Context
PR #36 introduced platform-native rootkey persistence (Android Keystore + iOS Keychain) and round-trip tests via RootKeyStore (Android instrumented test + iOS XCTest). The test coverage stops at "load → store → load returns same bytes" within a single process lifetime.
The promise the rootkey design makes is stronger: MapeoManager.deviceId must be stable across app restarts (and across device reboots, on Android also across FGS process kills). That's the thing that actually proves we're not regenerating identity.
Why deferred
Per PR #36 review: testing this in unit/instrumented tests would require either:
- Manually killing + re-launching the app process from inside a test, OR
- Comparing
deviceId across separate test runs that share keystore state — fragile and order-sensitive.
Both are friction we don't need now. The Maestro end-to-end suite (separately planned) is the right place: full app boot, observe deviceId, kill app, relaunch, observe deviceId again.
Acceptance
Context
PR #36 introduced platform-native rootkey persistence (Android Keystore + iOS Keychain) and round-trip tests via
RootKeyStore(Android instrumented test + iOS XCTest). The test coverage stops at "load → store → load returns same bytes" within a single process lifetime.The promise the rootkey design makes is stronger:
MapeoManager.deviceIdmust be stable across app restarts (and across device reboots, on Android also across FGS process kills). That's the thing that actually proves we're not regenerating identity.Why deferred
Per PR #36 review: testing this in unit/instrumented tests would require either:
deviceIdacross separate test runs that share keystore state — fragile and order-sensitive.Both are friction we don't need now. The Maestro end-to-end suite (separately planned) is the right place: full app boot, observe
deviceId, kill app, relaunch, observedeviceIdagain.Acceptance
MapeoManager.deviceId, kill app, cold-launch again, assertdeviceIdmatches.