- Swift: getOrCreateKey(service:account:), loadKey(), deleteKey()
- Generates random AES-256 key, persists as hex in BLKeychain
- Subsequent calls return the same key for stable per-device DEK
- Kotlin: getOrCreateKey(store:account:), loadKey(), deleteKey()
- Generates random AES-256 key, persists as hex in BLSecureStore
- Uses EncryptedSharedPreferences for at-rest protection
- All existing tests still pass (21/21 Kotlin)
- BLAuditLogger is an enum (static API) — cannot be constructed; use .Type reference + configure()
- BLCrashReporter is @MainActor — defer construction to start() via Task { @MainActor }
- GET /auth/mfa/totp/secret — retrieve decrypted TOTP secret for auth app
- POST /auth/mfa/push/create, GET /pending, POST /:id/respond, GET /:id/status
- POST /auth/qr/create, POST /auth/qr/confirm, GET /auth/qr/:id/status
- Kotlin SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- Swift SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- All 53 auth tests passing
- TypeScript: DeepLinkRouter with URL parsing and handler registration
- Swift: BLDeepLinkRouter with iOS URL handling and Logger integration
- Kotlin: DeepLinkRouter with Android Uri parsing and handler mapping
- Common screen constants: broadcasts, surveys, settings, profile, etc.
- Add BLFeedbackClient.swift with submitFeedback(), captureAndSubmit(), captureScreen()
- Add BLFeedbackClient.kt with FeedbackParams, DeviceContext, screenshot capture
- Include implementation instructions and error handling
- Mirror API structure between Swift and Kotlin SDKs
saveEvents used .iso8601 encoding but loadEvents used the default
decoder (.deferredToDate). ISO8601 date strings could not be decoded
back, causing loadEvents() to return [] after the first log — breaking
event rotation and losing all previous audit entries.
BLAuthClient stored tokens as '{productId}_access_token' but all app
wrappers use KeychainHelper.read(key: "access_token") — the bare key.
This caused a critical mismatch: after login, BlobService/LicenseService
could not find the token, and token migration from UserDefaults was invisible
to BLAuthClient.isAuthenticated.
The Keychain service name (bundleId) already namespaces per product,
making the productId prefix redundant. Now uses bare 'access_token' and
'refresh_token' keys matching existing app conventions.
BLLicenseClient.checkStatus: percent-encode key before inserting into URL
path to prevent malformed URLs with special characters.
BLKillSwitchClient: add X-Product-Id and X-Request-Id headers for
consistency with BLPlatformClient request tracing pattern.
BLBiometricAuth imports LocalAuthentication (unavailable on watchOS).
BLCrashReporter imports MetricKit (unavailable on watchOS).
Package.swift declares watchOS 10+ as a platform target.
Fix: wrap both files in #if canImport() guards.
BLCrashReport model struct stays outside the guard (data-only, all platforms).
