activeWalletId;
   String? _authenticatedWalletId;
+  String? _sessionPin;
   KanariEnvironment _environment = KanariEnvironment.dev;
   bool _isUnlocked = false;
 
@@ -48,7 +49,7 @@ class WalletState extends ChangeNotifier {
 
   Future<bool> syncWalletWithAddress(String walletAddress) async {
     final normalizedTarget = _normalizeWalletAddress(walletAddress);
-    _wallets = await WalletStorage.loadAllWallets();
+    _wallets = await WalletStorage.loadAllWallets(pin: _sessionPin);
     _authenticatedWalletId = null;
 
     for (final walletData in _wallets) {
@@ -97,8 +98,8 @@ class WalletState extends ChangeNotifier {
     });
   }
 
-  Future<void> loadWallets() async {
-    _wallets = await WalletStorage.loadAllWallets();
+  Future<void> loadWallets({String? pin}) async {
+    _wallets = await WalletStorage.loadAllWallets(pin: pin ?? _sessionPin);
     if (_wallets.isNotEmpty) {
       await _loadActiveWallet();
     }
@@ -176,18 +177,32 @@ class WalletState extends ChangeNotifier {
   Future<void> addWallet(Map<String, dynamic> walletData, [String? pin]) async {
     _wallets.add(walletData);
 
-    if (pin != null && pin.isNotEmpty && _wallets.length == 1) {
-      await WalletStorage.savePassword(pin);
+    final hasPassword = await WalletStorage.hasPassword();
+    final hasValidPin = pin != null && RegExp(r'^\d{6}$').hasMatch(pin);
+    final effectivePin = hasValidPin ? pin : _sessionPin;
+    if (!hasPassword && !hasValidPin) {
+      _wallets.removeWhere((wallet) => wallet['id'] == walletData['id']);
+      throw StateError('PIN is required before saving a wallet');
+    }
+
+    if (!hasPassword) {
+      await WalletStorage.savePassword(pin!);
+      _sessionPin = pin;
     }
 
-    await WalletStorage.saveAllWallets(_wallets);
+    if (effectivePin == null) {
+      _wallets.removeWhere((wallet) => wallet['id'] == walletData['id']);
+      throw StateError('Wallet is locked');
+    }
+
+    await WalletStorage.saveAllWallets(_wallets, pin: effectivePin);
     await switchWallet(walletData['id']);
     notifyListeners();
   }
 
   Future<void> removeWallet(String walletId) async {
     _wallets.removeWhere((wallet) => wallet['id'] == walletId);
-    await WalletStorage.saveAllWallets(_wallets);
+    await WalletStorage.saveAllWallets(_wallets, pin: _sessionPin);
 
     if (_authenticatedWalletId == walletId) {
       _authenticatedWalletId = null;
@@ -242,18 +257,37 @@ class WalletState extends ChangeNotifier {
         return;
       }
 
-      await loadWallets();
+      _sessionPin = pin;
+      await loadWallets(pin: pin);
       if (_wallets.isEmpty) {
         _error = 'No saved wallets';
         notifyListeners();
         return;
       }
 
+      await WalletStorage.saveAllWallets(_wallets, pin: pin);
       _isUnlocked = true;
       _error = null;
     });
   }
 
+  Future<bool> verifyPin(String pin) async {
+    if (pin.length != 6) return false;
+    final success = await WalletStorage.verifyPassword(pin);
+    if (success) {
+      _sessionPin = pin;
+    }
+    return success;
+  }
+
+  Future<Duration?> pinLockRemaining() {
+    return WalletStorage.pinLockRemaining();
+  }
+
+  Future<bool> hasPinSet() {
+    return WalletStorage.hasPassword();
+  }
+
   Future<void> importFromPrivateKey(
     String pk, {
     KanariCurve curve = KanariCurve.ed25519,
@@ -315,6 +349,7 @@ class WalletState extends ChangeNotifier {
 
