Skip to content

[LOW] Mobile BiometricContext exists but biometric auth not implemented #124

Open
Open
[LOW] Mobile BiometricContext exists but biometric auth not implemented#124
Labels
GrantFox OSSIssue tracked in GrantFox OSSMaybe RewardedIssue may be eligible for a GrantFox rewardOfficial CampaignCampaign: Official Campaignfeaturelow

Description

@kilodesodiq-arch
kilodesodiq-arch
opened on Jun 15, 2026

Engineering Gap

app/mobile/src/contexts/BiometricContext.tsx is imported in App.tsx and wraps the app, but no biometric authentication flow is implemented. expo-local-authentication is in dependencies but not used in authentication workflows.

Codebase Evidence

  • app/mobile/App.tsx line 14: BiometricProvider wraps app
  • app/mobile/package.json: expo-local-authentication: ^55.0.9 installed
  • app/mobile/src/contexts/BiometricContext.tsx: Context defined but may be stub

Risk Profile

Security feature present but unused. Missed opportunity for app-level security.

Remediation Strategy

Implement biometric lock on app open: require fingerprint/face before accessing sensitive screens. Add fallback PIN. Make optional via settings.

Success Conditions

  • Biometric auth on app open
  • Fallback PIN
  • Settings toggle

Change Surface

Files: BiometricContext.tsx, App.tsx, SettingsScreen.tsx

Security Review

Adds app-level security. Biometric data stays on-device.

Completion Checklist

  • Implementation completed
  • Peer reviewed
  • Tests passing
  • Ready for merge

Metadata

Metadata

Assignees

No one assigned

    Labels

    GrantFox OSSIssue tracked in GrantFox OSSMaybe RewardedIssue may be eligible for a GrantFox rewardOfficial CampaignCampaign: Official Campaignfeaturelow

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions