Milestone 4 Completion Report
Project: Pocket Node: Mobile CKB Light Client Wallet for Android
Repository: github.com/RaheemJnr/pocket-node
Milestone: M4
Releases: v1.7.0
What’s new in v1.7.0 / M4
Security
- V2 Keystore migration: mnemonic reveal now requires BiometricPrompt (or device-credential fallback), and the underlying key chain rotates lazily on first reveal for wallets created under v1.6.x.
- Forgot-PIN destructive recovery path: import from seed phrase replaces the wallet. Previously a forgotten PIN was a permanent lockout.
- Phase 1 audits closed: JNI memory safety, Keystore + key material, third-party deps. Codex security scan PRs merged.
Address Book
- New Contacts area in Settings: add, edit, detail.
- Send screen autocompletes recipients against contacts and offers a contact picker sheet.
- Post-send prompt to save the unknown recipient as a contact.
Localisation
- Full app strings extracted and translated to Chinese (Simplified), Spanish, and Russian. English remains the source.
Sync hardening
- New wallets now wait up to five seconds for the light client tip before computing the start block, so SyncMode.NEW_WALLET no longer falls back to the hardcoded checkpoint and start “hundreds of thousands of blocks behind”.
- Sync-stall detection: if the polling loop wedges, the home screen surfaces a one-tap switch to RECENT mode.
- Three layers of background-crash fixes: SupervisorJob on the repository scope, try/catch around startForeground and notification updates, and a proper Android 14+ FGS time-limit handler (Service.onTimeout) so the system doesn’t kill the process with ForegroundServiceDidNotStopInTimeException.
DAO
- Realized APC on withdrawing cells now uses the withdraw-block timestamp as the upper bound instead of wall-clock now. The number reads correctly (and higher) than before.
- Tap the APC label to open a tooltip explaining the difference between realized APC (what Pocket Node shows) and theoretical APC (what other wallets project).
Site, docs, polish
- Website rebuilt on pocket-node.com (Next.js + Tailwind, brand-green palette borrowed from ckba). Direct APK download from the homepage, plus the public user guide at /guide.
- Embedded explorer WebView for block-height lookup (in-process, host whitelisted, no external browser handoff).
- Privacy Policy and Play Store Data Safety form published.
- GatewayRepository finally split into SyncCoordinator, DaoHeaderResolver, DaoDepositReader, LightClientReadOnly (issue #106, four phases).
Where
- Release + APK: Release v1.7.0 · RaheemJnr/pocket-node · GitHub
- Website: https://pocket-node.com
- User guide: https://pocket-node.com/guide