   void logout() {
     _wallet = null;
+    _sessionPin = null;
     _error = null;
     _activeWalletId = null;
     _authenticatedWalletId = null;
@@ -327,6 +362,7 @@ class WalletState extends ChangeNotifier {
     await WalletStorage.deleteAllWallets();
     _wallets = [];
     _wallet = null;
+    _sessionPin = null;
     _error = null;
     _activeWalletId = null;
     _authenticatedWalletId = null;
@@ -417,8 +453,8 @@ class WalletState extends ChangeNotifier {
       final isValid = await WalletStorage.verifyPassword(oldPin);
       if (!isValid) return false;
 
-      await WalletStorage.savePassword(newPin);
-      await WalletStorage.saveAllWallets(_wallets);
+      _sessionPin = newPin;
+      await WalletStorage.savePasswordAndWallets(newPin, _wallets);
       notifyListeners();
       return true;
     } catch (_) {

sdk/kanari_pay/lib/src/ui/screens/escrow_screen.dart

@@ -210,6 +210,16 @@ class _EscrowScreenState extends State<EscrowScreen>
       return;
     }
 
+    final authorized = await showAppPinVerificationSheet(
+      context: context,
+      onVerify: walletState.verifyPin,
+      lockRemaining: walletState.pinLockRemaining,
+      title: 'Confirm Escrow Action',
+      subtitle: 'Enter your 6-digit PIN to authorize this escrow transaction.',
+    );
+
+    if (!mounted || !authorized) return;
+
     setState(() {
       _isLoading = true;
       _errorMessage = null;

sdk/kanari_pay/lib/src/ui/screens/home_screen.dart

@@ -13,6 +13,7 @@ import '../../core/token_utils.dart' as token_utils;
 import '../widgets/security_card.dart';
 import '../network_selector.dart';
 import '../wallet_info_card.dart';
+import '../widgets/app_ui.dart';
 import 'wallet_transactions_screen.dart';
 
 class HomeScreen extends StatefulWidget {
@@ -750,6 +751,17 @@ class HomeScreenState extends State<HomeScreen> {
             ),
             FilledButton(
               onPressed: () async {
+                final walletState = context.read<WalletState>();
+                final authorized = await showAppPinVerificationSheet(
+                  context: context,
+                  onVerify: walletState.verifyPin,
+                  lockRemaining: walletState.pinLockRemaining,
+                  title: 'Confirm PIN',
+                  subtitle: 'Enter your 6-digit PIN to create a new wallet.',
+                );
+
+                if (!context.mounted || !authorized) return;
+
                 await context.read<WalletState>().createNewWallet(
                   curve: selectedCurve,
                   pin: '',

sdk/kanari_pay/lib/src/ui/screens/login_screen.dart

@@ -105,10 +105,24 @@ class _KanariLoginScreenState extends State<KanariLoginScreen> {
               _passwordController.text,
             );
             final curve = KanariCurve.fromString(response.data!.curveType!);
-            await context.read<WalletState>().importFromPrivateKey(
+            final walletState = context.read<WalletState>();
+            final hasPinSet = await walletState.hasPinSet();
+            String? pin;
+
+            if (!hasPinSet) {
+              if (!context.mounted) return;
+              pin = await showAppPinEntrySheet(
+                context: context,
+                title: 'Set PIN',
+                subtitle: 'Set a 6-digit PIN to secure this wallet.',
+              );
+              if (!context.mounted || pin == null) return;
+            }
+
+            await walletState.importFromPrivateKey(
               privateKey,
               curve: curve,
-              pin: '',
+              pin: pin,
             );
 
             if (walletAddress != null && walletAddress.isNotEmpty) {

sdk/kanari_pay/lib/src/ui/screens/setting_screen.dart

@@ -37,7 +37,8 @@ class SettingScreen extends StatelessWidget {
           _SettingsTile(
             icon: Icons.shield_moon_rounded,
             title: 'Set Up Two-Factor Authentication',
-            subtitle: 'Scan QR code and protect login with an authenticator app',
+            subtitle:
+                'Scan QR code and protect login with an authenticator app',
             onTap: () => _showSetup2faDialog(context),
           ),
           const SizedBox(height: 12),
@@ -70,13 +71,63 @@ class SettingScreen extends StatelessWidget {
     );
   }
 
-  void _showChangePinDialog(BuildContext context) {
+  Future<void> _showChangePinDialog(BuildContext context) async {
     final state = context.read<WalletState>();
 
-    showDialog(
+    final currentPin = await showAppPinEntrySheet(
       context: context,
-      builder: (_) => AppPinChangeDialog(
-        onSubmit: (oldPin, newPin) => state.changePin(oldPin, newPin),
+      title: 'Current PIN',
+      subtitle: 'Enter your current 6-digit PIN.',
+    );
+    if (!context.mounted || currentPin == null) return;
+
+    final currentPinValid = await state.verifyPin(currentPin);
+    if (!context.mounted) return;
+
+    if (!currentPinValid) {
+      _showSettingsMessage(context, 'Invalid current PIN', isError: true);
+      return;
+    }
+
+    final newPin = await showAppPinEntrySheet(
+      context: context,
+      title: 'New PIN',
+      subtitle: 'Enter a new 6-digit PIN.',
+    );
+    if (!context.mounted || newPin == null) return;
+
+    final confirmPin = await showAppPinEntrySheet(
+      context: context,
+      title: 'Confirm PIN',
+      subtitle: 'Enter the new PIN again to confirm.',
+    );
+    if (!context.mounted || confirmPin == null) return;
+
+    if (newPin != confirmPin) {
+      _showSettingsMessage(context, 'PINs do not match', isError: true);
+      return;
+    }
+
+    final success = await state.changePin(currentPin, newPin);
+    if (!context.mounted) return;
+
+    _showSettingsMessage(
+      context,
+      success ? 'PIN changed successfully' : 'Failed to change PIN',
+      isError: !success,
+    );
+  }
+
+  void _showSettingsMessage(
+    BuildContext context,
+    String message, {
+    required bool isError,
+  }) {
+    final colorScheme = Theme.of(context).colorScheme;
+    ScaffoldMessenger.of(context).showSnackBar(
+      SnackBar(
+        content: Text(message),
+        backgroundColor: isError ? colorScheme.error : colorScheme.primary,
       ),
     );
   }
@@ -181,9 +232,7 @@ class SettingScreen extends StatelessWidget {
                                   setupResponse == null
                                       ? 'Set Up 2FA'
                                       : 'Confirm 2FA Setup',
-                                  style: Theme.of(context)
-                                      .textTheme
-                                      .titleLarge
+                                  style: Theme.of(context).textTheme.titleLarge
                                       ?.copyWith(fontWeight: FontWeight.w800),
                                 ),
                               ),
@@ -233,9 +282,9 @@ class SettingScreen extends StatelessWidget {
                             Container(
                               padding: const EdgeInsets.all(12),
                               decoration: BoxDecoration(
-                                color: Theme.of(context)
-                                    .colorScheme
-                                    .surfaceContainerHighest,
+                                color: Theme.of(
+                                  context,
+                                ).colorScheme.surfaceContainerHighest,
                                 borderRadius: BorderRadius.circular(16),
                               ),
                               child: SelectableText(
@@ -263,9 +312,9 @@ class SettingScreen extends StatelessWidget {
                             Container(
                               padding: const EdgeInsets.all(12),
                               decoration: BoxDecoration(
-                                color: Theme.of(context)
-                                    .colorScheme
-                                    .surfaceContainerHighest,
+                                color: Theme.of(
+                                  context,
+                                ).colorScheme.surfaceContainerHighest,
                                 borderRadius: BorderRadius.circular(16),
                               ),
                               child: SelectableText(