Flow Wallet Kit
Android SDK

Security

Security features and best practices for Flow Wallet Kit Android SDK

Security

The Flow Wallet Kit for Android implements robust security measures to protect sensitive wallet data and cryptographic operations.

Overview

Security features include:

  • Secure key generation and storage
  • Encryption of sensitive data
  • Secure communication
  • Runtime integrity checks
  • Anti-tampering measures

Key Security

Key Generation

import io.outblock.flowwalletkit.security.KeyGenerator
 
// Generate a new key pair
val keyPair = KeyGenerator.generateKeyPair()
 
// Generate a deterministic key from seed
val seed = ByteArray(32) // Your seed bytes
val deterministicKey = KeyGenerator.generateFromSeed(seed)

Key Storage

Keys are stored securely using the Android Keystore System:

import io.outblock.flowwalletkit.security.KeyStorage
 
// Store a private key
KeyStorage.storePrivateKey(privateKey, "key_alias")
 
// Retrieve a private key
val privateKey = KeyStorage.getPrivateKey("key_alias")

Encryption

Data Encryption

import io.outblock.flowwalletkit.security.Encryption
 
// Encrypt data
val encrypted = Encryption.encrypt(data, publicKey)
 
// Decrypt data
val decrypted = Encryption.decrypt(encrypted, privateKey)

Key Derivation

// Derive encryption key from password
val salt = ByteArray(16) // Random salt
val key = Encryption.deriveKey(password, salt)

Secure Communication

Network Security

import io.outblock.flowwalletkit.security.Network
 
// Configure secure network communication
Network.configure {
    certificatePinning = true
    minimumTLSVersion = TLSVersion.TLS_1_3
    allowedCipherSuites = listOf(/* secure cipher suites */)
}

Runtime Protection

Root Detection

import io.outblock.flowwalletkit.security.SecurityChecks
 
// Check for root/jailbreak
if (SecurityChecks.isDeviceRooted()) {
    // Handle rooted device
}

Integrity Checks

// Verify app integrity
SecurityChecks.verifyAppIntegrity(context) { result ->
    when (result) {
        is IntegrityResult.Valid -> // Proceed
        is IntegrityResult.Invalid -> // Handle integrity violation
    }
}

Memory Protection

Secure Memory

import io.outblock.flowwalletkit.security.SecureMemory
 
// Store sensitive data in secure memory
val secureString = SecureMemory.allocateString("sensitive data")
try {
    // Use secure string
} finally {
    secureString.clear() // Properly clear memory
}

Best Practices

1. Key Management

// Generate keys securely
val keyPair = KeyGenerator.generateSecureKeyPair()
 
// Never expose private keys
private fun signTransaction(transaction: Transaction) {
    val signature = KeyStorage.signWithStoredKey(transaction)
    // Use signature...
}

2. Data Protection

// Always encrypt sensitive data before storage
storage.saveEncrypted("wallet_data", walletData)
 
// Use secure random for critical operations
val random = SecureRandom()
val bytes = ByteArray(32)
random.nextBytes(bytes)

3. Error Handling

sealed class SecurityError : Exception() {
    class KeyGenerationError : SecurityError()
    class EncryptionError : SecurityError()
    class IntegrityError : SecurityError()
    class SecurityCheckError : SecurityError()
}
 
try {
    KeyGenerator.generateKeyPair()
} catch (e: SecurityError) {
    when (e) {
        is SecurityError.KeyGenerationError -> // Handle key generation failure
        is SecurityError.EncryptionError -> // Handle encryption failure
        is SecurityError.IntegrityError -> // Handle integrity check failure
        is SecurityError.SecurityCheckError -> // Handle security check failure
    }
}

Security Configurations

Customizing Security Settings

import io.outblock.flowwalletkit.security.SecurityConfig
 
SecurityConfig.configure {
    // Key generation parameters
    keySize = 2048
    keyAlgorithm = "RSA"
    
    // Encryption settings
    encryptionAlgorithm = "AES/GCM/NoPadding"
    ivLength = 12
    
    // Security checks
    requireDeviceUnlocked = true
    requireStrongBox = true
    requireBiometric = false
}

Biometric Authentication

Using Biometrics

import io.outblock.flowwalletkit.security.BiometricAuth
 
// Initialize biometric authentication
val biometricAuth = BiometricAuth(context)
 
// Authenticate user
biometricAuth.authenticate(
    title = "Confirm Transaction",
    subtitle = "Use biometric to sign transaction",
    onSuccess = { 
        // Proceed with operation
    },
    onError = { error ->
        // Handle authentication error
    }
)

Security Auditing

Logging Security Events

import io.outblock.flowwalletkit.security.SecurityAudit
 
// Log security-relevant events
SecurityAudit.logEvent(
    type = SecurityEventType.KEY_GENERATION,
    result = SecurityEventResult.SUCCESS,
    details = "Generated new key pair"
)
 
// Get security audit log
val auditLog = SecurityAudit.getLog()

Emergency Recovery

Implementing Kill Switch

import io.outblock.flowwalletkit.security.EmergencyKit
 
// Configure emergency measures
EmergencyKit.configure {
    // Define conditions for emergency
    maxFailedAttempts = 3
    lockoutDuration = 24.hours
    
    // Define recovery actions
    onEmergency = {
        wipeKeys()
        notifyUser()
        lockWallet()
    }
}

Android SDK

Flow Wallet Kit Android Documentation

Storage

Storage system documentation for Flow Wallet Kit Android SDK

On this page