efir369999/montana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69a6432030
montana/Android/Внешний-аудит/12-Phase3-PlayStore.md
Afgroup 7766538b9b sync 2026-05-21T00:44:38Z
2026-05-21 03:44:38 +03:00

158 lines
7.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 12. Phase 3 — Production Release + Play Store Readiness (v6.7.0)
**Дата:** 2026-05-18, продолжение Phase 2.
## Что закрыто в этой фазе
### Закрытые findings
| Finding | Closure | Verification |
|---------|---------|--------------|
| **F-3.1** Automated purge cron | `systemd timer` daily через `mt-vpn-balance-purge.timer` | `systemctl list-timers \| grep mt-vpn` |
| **F-4 mitigation** SPOF Moscow | rsync replication каждые 5 мин на 3 узла (Helsinki/Frankfurt/US) через `mt-vpn-balance-replicate.timer` | `ssh montana-finland ls /var/lib/mt-vpn-balance-replica/state.json` |
| **F-7** Backup confirmation flow | Новый экран `s-backup-verify` между создания и активации — пользователь вводит случайное слово из 24 для подтверждения | Reproducible в app v6.7.0 |
| **Production release build** | R8 minification + shrinkResources + proper signing config + ProGuard rules | APK 29 MB (vs 32 MB debug), Genesis-signed |
| **Privacy Policy** | RU + EN опубликованы на `https://montana.quest/privacy` (HTTP 200) | curl probe |
| **Data Safety declaration** | `Play-Store-Pack/data-safety.md` — готовая выгрузка для Play Console | review |
| **Store listing** | RU + EN descriptions, screenshots refs, release notes | `Play-Store-Pack/store-listing.md` |
### Phase 3 deployment status
| Компонент | Status | Доказательство |
|-----------|--------|----------------|
| **Production APK release** | ✅ `montana-6.7.0-release.apk` (29 MB) подписан Genesis-keystore | SHA-256 fingerprint `305bc99b…3ce4d` |
| **На сайте** | ✅ `montana.quest/vpn/montana.apk``montana-v6.7.0-release.apk` symlink | curl headers |
| **Privacy URL** | ✅ `https://montana.quest/privacy` живой | HTTP 200 |
| **Backend Rust** | ✅ `mt-vpn-balance.service` active, port 5009, signed_accounts > 0 | systemctl |
| **VPN cascade** | ✅ haproxy + 3 xray-pinned active enabled | systemctl |
| **Daily purge** | ✅ `mt-vpn-balance-purge.timer` enabled | next run 00:03 UTC |
| **State replication** | ✅ `mt-vpn-balance-replicate.timer` every 5min | rsync to 3 nodes |
---
## Google Play Store submission checklist
### Перед загрузкой APK
- [x] APK signed with **non-debug** keystore (Genesis-keystore)
- [x] versionCode incrementally increasing (60700 > 60600)
- [x] versionName semver (`6.7.0`)
- [x] targetSdk = 34 (Android 14, max actual)
- [x] minSdk = 24 (Android 7.0)
- [x] ABI splits: arm64-v8a, armeabi-v7a, x86, x86_64 (universal APK)
- [x] R8 / ProGuard включен с правильными keep rules
- [x] No debug code / log spam в release build
- [x] Foreground service permission decorated `specialUse` (Android 14+ требование)
- [x] WebView allowed cleartext только к `https://montana.local/` synthetic baseURL
### Play Console submission
- [x] Privacy Policy URL: `https://montana.quest/privacy` ← готова и HTTP 200
- [x] Data Safety declaration текст готов — `Play-Store-Pack/data-safety.md`
- [x] App content rating answers: `Play-Store-Pack/store-listing.md` § Content rating
- [x] Store listing RU + EN: `Play-Store-Pack/store-listing.md`
- [ ] Feature graphic 1024×500 — **TODO**: создать в графическом редакторе
- [x] Phone screenshots: использовать `m626-*.png`, `m640-*.png`, `m660-*.png` из `/tmp/` сессии
- [ ] Promo video — **optional**, можно отложить
- [ ] Google Developer Account ($25) — **требует автора**
- [ ] Privacy policy compliance verified by Google — после submission
### Ответы на Google Play обязательные вопросы
#### App access
**Q:** Is any part of your app or game restricted by a login, password, or other authentication mechanism?
**A:** No. Wallet creation is anonymous, no login required.
#### Ads
**Q:** Does your app contain ads?
**A:** No.
#### Target audience
**Q:** Select target age groups
**A:** Ages 18 and over (финансовый функционал — Ɉ accumulation).
#### News apps
**A:** No.
#### COVID-19 contact tracing & status
**A:** No.
#### Data Safety section
См. `Play-Store-Pack/data-safety.md`.
---
## Что осталось до полного mainnet (Phase 4)
| Задача | Severity | Cost |
|--------|----------|------|
| **CF-Phase2-1** Falcon-512 замена Ed25519 (post-quantum) | Средний | 2-3 недели (Android NDK + JNI bridge) |
| **F-6** Encrypted seed через user passcode (Android Keystore wrap) | Высокий | 1 неделя |
| **CF-Phase2-2** TOFU revocation flow | Средний | 1 неделя |
| **TimeChain consensus opcode `0x06 VpnHeartbeat`** | Низкий (текущая защита достаточна для MVP) | 3-4 недели (spec patch v35.26 + mt-account + montana-node) |
| **CF-recovery-tests** Automated unit + instrumented tests | Высокий | 2 дня |
| **F-8** SLIP-44 + BIP44 cross-wallet compatibility | Средний (UX warning достаточно для MVP) | 1 неделя |
---
## Готовность к Play Store submission
**Готово к internal testing track:** ✅ Yes
**Готово к closed/open testing:** ✅ Yes
**Готово к production submission:** ⚠️ Зависит от:
- Подтверждение от автора что keystore backup надёжен
- Подтверждение что hosting providers согласны с публичной публикацией infrastructure
- Feature graphic (1024×500) создан
**Не блокирует submission:** все остальные Phase 4 задачи — это улучшения безопасности post-launch, не блокеры для Play Store guidelines.
---
## Команды для submission (для автора)
### 1. Создать Google Developer Account
```
URL: https://play.google.com/console/u/0/signup
Cost: $25 one-time
```
### 2. Upload APK в Internal testing
```
Play Console → All apps → Create app
→ Name: Montana VPN
→ Default language: Russian (RU)
→ App or game: App
→ Free or paid: Free
→ Declarations: всё подписать
Release management → Internal testing
→ New release → Upload APK
→ File: /Users/kh./Python/Ничто/Montana/Android/build/montana-6.7.0-release.apk
→ Release notes: см. Play-Store-Pack/store-listing.md
```
### 3. Заполнить Store listing
```
Store presence → Main store listing
→ Подгрузить тексты из Play-Store-Pack/store-listing.md
→ Загрузить screenshots
```
### 4. Заполнить Data Safety
```
Policy → App content → Data safety
→ Использовать `Play-Store-Pack/data-safety.md` как guide
```
### 5. Privacy Policy URL
```
Already live: https://montana.quest/privacy
Вставить URL в Store presence → Privacy policy
```
### 6. Promote через testing → production
```
Internal → Closed → Open → Production
```
Время от submission до approval: обычно 1-3 дня для нового app.
Reference in New Issue View Git Blame Copy Permalink