[stealth 03/11] Stealth Lantern: randomize Android build identity#8781
Open
reflog wants to merge 14 commits into
Open
[stealth 03/11] Stealth Lantern: randomize Android build identity#8781reflog wants to merge 14 commits into
reflog wants to merge 14 commits into
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds build-time “identity profiles” for Stealth Android builds so each artifact can have a distinct install identity (applicationId, labels, scheme, icons, and various user-visible strings), while keeping normal builds on the existing Lantern identity.
Changes:
- Introduces a Python generator + unit tests to produce deterministic (seeded) or random Android identity
.propertiesprofiles. - Wires Android Gradle/manifest placeholders + BuildConfig fields to consume identity profile values (applicationId, labels, auth scheme, metadata, notification/tile strings, icons).
- Adds Make/CI/docs plumbing and neutral icon resources to support reproducible Stealth builds.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/stealth/generate_android_identity.py | Generates Android identity profiles (applicationId, labels, metadata, icons, strings). |
| scripts/stealth/generate_android_identity_test.py | Unit tests for deterministic/random generation and properties output. |
| Makefile | Adds identity profile generation and injects ANDROID_IDENTITY_PROFILE into Flutter Android builds. |
| docs/stealth-android-identity.md | Documents how to generate/use identity profiles and schema. |
| android/app/src/main/res/values/string.xml | Removes static app_name so Gradle resValue can control it per build. |
| android/app/src/main/res/drawable/neutral_notification_icon.xml | Adds neutral notification small icon vector. |
| android/app/src/main/res/drawable/neutral_app_icon.xml | Adds neutral app icon vector. |
| android/app/src/main/kotlin/org/getlantern/lantern/service/QuickTileService.kt | Uses BuildConfig-provided quick settings tile labels. |
| android/app/src/main/kotlin/org/getlantern/lantern/service/LanternVpnService.kt | Uses BuildConfig-provided VPN session name. |
| android/app/src/main/kotlin/org/getlantern/lantern/notification/NotificationManager.kt | Uses BuildConfig-provided notification strings + resolves small icon from BuildConfig. |
| android/app/src/main/AndroidManifest.xml | Switches app labels/icons/schemes to manifest placeholders; adds identity meta-data placeholders. |
| android/app/build.gradle | Loads identity profile, validates applicationId, sets manifest placeholders, resValue app_name, and BuildConfig fields. |
| .github/workflows/build-android.yml | Adds optional android_identity_seed input passed through to builds. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
11 tasks
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 16 out of 16 changed files in this pull request and generated 2 comments.
Comments suppressed due to low confidence (1)
lib/lantern_app.dart:199
_buildPrivateServerAccessKey()now accepts anyAppBuildInfo.appAuthSchemeURI, but still normalizes the returned access key to a hardcodedlantern//...prefix and the comment/example also hardcodelantern://.... If the intention is to preserve the randomized scheme end-to-end (or to avoid leaking "lantern" into a user-visible access key), update the normalization and comment to useAppBuildInfo.appAuthScheme(or add an explicit comment explaining why thelantern//prefix must remain constant).
if (AppBuildInfo.isAppAuthUri(uri)) {
// lantern://private-server?key=value → lantern//private-server?key=value
var accessKey = 'lantern//${uri.host}';
if (uri.hasQuery) {
accessKey += '?${uri.query}';
}
return accessKey;
reflog
changed the title
Contributor
Author
|
@copilot review |
Contributor
Ran a fresh review pass on commit |
Contributor
Author
|
@copilot review |
Contributor
Ran a fresh review pass on commit |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Dependency / non-goals
This closes #8765 for per-build install identity and native Android identity surfaces. Static inspection can still find source namespace/class/action strings such as org.getlantern and LanternVpnService until the manifest/source minimization work lands; this PR intentionally depends on #8763 for that broader minimization instead of expanding this branch.
Verification
Closes #8765