Skip to content

android: implement biometric authentication (fingerprint)#10340

Merged
SomberNight merged 3 commits intospesmilo:masterfrom
f321x:fingerprint
Jan 19, 2026
Merged

android: implement biometric authentication (fingerprint)#10340
SomberNight merged 3 commits intospesmilo:masterfrom
f321x:fingerprint

Conversation

@f321x
Copy link
Copy Markdown
Member

@f321x f321x commented Dec 2, 2025
edited by SomberNight
Loading

Allows to unlock the android app with the android biometric api (e.g. fingerprint). Can be enabled in the settings.
The initial version was LLM generated but i reviewed it and rewrote a couple things.

TODO: checkbox to enable it in the wizard during wallet setup once one password is enforced for creation of new wallets

closes #7560

SomberNight
SomberNight reviewed Dec 2, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@SomberNight SomberNight left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just some quick comments, I haven't really looked at this

Comment thread electrum/simple_config.py Outdated
Comment thread electrum/gui/qml/qebiometrics.py Outdated
@f321x f321x force-pushed the fingerprint branch 2 times, most recently from f724c33 to 3d72275 Compare December 3, 2025 12:25
@f321x f321x marked this pull request as ready for review December 3, 2025 12:33
@accumulator
Copy link
Copy Markdown
Member

accumulator commented Dec 4, 2025

I assume this will be combined with #10339? (as handing over the wallet password to some biometric backend is a risk)

@f321x
Copy link
Copy Markdown
Member Author

f321x commented Dec 4, 2025
edited
Loading

@accumulator no, the PRs are independent.
The password is encrypted with a secret retrieved from the secure element inside the new Java activity, we then store the encrypted password in our config file, so the wallet password is not stored anywhere outside of Electrum.

@f321x f321x force-pushed the fingerprint branch 2 times, most recently from f62cf83 to 0cf8b3c Compare December 19, 2025 09:25
@ecdsa
Copy link
Copy Markdown
Member

ecdsa commented Dec 19, 2025

this looks good to me, although I did not build an apk,

@f321x
Copy link
Copy Markdown
Member Author

f321x commented Dec 19, 2025

running this apk for 2 weeks now, no issues so far

SomberNight
SomberNight reviewed Jan 5, 2026
View reviewed changes
Comment thread electrum/gui/qml/qebiometrics.py Outdated
Comment thread electrum/gui/qml/qebiometrics.py Outdated
Comment thread electrum/gui/qml/qebiometrics.py
Comment thread electrum/gui/qml/qebiometrics.py
Comment thread electrum/gui/qml/java_classes/org/electrum/biometry/BiometricActivity.java Outdated
Comment thread electrum/gui/qml/java_classes/org/electrum/biometry/BiometricActivity.java
@f321x f321x force-pushed the fingerprint branch 5 times, most recently from d3d7678 to dac9e6a Compare January 13, 2026 10:29
@f321x
Copy link
Copy Markdown
Member Author

f321x commented Jan 13, 2026

Force pushed from 147e418 to dac9e6a.
Implements the password encryption indirection described by @ecdsa in #10340 (comment) and simplifies the QEBiometrics api by keeping all config changes on the Python side.

SomberNight
SomberNight reviewed Jan 13, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@SomberNight SomberNight left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice!

Comment thread electrum/gui/qml/qedaemon.py Outdated
Comment thread electrum/gui/qml/java_classes/org/electrum/biometry/BiometricActivity.java Outdated
Comment thread electrum/gui/qml/qedaemon.py Outdated
SomberNight
SomberNight reviewed Jan 13, 2026
View reviewed changes
Comment thread electrum/simple_config.py Outdated
f321x added 2 commits January 13, 2026 18:10
@f321x
android: implement biometric authentication
5dd3dda 
Allows to unlock the android app with the android biometric api (e.g.
fingerprint). Can be enabled in the settings.
@f321x
qeqrscanner: check requestCode on activity result
6450187
@SomberNight SomberNight mentioned this pull request Jan 13, 2026
Closed
ecdsa
ecdsa reviewed Jan 14, 2026
View reviewed changes
Comment thread electrum/gui/qml/components/main.qml Outdated
@f321x f321x force-pushed the fingerprint branch 2 times, most recently from 7ddfd76 to 9f15a33 Compare January 15, 2026 14:45
@f321x f321x marked this pull request as draft January 15, 2026 14:58
@f321x f321x marked this pull request as ready for review January 15, 2026 15:53
@SomberNight SomberNight added this to the 4.7.0 milestone Jan 15, 2026
SomberNight
SomberNight reviewed Jan 15, 2026
View reviewed changes
Comment thread electrum/gui/qml/components/Preferences.qml Outdated
Comment thread electrum/gui/qml/java_classes/org/electrum/biometry/BiometricActivity.java
Comment thread electrum/gui/qml/components/WalletDetails.qml
@f321x f321x force-pushed the fingerprint branch 4 times, most recently from 9a76759 to 9e42c12 Compare January 19, 2026 09:28
@f321x
qml: remove pin code authentication
47efb8b 
Completely removes the pin code authentication from qml. The config
option in the wallet preferences has been renamed to "Payment
authentication" and now either asks for the Android system
authentication (Biometric or system pin/password) if enabled or will ask
for the wallet password as fallback.
SomberNight
SomberNight approved these changes Jan 19, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@SomberNight SomberNight left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Thanks!

Comment thread electrum/gui/qml/components/main.qml
Comment on lines +830 to +834
if (Daemon.currentWallet.verifyPassword('')) {
// wallet has no password
qtobject.authProceed()
return
}
Copy link
Copy Markdown
Member

@SomberNight SomberNight Jan 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess this is a pre-existing issue, but shouldn't we call handleAuthConfirmationOnly instead?

Copy link
Copy Markdown
Member Author

@f321x f321x Jan 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the original call method was payment_auth yes we probably should (though wallets without password should be rare(?)). For wallet or wallet_password_only I don't think it would be useful.

Copy link
Copy Markdown
Member

@SomberNight SomberNight Jan 19, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

though wallets without password should be rare(?)

IIRC for several years, older versions of kivy did not allow setting a password for a watch-only wallet. So old installs, without password unification, could have those wallets still around.
Then again, if it's watch-only, not prompting for auth is not that critical.

@SomberNight SomberNight merged commit ece52b0 into spesmilo:master Jan 19, 2026
16 checks passed
@f321x f321x deleted the fingerprint branch January 19, 2026 15:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ecdsa ecdsa ecdsa left review comments

@SomberNight SomberNight SomberNight approved these changes

Assignees

No one assigned

Labels

gui-qml OS-android🤖

Projects

None yet

Milestone

4.7.0

Development

Successfully merging this pull request may close these issues.

Android: unlock wallet using fingerprint (biometric authentication)

4 participants

@f321x @accumulator @ecdsa @SomberNight