This repository contains an SDK for presence tracing based on the CrowdNotifier protocol.
CrowdNotifier proposes a protocol for building secure, decentralized, privacy-preserving presence tracing systems. It simplifies and accelerates the process of notifying individuals that shared a semi-public location with a SARS-CoV-2-positive person for a prolonged time without introducing new risks for users and locations. Existing proximity tracing systems (apps for contact tracing such as SwissCovid, Corona Warn App, and Immuni) notify only a subset of these people: those that were close enough for long enough. Current events have shown the need to notify all people that shared a space with a SARS-CoV-2-positive person. The proposed system provides an alternative to other presence-tracing systems that are based on invasive collection or that are prone to abuse by authorities.
The CrowdNotifier design aims to minimize privacy and security risks for individuals and communities, while guaranteeing the highest level of data protection and good usability and deployability. For further details on the design, see the CrowdNotifier White Paper.
Please see the links below for SDKs for other platforms:
- Android SDK: crowdnotifier-sdk-android
- iOS SDK: crowdnotifier-sdk-ios
- TypeScript Reference Implementation: crowdnotifier-ts
- Technical Specification for CrowdNotifier: techspec
You can find further information on the CrowdNotifier protocol in the CrowdNotifier white paper.
CrowdNotifierSDK is available through Swift Package Manager
- Add the following to your
Package.swiftfile:
dependencies: [
.package(url: "https://github.com/CrowdNotifier/crowdnotifier-sdk-ios.git", .branch("develop"))
]This version points to the HEAD of the develop branch and will always fetch the latest development status. Future releases will be made available using semantic versioning to ensure stability for depending projects.
In your AppDelegate in the didFinishLaunchingWithOptions function you have to initialize the SDK, before you can use any of the other methods:
CrowdNotifier.initialize()// Get VenueInfo
switch CrowdNotifier.getVenueInfo(qrCode, baseUrl) {
case .success(let venueInfo):
// venueInfo contains all information contained in the QR code
case .failure(let error):
// Check why getting venue failed
}
// Store a check-in
switch CrowdNotifier.addCheckin(venueInfo: venueInfo, arrivalTime: arrivalDate, departureTime: departureDate) {
case .success(let id):
// Store id to keep reference of check-in together with public key & notification key, e.g. to update arrival/departure times later
case .failure(let error):
// Check why adding check-in failed
}
// Update a check-in
switch CrowdNotifier.updateCheckin(checkinId: id, venueInfo: venueInfo, arrivalTime: arrivalDate, departureTime: departureDate) {
case .success(let id):
// Store id to keep reference of check-in together with public key & notification key, e.g. to update arrival/departure times later
case .failure(let error):
// Check why updating check-in failed
}
// Match published SKs against stored encrypted venue visits
let newExposures = CrowdNotifier.checkForMatches(publishedSKs: publishedSKs)
// Get all exposure events
let allExposures = CrowdNotifier.getExposureEvents()
// Clean up old entries
CrowdNotifier.cleanUpOldData(maxDaysToKeep: 10)You need to modify the Xcode build settings to build the application using CrowdNotfier:
- Set
ENABLE_BITCODEto:NO
There is a known bug in the current Xcode SPM integration with static binaryTargets. Xcode copies the .a files into the resulting product in the /Frameworks folder (in addition to linking them to the binary). So if you are using SPM, it will be necessary to remove .a-Files from the package before it is distributed. It can be done by adding a post action to the scheme with the following commands:
rm -rf "${TARGET_BUILD_DIR}/${PRODUCT_NAME}.app/Frameworks/*.a"
The CrowdNotifier enum implements the following static methods that can be used to interact with the system. The SDK only stores encrypted entries of check-ins as well as exposure matches. Any additional storage of data needs to
be handled by the app itself.
| Name | Description | Function Name |
|---|---|---|
| init | Initializes the SDK and configures it | func initialize() |
| getVenueInfo | Returns information about the data contained in a QR code, or an error if the QR code does not have a valid format or does not match the expected base URL | getVenueInfo(qrCode: String, baseUrl: String) -> Result<VenueInfo, CrowdNotifierError> |
| addCheckin | Stores a check-in given arrival time, departure time and the venue information. Returns the id of the stored entry. | addCheckin(venueInfo: VenueInfo, arrivalTime: Date, departureTime: Date) -> Result<String, CrowdNotifierError> |
| updateCheckin | Updates a checkin that has previously been stored | updateCheckin(checkinId: String, venueInfo: VenueInfo, newArrivalTime: Date, newDepartureTime: Date) -> Result<String, CrowdNotifierError> |
| checkForMatches | Given a set of published events with a known infected visitor and optionally a required minimum overlap, stores and returns those locally stored check-ins that overlap with one of the problematic events | func checkForMatches(publishedSKs: [ProblematicEventInfo], requiredOverlap: TimeInterval = 0) -> [ExposureEvent] |
| getExposureEvents | Returns all currently stored check-ins that have previously matched a problematic event | getExposureEvents() -> [ExposureEvent] |
| removeExposure | Remove a exposure from the exposure storage | removeExposure(exposure: ExposureEvent) |
| cleanUpOldData | Removes all check-ins that are older than the specified number of days | func cleanUpOldData(maxDaysToKeep: Int) |
This project is truly open-source and we welcome any feedback on the code regarding both the implementation and security aspects. This repository contains the iOS SDK, so please focus your feedback for this repository on implementation issues.
Before proceeding, please read the Code of Conduct to ensure positive and constructive interactions with the community.
This project is licensed under the terms of the MPL 2 license. See the LICENSE file.
The following list of apps are using this SDK: