fix: configure Vite for proper Node.js module handling in Electron

- Add vite-plugin-node-polyfills to provide Node.js built-in module polyfills
- Configure build target as 'node18' for Electron environment
- Switch to CommonJS format for Electron builds
- Add specific polyfills for sqlite3 dependencies (util, stream, buffer)
- Mark Node.js built-in modules as external in Electron builds

This fixes the "Module util has been externalized" error by properly handling
Node.js modules in the Electron environment, particularly for sqlite3 which
depends on Node.js built-in modules.

.cursor/rules/SQLITE.mdc

@@ -0,0 +1,172 @@
+---
+description: 
+globs: 
+alwaysApply: true
+---
+# @capacitor-community/sqlite MDC Ruleset
+
+## Project Overview
+This ruleset is for the `@capacitor-community/sqlite` plugin, a Capacitor community plugin that provides native and Electron SQLite database functionality with encryption support.
+
+## Key Features
+- Native SQLite database support for iOS, Android, and Electron
+- Database encryption support using SQLCipher (Native) and better-sqlite3-multiple-ciphers (Electron)
+- Biometric authentication support
+- Cross-platform database operations
+- JSON import/export capabilities
+- Database migration support
+- Sync table functionality
+
+## Platform Support Matrix
+
+### Core Database Operations
+| Operation | Android | iOS | Electron | Web |
+|-----------|---------|-----|----------|-----|
+| Create Connection (RW) | ✅ | ✅ | ✅ | ✅ |
+| Create Connection (RO) | ✅ | ✅ | ✅ | ❌ |
+| Open DB (non-encrypted) | ✅ | ✅ | ✅ | ✅ |
+| Open DB (encrypted) | ✅ | ✅ | ✅ | ❌ |
+| Execute/Query | ✅ | ✅ | ✅ | ✅ |
+| Import/Export JSON | ✅ | ✅ | ✅ | ✅ |
+
+### Security Features
+| Feature | Android | iOS | Electron | Web |
+|---------|---------|-----|----------|-----|
+| Encryption | ✅ | ✅ | ✅ | ❌ |
+| Biometric Auth | ✅ | ✅ | ✅ | ❌ |
+| Secret Management | ✅ | ✅ | ✅ | ❌ |
+
+## Configuration Requirements
+
+### Base Configuration
+```typescript
+// capacitor.config.ts
+{
+  plugins: {
+    CapacitorSQLite: {
+      iosDatabaseLocation: 'Library/CapacitorDatabase',
+      iosIsEncryption: true,
+      iosKeychainPrefix: 'your-app-prefix',
+      androidIsEncryption: true,
+      electronIsEncryption: true
+    }
+  }
+}
+```
+
+### Platform-Specific Requirements
+
+#### Android
+- Minimum SDK: 23
+- Target SDK: 35
+- Required Gradle JDK: 21
+- Required Android Gradle Plugin: 8.7.2
+- Required manifest settings for backup prevention
+- Required data extraction rules
+
+#### iOS
+- No additional configuration needed beyond base setup
+- Supports biometric authentication
+- Uses keychain for encryption
+
+#### Electron
+Required dependencies:
+```json
+{
+  "dependencies": {
+    "better-sqlite3-multiple-ciphers": "latest",
+    "electron-json-storage": "latest",
+    "jszip": "latest",
+    "node-fetch": "2.6.7",
+    "crypto": "latest",
+    "crypto-js": "latest"
+  }
+}
+```
+
+#### Web
+- Requires `sql.js` and `jeep-sqlite`
+- Manual copy of `sql-wasm.wasm` to assets folder
+- Framework-specific asset placement:
+  - Angular: `src/assets/`
+  - Vue/React: `public/assets/`
+
+## Best Practices
+
+### Database Operations
+1. Always close connections after use
+2. Use transactions for multiple operations
+3. Implement proper error handling
+4. Use prepared statements for queries
+5. Implement proper database versioning
+
+### Security
+1. Always use encryption for sensitive data
+2. Implement proper secret management
+3. Use biometric authentication when available
+4. Follow platform-specific security guidelines
+
+### Performance
+1. Use appropriate indexes
+2. Implement connection pooling
+3. Use transactions for bulk operations
+4. Implement proper database cleanup
+
+## Common Issues and Solutions
+
+### Android
+- Build data properties conflict: Add to `app/build.gradle`:
+  ```gradle
+  packagingOptions {
+      exclude 'build-data.properties'
+  }
+  ```
+
+### Electron
+- Node-fetch version must be ≤2.6.7
+- For Capacitor Electron v5:
+  - Use Electron@25.8.4
+  - Add `"skipLibCheck": true` to tsconfig.json
+
+### Web
+- Ensure proper WASM file placement
+- Handle browser compatibility
+- Implement proper fallbacks
+
+## Version Compatibility
+- Requires Node.js ≥16.0.0
+- Compatible with Capacitor ≥7.0.0
+- Supports TypeScript 4.1.5+
+
+## Testing Requirements
+- Unit tests for database operations
+- Platform-specific integration tests
+- Encryption/decryption tests
+- Biometric authentication tests
+- Migration tests
+- Sync functionality tests
+
+## Documentation
+- API Documentation: `/docs/API.md`
+- Connection API: `/docs/APIConnection.md`
+- DB Connection API: `/docs/APIDBConnection.md`
+- Release Notes: `/docs/info_releases.md`
+- Changelog: `CHANGELOG.md`
+
+## Contributing Guidelines
+- Follow Ionic coding standards
+- Use provided linting and formatting tools
+- Maintain platform compatibility
+- Update documentation
+- Add appropriate tests
+- Follow semantic versioning
+
+## Maintenance
+- Regular security updates
+- Platform compatibility checks
+- Performance optimization
+- Documentation updates
+- Dependency updates
+
+## License
+MIT License - See LICENSE file for details 

.cursor/rules/absurd-sql.mdc

@@ -0,0 +1,153 @@
+---
+description: 
+globs: 
+alwaysApply: true
+---
+# Absurd SQL - Cursor Development Guide
+
+## Project Overview
+Absurd SQL is a backend implementation for sql.js that enables persistent SQLite databases in the browser by using IndexedDB as a block storage system. This guide provides rules and best practices for developing with this project in Cursor.
+
+## Project Structure
+```
+absurd-sql/
+├── src/               # Source code
+├── dist/             # Built files
+├── package.json      # Dependencies and scripts
+├── rollup.config.js  # Build configuration
+└── jest.config.js    # Test configuration
+```
+
+## Development Rules
+
+### 1. Worker Thread Requirements
+- All SQL operations MUST be performed in a worker thread
+- Main thread should only handle worker initialization and communication
+- Never block the main thread with database operations
+
+### 2. Code Organization
+- Keep worker code in separate files (e.g., `*.worker.js`)
+- Use ES modules for imports/exports
+- Follow the project's existing module structure
+
+### 3. Required Headers
+When developing locally or deploying, ensure these headers are set:
+```
+Cross-Origin-Opener-Policy: same-origin
+Cross-Origin-Embedder-Policy: require-corp
+```
+
+### 4. Browser Compatibility
+- Primary target: Modern browsers with SharedArrayBuffer support
+- Fallback mode: Safari (with limitations)
+- Always test in both modes
+
+### 5. Database Configuration
+Recommended database settings:
+```sql
+PRAGMA journal_mode=MEMORY;
+PRAGMA page_size=8192;  -- Optional, but recommended
+```
+
+### 6. Development Workflow
+1. Install dependencies:
+   ```bash
+   yarn add @jlongster/sql.js absurd-sql
+   ```
+
+2. Development commands:
+   - `yarn build` - Build the project
+   - `yarn jest` - Run tests
+   - `yarn serve` - Start development server
+
+### 7. Testing Guidelines
+- Write tests for both SharedArrayBuffer and fallback modes
+- Use Jest for testing
+- Include performance benchmarks for critical operations
+
+### 8. Performance Considerations
+- Use bulk operations when possible
+- Monitor read/write performance
+- Consider using transactions for multiple operations
+- Avoid unnecessary database connections
+
+### 9. Error Handling
+- Implement proper error handling for:
+  - Worker initialization failures
+  - Database connection issues
+  - Concurrent access conflicts (in fallback mode)
+  - Storage quota exceeded scenarios
+
+### 10. Security Best Practices
+- Never expose database operations directly to the client
+- Validate all SQL queries
+- Implement proper access controls
+- Handle sensitive data appropriately
+
+### 11. Code Style
+- Follow ESLint configuration
+- Use async/await for asynchronous operations
+- Document complex database operations
+- Include comments for non-obvious optimizations
+
+### 12. Debugging
+- Use `jest-debug` for debugging tests
+- Monitor IndexedDB usage in browser dev tools
+- Check worker communication in console
+- Use performance monitoring tools
+
+## Common Patterns
+
+### Worker Initialization
+```javascript
+// Main thread
+import { initBackend } from 'absurd-sql/dist/indexeddb-main-thread';
+
+function init() {
+  let worker = new Worker(new URL('./index.worker.js', import.meta.url));
+  initBackend(worker);
+}
+```
+
+### Database Setup
+```javascript
+// Worker thread
+import initSqlJs from '@jlongster/sql.js';
+import { SQLiteFS } from 'absurd-sql';
+import IndexedDBBackend from 'absurd-sql/dist/indexeddb-backend';
+
+async function setupDatabase() {
+  let SQL = await initSqlJs({ locateFile: file => file });
+  let sqlFS = new SQLiteFS(SQL.FS, new IndexedDBBackend());
+  SQL.register_for_idb(sqlFS);
+  
+  SQL.FS.mkdir('/sql');
+  SQL.FS.mount(sqlFS, {}, '/sql');
+  
+  return new SQL.Database('/sql/db.sqlite', { filename: true });
+}
+```
+
+## Troubleshooting
+
+### Common Issues
+1. SharedArrayBuffer not available
+   - Check COOP/COEP headers
+   - Verify browser support
+   - Test fallback mode
+
+2. Worker initialization failures
+   - Check file paths
+   - Verify module imports
+   - Check browser console for errors
+
+3. Performance issues
+   - Monitor IndexedDB usage
+   - Check for unnecessary operations
+   - Verify transaction usage
+
+## Resources
+- [Project Demo](https://priceless-keller-d097e5.netlify.app/)
+- [Example Project](https://github.com/jlongster/absurd-example-project)
+- [Blog Post](https://jlongster.com/future-sql-web)
+- [SQL.js Documentation](https://github.com/sql-js/sql.js/) 

.cursor/rules/crowd-funder-for-time-pwa/docs/camera-implementation.mdc

@@ -1,7 +1,7 @@
 ---
 description: 
 globs: 
-alwaysApply: true
+alwaysApply: false
 ---
 # Camera Implementation Documentation
 

.cursor/rules/wa-sqlite.mdc

@@ -0,0 +1,267 @@
+---
+description: 
+globs: 
+alwaysApply: true
+---
+# wa-sqlite Usage Guide
+
+## Table of Contents
+- [1. Overview](#1-overview)
+- [2. Installation](#2-installation)
+- [3. Basic Setup](#3-basic-setup)
+  - [3.1 Import and Initialize](#31-import-and-initialize)
+  - [3.2 Basic Database Operations](#32-basic-database-operations)
+- [4. Virtual File Systems (VFS)](#4-virtual-file-systems-vfs)
+  - [4.1 Available VFS Options](#41-available-vfs-options)
+  - [4.2 Using a VFS](#42-using-a-vfs)
+- [5. Best Practices](#5-best-practices)
+  - [5.1 Error Handling](#51-error-handling)
+  - [5.2 Transaction Management](#52-transaction-management)
+  - [5.3 Prepared Statements](#53-prepared-statements)
+- [6. Performance Considerations](#6-performance-considerations)
+- [7. Common Issues and Solutions](#7-common-issues-and-solutions)
+- [8. TypeScript Support](#8-typescript-support)
+
+## 1. Overview
+wa-sqlite is a WebAssembly build of SQLite that enables SQLite database operations in web browsers and JavaScript environments. It provides both synchronous and asynchronous builds, with support for custom virtual file systems (VFS) for persistent storage.
+
+## 2. Installation
+```bash
+npm install wa-sqlite
+# or
+yarn add wa-sqlite
+```
+
+## 3. Basic Setup
+
+### 3.1 Import and Initialize
+```javascript
+// Choose one of these imports based on your needs:
+// - wa-sqlite.mjs: Synchronous build
+// - wa-sqlite-async.mjs: Asynchronous build (required for async VFS)
+// - wa-sqlite-jspi.mjs: JSPI-based async build (experimental, Chromium only)
+import SQLiteESMFactory from 'wa-sqlite/dist/wa-sqlite.mjs';
+import * as SQLite from 'wa-sqlite';
+
+async function initDatabase() {
+  // Initialize SQLite module
+  const module = await SQLiteESMFactory();
+  const sqlite3 = SQLite.Factory(module);
+  
+  // Open database (returns a Promise)
+  const db = await sqlite3.open_v2('myDatabase');
+  return { sqlite3, db };
+}
+```
+
+### 3.2 Basic Database Operations
+```javascript
+async function basicOperations() {
+  const { sqlite3, db } = await initDatabase();
+  
+  try {
+    // Create a table
+    await sqlite3.exec(db, `
+      CREATE TABLE IF NOT EXISTS users (
+        id INTEGER PRIMARY KEY,
+        name TEXT NOT NULL,
+        email TEXT UNIQUE
+      )
+    `);
+    
+    // Insert data
+    await sqlite3.exec(db, `
+      INSERT INTO users (name, email) 
+      VALUES ('John Doe', 'john@example.com')
+    `);
+    
+    // Query data
+    const results = [];
+    await sqlite3.exec(db, 'SELECT * FROM users', (row, columns) => {
+      results.push({ row, columns });
+    });
+    
+    return results;
+  } finally {
+    // Always close the database when done
+    await sqlite3.close(db);
+  }
+}
+```
+
+## 4. Virtual File Systems (VFS)
+
+### 4.1 Available VFS Options
+wa-sqlite provides several VFS implementations for persistent storage:
+
+1. **IDBBatchAtomicVFS** (Recommended for general use)
+   - Uses IndexedDB with batch atomic writes
+   - Works in all contexts (Window, Worker, Service Worker)
+   - Supports WAL mode
+   - Best performance with `PRAGMA synchronous=normal`
+
+2. **IDBMirrorVFS**
+   - Keeps files in memory, persists to IndexedDB
+   - Works in all contexts
+   - Good for smaller databases
+
+3. **OPFS-based VFS** (Origin Private File System)
+   - Various implementations available:
+     - AccessHandlePoolVFS
+     - OPFSAdaptiveVFS
+     - OPFSCoopSyncVFS
+     - OPFSPermutedVFS
+   - Better performance but limited to Worker contexts
+
+### 4.2 Using a VFS
+```javascript
+import { IDBBatchAtomicVFS } from 'wa-sqlite/src/examples/IDBBatchAtomicVFS.js';
+import SQLiteESMFactory from 'wa-sqlite/dist/wa-sqlite-async.mjs';
+import * as SQLite from 'wa-sqlite';
+
+async function initDatabaseWithVFS() {
+  const module = await SQLiteESMFactory();
+  const sqlite3 = SQLite.Factory(module);
+  
+  // Register VFS
+  const vfs = await IDBBatchAtomicVFS.create('myApp', module);
+  sqlite3.vfs_register(vfs, true);
+  
+  // Open database with VFS
+  const db = await sqlite3.open_v2('myDatabase');
+  
+  // Configure for better performance
+  await sqlite3.exec(db, 'PRAGMA synchronous = normal');
+  await sqlite3.exec(db, 'PRAGMA journal_mode = WAL');
+  
+  return { sqlite3, db };
+}
+```
+
+## 5. Best Practices
+
+### 5.1 Error Handling
+```javascript
+async function safeDatabaseOperation() {
+  const { sqlite3, db } = await initDatabase();
+  
+  try {
+    await sqlite3.exec(db, 'SELECT * FROM non_existent_table');
+  } catch (error) {
+    if (error.code === SQLite.SQLITE_ERROR) {
+      console.error('SQL error:', error.message);
+    } else {
+      console.error('Database error:', error);
+    }
+  } finally {
+    await sqlite3.close(db);
+  }
+}
+```
+
+### 5.2 Transaction Management
+```javascript
+async function transactionExample() {
+  const { sqlite3, db } = await initDatabase();
+  
+  try {
+    await sqlite3.exec(db, 'BEGIN TRANSACTION');
+    
+    // Perform multiple operations
+    await sqlite3.exec(db, 'INSERT INTO users (name) VALUES (?)', ['Alice']);
+    await sqlite3.exec(db, 'INSERT INTO users (name) VALUES (?)', ['Bob']);
+    
+    await sqlite3.exec(db, 'COMMIT');
+  } catch (error) {
+    await sqlite3.exec(db, 'ROLLBACK');
+    throw error;
+  } finally {
+    await sqlite3.close(db);
+  }
+}
+```
+
+### 5.3 Prepared Statements
+```javascript
+async function preparedStatementExample() {
+  const { sqlite3, db } = await initDatabase();
+  
+  try {
+    // Prepare statement
+    const stmt = await sqlite3.prepare(db, 'SELECT * FROM users WHERE id = ?');
+    
+    // Execute with different parameters
+    await sqlite3.bind(stmt, 1, 1);
+    while (await sqlite3.step(stmt) === SQLite.SQLITE_ROW) {
+      const row = sqlite3.row(stmt);
+      console.log(row);
+    }
+    
+    // Reset and reuse
+    await sqlite3.reset(stmt);
+    await sqlite3.bind(stmt, 1, 2);
+    // ... execute again
+    
+    await sqlite3.finalize(stmt);
+  } finally {
+    await sqlite3.close(db);
+  }
+}
+```
+
+## 6. Performance Considerations
+
+1. **VFS Selection**
+   - Use IDBBatchAtomicVFS for general-purpose applications
+   - Consider OPFS-based VFS for better performance in Worker contexts
+   - Use MemoryVFS for temporary databases
+
+2. **Configuration**
+   - Set appropriate page size (default is usually fine)
+   - Use WAL mode for better concurrency
+   - Consider `PRAGMA synchronous=normal` for better performance
+   - Adjust cache size based on your needs
+
+3. **Concurrency**
+   - Use transactions for multiple operations
+   - Be aware of VFS-specific concurrency limitations
+   - Consider using Web Workers for heavy database operations
+
+## 7. Common Issues and Solutions
+
+1. **Database Locking**
+   - Use appropriate transaction isolation levels
+   - Implement retry logic for busy errors
+   - Consider using WAL mode
+
+2. **Storage Limitations**
+   - Be aware of browser storage quotas
+   - Implement cleanup strategies
+   - Monitor database size
+
+3. **Cross-Context Access**
+   - Use appropriate VFS for your context
+   - Consider message passing for cross-context communication
+   - Be aware of storage access limitations
+
+## 8. TypeScript Support
+wa-sqlite includes TypeScript definitions. The main types are:
+
+```typescript
+type SQLiteCompatibleType = number | string | Uint8Array | Array<number> | bigint | null;
+
+interface SQLiteAPI {
+  open_v2(filename: string, flags?: number, zVfs?: string): Promise<number>;
+  exec(db: number, sql: string, callback?: (row: any[], columns: string[]) => void): Promise<number>;
+  close(db: number): Promise<number>;
+  // ... other methods
+}
+```
+
+## Additional Resources
+
+- [Official GitHub Repository](https://github.com/rhashimoto/wa-sqlite)
+- [Online Demo](https://rhashimoto.github.io/wa-sqlite/demo/)
+- [API Reference](https://rhashimoto.github.io/wa-sqlite/docs/)
+- [FAQ](https://github.com/rhashimoto/wa-sqlite/issues?q=is%3Aissue+label%3Afaq+)
+- [Discussion Forums](https://github.com/rhashimoto/wa-sqlite/discussions) 

BUILDING.md

@@ -241,7 +241,9 @@ docker run -d \
 1. Build the electron app in production mode:
 
    ```bash
-   npm run build:electron-prod
+   npm run build:web
+   npm run build:electron
+   npm run electron:build-mac
    ```
 
 2. Package the Electron app for macOS:
@@ -327,6 +329,7 @@ Prerequisites: macOS with Xcode installed
 1. Build the web assets:
 
    ```bash
+   rm -rf dist
    npm run build:web
    npm run build:capacitor
    ```
@@ -346,7 +349,7 @@ Prerequisites: macOS with Xcode installed
    npx capacitor-assets generate --ios
    ```
 
-4. Bump the version to match Android
+4. Bump the version to match Android:
 
    ```
    cd ios/App
@@ -395,10 +398,6 @@ Prerequisites: Android Studio with SDK installed
    rm -rf dist
    npm run build:web
    npm run build:capacitor
-   cd android
-   ./gradlew clean
-   ./gradlew assembleDebug
-   cd ..
    ```
 
 2. Update Android project with latest build:
@@ -413,7 +412,7 @@ Prerequisites: Android Studio with SDK installed
    npx capacitor-assets generate --android
    ```
 
-4. Bump version to match iOS, in android/app/build.gradleq
+4. Bump version to match iOS: android/app/build.gradle
 
 5. Open the project in Android Studio:
 
@@ -429,7 +428,7 @@ Prerequisites: Android Studio with SDK installed
    cd android
    ./gradlew clean
    ./gradlew build -Dlint.baselines.continue=true
-   cd ..
+   cd -
    npx cap run android
    ```
 
@@ -453,9 +452,11 @@ Prerequisites: Android Studio with SDK installed
 
 At play.google.com/console:
 
-- Create new release, upload, hit Next.
-
-- Save & send changes for review.
+- Go to the Testing Track (eg. Closed).
+- Click "Create new release".
+- Upload the `aab` file.
+- Hit "Next".
+- Save, go to "Publishing Overview" as prompted, and click "Send changes for review".
 
 
 ## First-time Android Configuration for deep links

Dockerfile

@@ -1,15 +1,9 @@
 # Build stage
-FROM node:22-alpine AS builder
+FROM node:22-alpine3.20 AS builder
 
 # Install build dependencies
 
-RUN apk add --no-cache \
-    python3 \
-    py3-pip \
-    py3-setuptools \
-    make \
-    g++ \
-    gcc
+RUN apk add --no-cache bash git python3 py3-pip py3-setuptools make g++ gcc
 
 # Set working directory
 WORKDIR /app

README.md

@@ -12,6 +12,8 @@ See [project.task.yaml](project.task.yaml) for current priorities.
 
 Quick start:
 
+* For setup, we recommend [pkgx](https://pkgx.dev), which installs what you need (either automatically or with the `dev` command). Core dependencies are typescript & npm; when building for other platforms, you'll need other things such as those in the pkgx.yaml & BUILDING.md files.
+
 ```bash
 npm install
 npm run dev

TASK_storage.md

@@ -0,0 +1,84 @@
+
+# What to do about storage for native apps?
+
+
+## Problem
+
+We can't trust iOS IndexedDB to persist. I want to start delivering an app to people now, in preparation for presentations mid-June: Rotary on June 12 and Porcfest on June 17.
+
+* Apple WebKit puts a [7-day cap on IndexedDB](https://webkit.org/blog/10218/full-third-party-cookie-blocking-and-more/).
+
+  * The web standards expose a `persist` method to mark memory as persistent, and [supposedly WebView supports it](https://developer.mozilla.org/en-US/docs/Web/API/StorageManager/persisted), but too many other things indicate it's not reliable. I've talked with [ChatGPT](https://chatgpt.com/share/68322f40-84c8-8007-b213-855f7962989a) & Venice & Claude (in Cursor); [this answer from Perplexity](https://www.perplexity.ai/search/which-platforms-prompt-the-use-HUQLqy4qQD2cRbkmO4CgHg) says that most platforms don't prompt and Safari doesn't support it; I don't know if that means WebKit as well.
+
+* Capacitor says [not to trust it on iOS](https://capacitorjs.com/docs/v6/guides/storage).
+
+Also, with sensitive data, the accounts info should be encrypted.
+
+
+# Options
+
+* There is a community [SQLite plugin for Capacitor](https://github.com/capacitor-community/sqlite) with encryption by [SQLCipher](https://github.com/sqlcipher/sqlcipher).
+
+  * [This tutorial](https://jepiqueau.github.io/2023/09/05/Ionic7Vue-SQLite-CRUD-App.html#part-1---web---table-of-contents) shows how that plugin works for web as well as native.
+
+* Capacitor abstracts [user preferences in an API](https://capacitorjs.com/docs/apis/preferences), which uses different underlying libraries on iOS & Android. Unfortunately, it won't do any filtering or searching, and is only meant for small amounts of data. (It could be used for settings and for identifiers, but contacts will grow and image blobs won't work.)
+
+  * There are hints that Capacitor offers another custom storage API but all I could find was that Preferences API.
+
+* [Ionic Storage](https://ionic.io/docs/secure-storage) is an enterprise solution, which also supports encryption.
+
+* Not an option yet: Dexie may support SQLite in [a future version](https://dexie.org/roadmap/dexie5.0).
+
+
+
+# Current Plan
+
+* Implement SQLite for Capacitor & web, with encryption. That will allow us to test quickly and keep the same interface for native & web, but we don't deal with migrations for current web users.
+
+* After that is delivered, write a migration for current web users from IndexedDB to SQLite.
+
+
+
+# Current method calls
+
+... which is not 100% complete because the AI that generated thus claimed no usage of 'temp' DB.
+
+### Secret Database (secretDB) - Used for storing the encryption key
+
+secretDB.open() - Opens the database
+secretDB.secret.get(MASTER_SECRET_KEY) - Retrieves the secret key
+secretDB.secret.add({ id: MASTER_SECRET_KEY, secret }) - Adds a new secret key
+
+### Accounts Database (accountsDB) - Used for storing sensitive account information
+
+accountsDB.open() - Opens the database
+accountsDB.accounts.count() - Counts number of accounts
+accountsDB.accounts.toArray() - Gets all accounts
+accountsDB.accounts.where("did").equals(did).first() - Gets a specific account by DID
+accountsDB.accounts.add(account) - Adds a new account
+
+### Non-sensitive Database (db) - Used for settings, contacts, logs, and temp data
+
+Settings operations:
+export all settings (Dexie format)
+db.settings.get(MASTER_SETTINGS_KEY) - Gets default settings
+db.settings.where("accountDid").equals(did).first() - Gets account-specific settings
+db.settings.where("accountDid").equals(did).modify(settingsChanges) - Updates account settings
+db.settings.add(settingsChanges) - Adds new settings
+db.settings.count() - Counts number of settings
+db.settings.update(key, changes) - Updates settings
+
+Contacts operations:
+export all contacts (Dexie format)
+db.contacts.toArray() - Gets all contacts
+db.contacts.add(contact) - Adds a new contact
+db.contacts.update(did, contactData) - Updates a contact
+db.contacts.delete(did) - Deletes a contact
+db.contacts.where("did").equals(did).first() - Gets a specific contact by DID
+
+Logs operations:
+db.logs.get(todayKey) - Gets logs for a specific day
+db.logs.update(todayKey, { message: fullMessage }) - Updates logs
+db.logs.clear() - Clears all logs
+
+

android/app/build.gradle

@@ -31,8 +31,8 @@ android {
         applicationId "app.timesafari.app"
         minSdkVersion rootProject.ext.minSdkVersion
         targetSdkVersion rootProject.ext.targetSdkVersion
-        versionCode 10
-        versionName "0.4.4"
+        versionCode 18
+        versionName "0.4.7"
         testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
         aaptOptions {
              // Files and dirs to omit from the packaged assets dir, modified to accommodate modern web apps.

doc/dexie-to-sqlite-mapping.md

@@ -0,0 +1,399 @@
+# Dexie to absurd-sql Mapping Guide
+
+## Schema Mapping
+
+### Current Dexie Schema
+```typescript
+// Current Dexie schema
+const db = new Dexie('TimeSafariDB');
+
+db.version(1).stores({
+  accounts: 'did, publicKeyHex, createdAt, updatedAt',
+  settings: 'key, value, updatedAt',
+  contacts: 'id, did, name, createdAt, updatedAt'
+});
+```
+
+### New SQLite Schema
+```sql
+-- New SQLite schema
+CREATE TABLE accounts (
+  did TEXT PRIMARY KEY,
+  public_key_hex TEXT NOT NULL,
+  created_at INTEGER NOT NULL,
+  updated_at INTEGER NOT NULL
+);
+
+CREATE TABLE settings (
+  key TEXT PRIMARY KEY,
+  value TEXT NOT NULL,
+  updated_at INTEGER NOT NULL
+);
+
+CREATE TABLE contacts (
+  id TEXT PRIMARY KEY,
+  did TEXT NOT NULL,
+  name TEXT,
+  created_at INTEGER NOT NULL,
+  updated_at INTEGER NOT NULL,
+  FOREIGN KEY (did) REFERENCES accounts(did)
+);
+
+-- Indexes for performance
+CREATE INDEX idx_accounts_created_at ON accounts(created_at);
+CREATE INDEX idx_contacts_did ON contacts(did);
+CREATE INDEX idx_settings_updated_at ON settings(updated_at);
+```
+
+## Query Mapping
+
+### 1. Account Operations
+
+#### Get Account by DID
+```typescript
+// Dexie
+const account = await db.accounts.get(did);
+
+// absurd-sql
+const result = await db.exec(`
+  SELECT * FROM accounts WHERE did = ?
+`, [did]);
+const account = result[0]?.values[0];
+```
+
+#### Get All Accounts
+```typescript
+// Dexie
+const accounts = await db.accounts.toArray();
+
+// absurd-sql
+const result = await db.exec(`
+  SELECT * FROM accounts ORDER BY created_at DESC
+`);
+const accounts = result[0]?.values || [];
+```
+
+#### Add Account
+```typescript
+// Dexie
+await db.accounts.add({
+  did,
+  publicKeyHex,
+  createdAt: Date.now(),
+  updatedAt: Date.now()
+});
+
+// absurd-sql
+await db.run(`
+  INSERT INTO accounts (did, public_key_hex, created_at, updated_at)
+  VALUES (?, ?, ?, ?)
+`, [did, publicKeyHex, Date.now(), Date.now()]);
+```
+
+#### Update Account
+```typescript
+// Dexie
+await db.accounts.update(did, {
+  publicKeyHex,
+  updatedAt: Date.now()
+});
+
+// absurd-sql
+await db.run(`
+  UPDATE accounts 
+  SET public_key_hex = ?, updated_at = ?
+  WHERE did = ?
+`, [publicKeyHex, Date.now(), did]);
+```
+
+### 2. Settings Operations
+
+#### Get Setting
+```typescript
+// Dexie
+const setting = await db.settings.get(key);
+
+// absurd-sql
+const result = await db.exec(`
+  SELECT * FROM settings WHERE key = ?
+`, [key]);
+const setting = result[0]?.values[0];
+```
+
+#### Set Setting
+```typescript
+// Dexie
+await db.settings.put({
+  key,
+  value,
+  updatedAt: Date.now()
+});
+
+// absurd-sql
+await db.run(`
+  INSERT INTO settings (key, value, updated_at)
+  VALUES (?, ?, ?)
+  ON CONFLICT(key) DO UPDATE SET
+    value = excluded.value,
+    updated_at = excluded.updated_at
+`, [key, value, Date.now()]);
+```
+
+### 3. Contact Operations
+
+#### Get Contacts by Account
+```typescript
+// Dexie
+const contacts = await db.contacts
+  .where('did')
+  .equals(accountDid)
+  .toArray();
+
+// absurd-sql
+const result = await db.exec(`
+  SELECT * FROM contacts 
+  WHERE did = ?
+  ORDER BY created_at DESC
+`, [accountDid]);
+const contacts = result[0]?.values || [];
+```
+
+#### Add Contact
+```typescript
+// Dexie
+await db.contacts.add({
+  id: generateId(),
+  did: accountDid,
+  name,
+  createdAt: Date.now(),
+  updatedAt: Date.now()
+});
+
+// absurd-sql
+await db.run(`
+  INSERT INTO contacts (id, did, name, created_at, updated_at)
+  VALUES (?, ?, ?, ?, ?)
+`, [generateId(), accountDid, name, Date.now(), Date.now()]);
+```
+
+## Transaction Mapping
+
+### Batch Operations
+```typescript
+// Dexie
+await db.transaction('rw', [db.accounts, db.contacts], async () => {
+  await db.accounts.add(account);
+  await db.contacts.bulkAdd(contacts);
+});
+
+// absurd-sql
+await db.exec('BEGIN TRANSACTION;');
+try {
+  await db.run(`
+    INSERT INTO accounts (did, public_key_hex, created_at, updated_at)
+    VALUES (?, ?, ?, ?)
+  `, [account.did, account.publicKeyHex, account.createdAt, account.updatedAt]);
+
+  for (const contact of contacts) {
+    await db.run(`
+      INSERT INTO contacts (id, did, name, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?)
+    `, [contact.id, contact.did, contact.name, contact.createdAt, contact.updatedAt]);
+  }
+  await db.exec('COMMIT;');
+} catch (error) {
+  await db.exec('ROLLBACK;');
+  throw error;
+}
+```
+
+## Migration Helper Functions
+
+### 1. Data Export (Dexie to JSON)
+```typescript
+async function exportDexieData(): Promise<MigrationData> {
+  const db = new Dexie('TimeSafariDB');
+  
+  return {
+    accounts: await db.accounts.toArray(),
+    settings: await db.settings.toArray(),
+    contacts: await db.contacts.toArray(),
+    metadata: {
+      version: '1.0.0',
+      timestamp: Date.now(),
+      dexieVersion: Dexie.version
+    }
+  };
+}
+```
+
+### 2. Data Import (JSON to absurd-sql)
+```typescript
+async function importToAbsurdSql(data: MigrationData): Promise<void> {
+  await db.exec('BEGIN TRANSACTION;');
+  try {
+    // Import accounts
+    for (const account of data.accounts) {
+      await db.run(`
+        INSERT INTO accounts (did, public_key_hex, created_at, updated_at)
+        VALUES (?, ?, ?, ?)
+      `, [account.did, account.publicKeyHex, account.createdAt, account.updatedAt]);
+    }
+    
+    // Import settings
+    for (const setting of data.settings) {
+      await db.run(`
+        INSERT INTO settings (key, value, updated_at)
+        VALUES (?, ?, ?)
+      `, [setting.key, setting.value, setting.updatedAt]);
+    }
+    
+    // Import contacts
+    for (const contact of data.contacts) {
+      await db.run(`
+        INSERT INTO contacts (id, did, name, created_at, updated_at)
+        VALUES (?, ?, ?, ?, ?)
+      `, [contact.id, contact.did, contact.name, contact.createdAt, contact.updatedAt]);
+    }
+    await db.exec('COMMIT;');
+  } catch (error) {
+    await db.exec('ROLLBACK;');
+    throw error;
+  }
+}
+```
+
+### 3. Verification
+```typescript
+async function verifyMigration(dexieData: MigrationData): Promise<boolean> {
+  // Verify account count
+  const accountResult = await db.exec('SELECT COUNT(*) as count FROM accounts');
+  const accountCount = accountResult[0].values[0][0];
+  if (accountCount !== dexieData.accounts.length) {
+    return false;
+  }
+  
+  // Verify settings count
+  const settingsResult = await db.exec('SELECT COUNT(*) as count FROM settings');
+  const settingsCount = settingsResult[0].values[0][0];
+  if (settingsCount !== dexieData.settings.length) {
+    return false;
+  }
+  
+  // Verify contacts count
+  const contactsResult = await db.exec('SELECT COUNT(*) as count FROM contacts');
+  const contactsCount = contactsResult[0].values[0][0];
+  if (contactsCount !== dexieData.contacts.length) {
+    return false;
+  }
+  
+  // Verify data integrity
+  for (const account of dexieData.accounts) {
+    const result = await db.exec(
+      'SELECT * FROM accounts WHERE did = ?',
+      [account.did]
+    );
+    const migratedAccount = result[0]?.values[0];
+    if (!migratedAccount || 
+        migratedAccount[1] !== account.publicKeyHex) { // public_key_hex is second column
+      return false;
+    }
+  }
+  
+  return true;
+}
+```
+
+## Performance Considerations
+
+### 1. Indexing
+- Dexie automatically creates indexes based on the schema
+- absurd-sql requires explicit index creation
+- Added indexes for frequently queried fields
+- Use `PRAGMA journal_mode=MEMORY;` for better performance
+
+### 2. Batch Operations
+- Dexie has built-in bulk operations
+- absurd-sql uses transactions for batch operations
+- Consider chunking large datasets
+- Use prepared statements for repeated queries
+
+### 3. Query Optimization
+- Dexie uses IndexedDB's native indexing
+- absurd-sql requires explicit query optimization
+- Use prepared statements for repeated queries
+- Consider using `PRAGMA synchronous=NORMAL;` for better performance
+
+## Error Handling
+
+### 1. Common Errors
+```typescript
+// Dexie errors
+try {
+  await db.accounts.add(account);
+} catch (error) {
+  if (error instanceof Dexie.ConstraintError) {
+    // Handle duplicate key
+  }
+}
+
+// absurd-sql errors
+try {
+  await db.run(`
+    INSERT INTO accounts (did, public_key_hex, created_at, updated_at)
+    VALUES (?, ?, ?, ?)
+  `, [account.did, account.publicKeyHex, account.createdAt, account.updatedAt]);
+} catch (error) {
+  if (error.message.includes('UNIQUE constraint failed')) {
+    // Handle duplicate key
+  }
+}
+```
+
+### 2. Transaction Recovery
+```typescript
+// Dexie transaction
+try {
+  await db.transaction('rw', db.accounts, async () => {
+    // Operations
+  });
+} catch (error) {
+  // Dexie automatically rolls back
+}
+
+// absurd-sql transaction
+try {
+  await db.exec('BEGIN TRANSACTION;');
+  // Operations
+  await db.exec('COMMIT;');
+} catch (error) {
+  await db.exec('ROLLBACK;');
+  throw error;
+}
+```
+
+## Migration Strategy
+
+1. **Preparation**
+   - Export all Dexie data
+   - Verify data integrity
+   - Create SQLite schema
+   - Setup indexes
+
+2. **Migration**
+   - Import data in transactions
+   - Verify each batch
+   - Handle errors gracefully
+   - Maintain backup
+
+3. **Verification**
+   - Compare record counts
+   - Verify data integrity
+   - Test common queries
+   - Validate relationships
+
+4. **Cleanup**
+   - Remove Dexie database
+   - Clear IndexedDB storage
+   - Update application code
+   - Remove old dependencies 

doc/migration-to-wa-sqlite.md

@@ -0,0 +1,613 @@
+# Migration Guide: Dexie to absurd-sql
+
+## Overview
+
+This document outlines the migration process from Dexie.js to absurd-sql for the TimeSafari app's storage implementation. The migration aims to provide a consistent SQLite-based storage solution across all platforms while maintaining data integrity and ensuring a smooth transition for users.
+
+## Migration Goals
+
+1. **Data Integrity**
+   - Preserve all existing data
+   - Maintain data relationships
+   - Ensure data consistency
+
+2. **Performance**
+   - Improve query performance
+   - Reduce storage overhead
+   - Optimize for platform-specific features
+
+3. **Security**
+   - Maintain or improve encryption
+   - Preserve access controls
+   - Enhance data protection
+
+4. **User Experience**
+   - Zero data loss
+   - Minimal downtime
+   - Automatic migration where possible
+
+## Prerequisites
+
+1. **Backup Requirements**
+   ```typescript
+   interface MigrationBackup {
+     timestamp: number;
+     accounts: Account[];
+     settings: Setting[];
+     contacts: Contact[];
+     metadata: {
+       version: string;
+       platform: string;
+       dexieVersion: string;
+     };
+   }
+   ```
+
+2. **Dependencies**
+   ```json
+   {
+     "@jlongster/sql.js": "^1.8.0",
+     "absurd-sql": "^1.8.0"
+   }
+   ```
+
+3. **Storage Requirements**
+   - Sufficient IndexedDB quota
+   - Available disk space for SQLite
+   - Backup storage space
+
+4. **Platform Support**
+   - Web: Modern browser with IndexedDB support
+   - iOS: iOS 13+ with SQLite support
+   - Android: Android 5+ with SQLite support
+   - Electron: Latest version with SQLite support
+
+## Migration Process
+
+### 1. Preparation
+
+```typescript
+// src/services/storage/migration/MigrationService.ts
+import initSqlJs from '@jlongster/sql.js';
+import { SQLiteFS } from 'absurd-sql';
+import IndexedDBBackend from 'absurd-sql/dist/indexeddb-backend';
+
+export class MigrationService {
+  private static instance: MigrationService;
+  private backup: MigrationBackup | null = null;
+  private sql: any = null;
+  private db: any = null;
+
+  async prepare(): Promise<void> {
+    try {
+      // 1. Check prerequisites
+      await this.checkPrerequisites();
+      
+      // 2. Create backup
+      this.backup = await this.createBackup();
+      
+      // 3. Verify backup integrity
+      await this.verifyBackup();
+      
+      // 4. Initialize absurd-sql
+      await this.initializeAbsurdSql();
+    } catch (error) {
+      throw new StorageError(
+        'Migration preparation failed',
+        StorageErrorCodes.MIGRATION_FAILED,
+        error
+      );
+    }
+  }
+
+  private async initializeAbsurdSql(): Promise<void> {
+    // Initialize SQL.js
+    this.sql = await initSqlJs({
+      locateFile: (file: string) => {
+        return new URL(`/node_modules/@jlongster/sql.js/dist/${file}`, import.meta.url).href;
+      }
+    });
+
+    // Setup SQLiteFS with IndexedDB backend
+    const sqlFS = new SQLiteFS(this.sql.FS, new IndexedDBBackend());
+    this.sql.register_for_idb(sqlFS);
+
+    // Create and mount filesystem
+    this.sql.FS.mkdir('/sql');
+    this.sql.FS.mount(sqlFS, {}, '/sql');
+
+    // Open database
+    const path = '/sql/db.sqlite';
+    if (typeof SharedArrayBuffer === 'undefined') {
+      let stream = this.sql.FS.open(path, 'a+');
+      await stream.node.contents.readIfFallback();
+      this.sql.FS.close(stream);
+    }
+
+    this.db = new this.sql.Database(path, { filename: true });
+    if (!this.db) {
+      throw new StorageError(
+        'Database initialization failed',
+        StorageErrorCodes.INITIALIZATION_FAILED
+      );
+    }
+
+    // Configure database
+    await this.db.exec(`PRAGMA journal_mode=MEMORY;`);
+  }
+
+  private async checkPrerequisites(): Promise<void> {
+    // Check IndexedDB availability
+    if (!window.indexedDB) {
+      throw new StorageError(
+        'IndexedDB not available',
+        StorageErrorCodes.INITIALIZATION_FAILED
+      );
+    }
+
+    // Check storage quota
+    const quota = await navigator.storage.estimate();
+    if (quota.quota && quota.usage && quota.usage > quota.quota * 0.9) {
+      throw new StorageError(
+        'Insufficient storage space',
+        StorageErrorCodes.STORAGE_FULL
+      );
+    }
+
+    // Check platform support
+    const capabilities = await PlatformDetection.getCapabilities();
+    if (!capabilities.hasFileSystem) {
+      throw new StorageError(
+        'Platform does not support required features',
+        StorageErrorCodes.INITIALIZATION_FAILED
+      );
+    }
+  }
+
+  private async createBackup(): Promise<MigrationBackup> {
+    const dexieDB = new Dexie('TimeSafariDB');
+    
+    return {
+      timestamp: Date.now(),
+      accounts: await dexieDB.accounts.toArray(),
+      settings: await dexieDB.settings.toArray(),
+      contacts: await dexieDB.contacts.toArray(),
+      metadata: {
+        version: '1.0.0',
+        platform: await PlatformDetection.getPlatform(),
+        dexieVersion: Dexie.version
+      }
+    };
+  }
+}
+```
+
+### 2. Data Migration
+
+```typescript
+// src/services/storage/migration/DataMigration.ts
+export class DataMigration {
+  async migrate(backup: MigrationBackup): Promise<void> {
+    try {
+      // 1. Create new database schema
+      await this.createSchema();
+      
+      // 2. Migrate accounts
+      await this.migrateAccounts(backup.accounts);
+      
+      // 3. Migrate settings
+      await this.migrateSettings(backup.settings);
+      
+      // 4. Migrate contacts
+      await this.migrateContacts(backup.contacts);
+      
+      // 5. Verify migration
+      await this.verifyMigration(backup);
+    } catch (error) {
+      // 6. Handle failure
+      await this.handleMigrationFailure(error, backup);
+    }
+  }
+
+  private async migrateAccounts(accounts: Account[]): Promise<void> {
+    // Use transaction for atomicity
+    await this.db.exec('BEGIN TRANSACTION;');
+    try {
+      for (const account of accounts) {
+        await this.db.run(`
+          INSERT INTO accounts (did, public_key_hex, created_at, updated_at)
+          VALUES (?, ?, ?, ?)
+        `, [
+          account.did,
+          account.publicKeyHex,
+          account.createdAt,
+          account.updatedAt
+        ]);
+      }
+      await this.db.exec('COMMIT;');
+    } catch (error) {
+      await this.db.exec('ROLLBACK;');
+      throw error;
+    }
+  }
+
+  private async verifyMigration(backup: MigrationBackup): Promise<void> {
+    // Verify account count
+    const result = await this.db.exec('SELECT COUNT(*) as count FROM accounts');
+    const accountCount = result[0].values[0][0];
+    
+    if (accountCount !== backup.accounts.length) {
+      throw new StorageError(
+        'Account count mismatch',
+        StorageErrorCodes.VERIFICATION_FAILED
+      );
+    }
+
+    // Verify data integrity
+    await this.verifyDataIntegrity(backup);
+  }
+}
+```
+
+### 3. Rollback Strategy
+
+```typescript
+// src/services/storage/migration/RollbackService.ts
+export class RollbackService {
+  async rollback(backup: MigrationBackup): Promise<void> {
+    try {
+      // 1. Stop all database operations
+      await this.stopDatabaseOperations();
+      
+      // 2. Restore from backup
+      await this.restoreFromBackup(backup);
+      
+      // 3. Verify restoration
+      await this.verifyRestoration(backup);
+      
+      // 4. Clean up absurd-sql
+      await this.cleanupAbsurdSql();
+    } catch (error) {
+      throw new StorageError(
+        'Rollback failed',
+        StorageErrorCodes.ROLLBACK_FAILED,
+        error
+      );
+    }
+  }
+
+  private async restoreFromBackup(backup: MigrationBackup): Promise<void> {
+    const dexieDB = new Dexie('TimeSafariDB');
+    
+    // Restore accounts
+    await dexieDB.accounts.bulkPut(backup.accounts);
+    
+    // Restore settings
+    await dexieDB.settings.bulkPut(backup.settings);
+    
+    // Restore contacts
+    await dexieDB.contacts.bulkPut(backup.contacts);
+  }
+}
+```
+
+## Migration UI
+
+```vue
+<!-- src/components/MigrationProgress.vue -->
+<template>
+  <div class="migration-progress">
+    <h2>Database Migration</h2>
+    
+    <div class="progress-container">
+      <div class="progress-bar" :style="{ width: `${progress}%` }" />
+      <div class="progress-text">{{ progress }}%</div>
+    </div>
+    
+    <div class="status-message">{{ statusMessage }}</div>
+    
+    <div v-if="error" class="error-message">
+      {{ error }}
+      <button @click="retryMigration">Retry</button>
+    </div>
+  </div>
+</template>
+
+<script setup lang="ts">
+import { ref, onMounted } from 'vue';
+import { MigrationService } from '@/services/storage/migration/MigrationService';
+
+const progress = ref(0);
+const statusMessage = ref('Preparing migration...');
+const error = ref<string | null>(null);
+
+const migrationService = MigrationService.getInstance();
+
+async function startMigration() {
+  try {
+    // 1. Preparation
+    statusMessage.value = 'Creating backup...';
+    await migrationService.prepare();
+    progress.value = 20;
+    
+    // 2. Data migration
+    statusMessage.value = 'Migrating data...';
+    await migrationService.migrate();
+    progress.value = 80;
+    
+    // 3. Verification
+    statusMessage.value = 'Verifying migration...';
+    await migrationService.verify();
+    progress.value = 100;
+    
+    statusMessage.value = 'Migration completed successfully!';
+  } catch (err) {
+    error.value = err instanceof Error ? err.message : 'Migration failed';
+    statusMessage.value = 'Migration failed';
+  }
+}
+
+async function retryMigration() {
+  error.value = null;
+  progress.value = 0;
+  await startMigration();
+}
+
+onMounted(() => {
+  startMigration();
+});
+</script>
+
+<style scoped>
+.migration-progress {
+  padding: 2rem;
+  max-width: 600px;
+  margin: 0 auto;
+}
+
+.progress-container {
+  position: relative;
+  height: 20px;
+  background: #eee;
+  border-radius: 10px;
+  overflow: hidden;
+  margin: 1rem 0;
+}
+
+.progress-bar {
+  position: absolute;
+  height: 100%;
+  background: #4CAF50;
+  transition: width 0.3s ease;
+}
+
+.progress-text {
+  position: absolute;
+  width: 100%;
+  text-align: center;
+  line-height: 20px;
+  color: #000;
+}
+
+.status-message {
+  text-align: center;
+  margin: 1rem 0;
+}
+
+.error-message {
+  color: #f44336;
+  text-align: center;
+  margin: 1rem 0;
+}
+
+button {
+  margin-top: 1rem;
+  padding: 0.5rem 1rem;
+  background: #2196F3;
+  color: white;
+  border: none;
+  border-radius: 4px;
+  cursor: pointer;
+}
+
+button:hover {
+  background: #1976D2;
+}
+</style>
+```
+
+## Testing Strategy
+
+1. **Unit Tests**
+   ```typescript
+   // src/services/storage/migration/__tests__/MigrationService.spec.ts
+   describe('MigrationService', () => {
+     it('should initialize absurd-sql correctly', async () => {
+       const service = MigrationService.getInstance();
+       await service.initializeAbsurdSql();
+       
+       expect(service.isInitialized()).toBe(true);
+       expect(service.getDatabase()).toBeDefined();
+     });
+
+     it('should create valid backup', async () => {
+       const service = MigrationService.getInstance();
+       const backup = await service.createBackup();
+       
+       expect(backup).toBeDefined();
+       expect(backup.accounts).toBeInstanceOf(Array);
+       expect(backup.settings).toBeInstanceOf(Array);
+       expect(backup.contacts).toBeInstanceOf(Array);
+     });
+
+     it('should migrate data correctly', async () => {
+       const service = MigrationService.getInstance();
+       const backup = await service.createBackup();
+       
+       await service.migrate(backup);
+       
+       // Verify migration
+       const accounts = await service.getMigratedAccounts();
+       expect(accounts).toHaveLength(backup.accounts.length);
+     });
+
+     it('should handle rollback correctly', async () => {
+       const service = MigrationService.getInstance();
+       const backup = await service.createBackup();
+       
+       // Simulate failed migration
+       await service.migrate(backup);
+       await service.simulateFailure();
+       
+       // Perform rollback
+       await service.rollback(backup);
+       
+       // Verify rollback
+       const accounts = await service.getOriginalAccounts();
+       expect(accounts).toHaveLength(backup.accounts.length);
+     });
+   });
+   ```
+
+2. **Integration Tests**
+   ```typescript
+   // src/services/storage/migration/__tests__/integration/Migration.spec.ts
+   describe('Migration Integration', () => {
+     it('should handle concurrent access during migration', async () => {
+       const service = MigrationService.getInstance();
+       
+       // Start migration
+       const migrationPromise = service.migrate();
+       
+       // Simulate concurrent access
+       const accessPromises = Array(5).fill(null).map(() =>
+         service.getAccount('did:test:123')
+       );
+       
+       // Wait for all operations
+       const [migrationResult, ...accessResults] = await Promise.allSettled([
+         migrationPromise,
+         ...accessPromises
+       ]);
+       
+       // Verify results
+       expect(migrationResult.status).toBe('fulfilled');
+       expect(accessResults.some(r => r.status === 'rejected')).toBe(true);
+     });
+
+     it('should maintain data integrity during platform transition', async () => {
+       const service = MigrationService.getInstance();
+       
+       // Simulate platform change
+       await service.simulatePlatformChange();
+       
+       // Verify data
+       const accounts = await service.getAllAccounts();
+       const settings = await service.getAllSettings();
+       const contacts = await service.getAllContacts();
+       
+       expect(accounts).toBeDefined();
+       expect(settings).toBeDefined();
+       expect(contacts).toBeDefined();
+     });
+   });
+   ```
+
+## Success Criteria
+
+1. **Data Integrity**
+   - [ ] All accounts migrated successfully
+   - [ ] All settings preserved
+   - [ ] All contacts transferred
+   - [ ] No data corruption
+
+2. **Performance**
+   - [ ] Migration completes within acceptable time
+   - [ ] No significant performance degradation
+   - [ ] Efficient storage usage
+   - [ ] Smooth user experience
+
+3. **Security**
+   - [ ] Encrypted data remains secure
+   - [ ] Access controls maintained
+   - [ ] No sensitive data exposure
+   - [ ] Secure backup process
+
+4. **User Experience**
+   - [ ] Clear migration progress
+   - [ ] Informative error messages
+   - [ ] Automatic recovery from failures
+   - [ ] No data loss
+
+## Rollback Plan
+
+1. **Automatic Rollback**
+   - Triggered by migration failure
+   - Restores from verified backup
+   - Maintains data consistency
+   - Logs rollback reason
+
+2. **Manual Rollback**
+   - Available through settings
+   - Requires user confirmation
+   - Preserves backup data
+   - Provides rollback status
+
+3. **Emergency Recovery**
+   - Manual backup restoration
+   - Database repair tools
+   - Data recovery procedures
+   - Support contact information
+
+## Post-Migration
+
+1. **Verification**
+   - Data integrity checks
+   - Performance monitoring
+   - Error rate tracking
+   - User feedback collection
+
+2. **Cleanup**
+   - Remove old database
+   - Clear migration artifacts
+   - Update application state
+   - Archive backup data
+
+3. **Monitoring**
+   - Track migration success rate
+   - Monitor performance metrics
+   - Collect error reports
+   - Gather user feedback
+
+## Support
+
+For assistance with migration:
+1. Check the troubleshooting guide
+2. Review error logs
+3. Contact support team
+4. Submit issue report
+
+## Timeline
+
+1. **Preparation Phase** (1 week)
+   - Backup system implementation
+   - Migration service development
+   - Testing framework setup
+
+2. **Testing Phase** (2 weeks)
+   - Unit testing
+   - Integration testing
+   - Performance testing
+   - Security testing
+
+3. **Deployment Phase** (1 week)
+   - Staged rollout
+   - Monitoring
+   - Support preparation
+   - Documentation updates
+
+4. **Post-Deployment** (2 weeks)
+   - Monitoring
+   - Bug fixes
+   - Performance optimization
+   - User feedback collection 

doc/secure-storage-implementation.md

@@ -0,0 +1,284 @@
+# Secure Storage Implementation Guide for TimeSafari App
+
+## Overview
+
+This document outlines the implementation of secure storage for the TimeSafari app using a platform-agnostic approach with Capacitor and absurd-sql solutions. The implementation focuses on:
+
+1. **Platform-Specific Storage Solutions**:
+   - Web: absurd-sql with IndexedDB backend and Web Worker support
+   - iOS/Android: Capacitor SQLite with native SQLite implementation
+   - Electron: Node SQLite (planned, not implemented)
+
+2. **Key Features**:
+   - Platform-agnostic SQLite interface
+   - Web Worker support for web platform
+   - Consistent API across platforms
+   - Performance optimizations (WAL, mmap)
+   - Comprehensive error handling and logging
+   - Type-safe database operations
+   - Storage quota management
+   - Platform-specific security features
+
+## Architecture
+
+The storage implementation follows a layered architecture:
+
+1. **Platform Service Layer**
+   - `PlatformService` interface defines platform capabilities
+   - Platform-specific implementations:
+     - `WebPlatformService`: Web platform with absurd-sql
+     - `CapacitorPlatformService`: Mobile platforms with native SQLite
+     - `ElectronPlatformService`: Desktop platform (planned)
+   - Platform detection and capability reporting
+   - Storage quota and feature detection
+
+2. **SQLite Service Layer**
+   - `SQLiteOperations` interface for database operations
+   - Base implementation in `BaseSQLiteService`
+   - Platform-specific implementations:
+     - `AbsurdSQLService`: Web platform with Web Worker
+     - `CapacitorSQLiteService`: Mobile platforms with native SQLite
+     - `ElectronSQLiteService`: Desktop platform (planned)
+   - Common features:
+     - Transaction support
+     - Prepared statements
+     - Performance monitoring
+     - Error handling
+     - Database statistics
+
+3. **Data Access Layer**
+   - Type-safe database operations
+   - Transaction support
+   - Prepared statements
+   - Performance monitoring
+   - Error recovery
+   - Data integrity verification
+
+## Implementation Details
+
+### Web Platform (absurd-sql)
+
+The web implementation uses absurd-sql with the following features:
+
+1. **Web Worker Support**
+   - SQLite operations run in a dedicated worker thread
+   - Main thread remains responsive
+   - SharedArrayBuffer support when available
+   - Worker initialization in `sqlite.worker.ts`
+
+2. **IndexedDB Backend**
+   - Persistent storage using IndexedDB
+   - Automatic data synchronization
+   - Storage quota management (1GB limit)
+   - Virtual file system configuration
+
+3. **Performance Optimizations**
+   - WAL mode for better concurrency
+   - Memory-mapped I/O (30GB when available)
+   - Prepared statement caching
+   - 2MB cache size
+   - Configurable performance settings
+
+Example configuration:
+```typescript
+const webConfig: SQLiteConfig = {
+  name: 'timesafari',
+  useWAL: true,
+  useMMap: typeof SharedArrayBuffer !== 'undefined',
+  mmapSize: 30000000000,
+  usePreparedStatements: true,
+  maxPreparedStatements: 100
+};
+```
+
+### Mobile Platform (Capacitor SQLite)
+
+The mobile implementation uses Capacitor SQLite with:
+
+1. **Native SQLite**
+   - Direct access to platform SQLite
+   - Native performance
+   - Platform-specific optimizations
+   - 2GB storage limit
+
+2. **Platform Integration**
+   - iOS: Native SQLite with WAL support
+   - Android: Native SQLite with WAL support
+   - Platform-specific permissions handling
+   - Storage quota management
+
+Example configuration:
+```typescript
+const mobileConfig: SQLiteConfig = {
+  name: 'timesafari',
+  useWAL: true,
+  useMMap: false, // Not supported on mobile
+  usePreparedStatements: true
+};
+```
+
+## Database Schema
+
+The implementation uses the following schema:
+
+```sql
+-- Accounts table
+CREATE TABLE accounts (
+  did TEXT PRIMARY KEY,
+  public_key_hex TEXT NOT NULL,
+  created_at INTEGER NOT NULL,
+  updated_at INTEGER NOT NULL
+);
+
+-- Settings table
+CREATE TABLE settings (
+  key TEXT PRIMARY KEY,
+  value TEXT NOT NULL,
+  updated_at INTEGER NOT NULL
+);
+
+-- Contacts table
+CREATE TABLE contacts (
+  id TEXT PRIMARY KEY,
+  did TEXT NOT NULL,
+  name TEXT,
+  created_at INTEGER NOT NULL,
+  updated_at INTEGER NOT NULL,
+  FOREIGN KEY (did) REFERENCES accounts(did)
+);
+
+-- Performance indexes
+CREATE INDEX idx_accounts_created_at ON accounts(created_at);
+CREATE INDEX idx_contacts_did ON contacts(did);
+CREATE INDEX idx_settings_updated_at ON settings(updated_at);
+```
+
+## Error Handling
+
+The implementation includes comprehensive error handling:
+
+1. **Error Types**
+```typescript
+export enum StorageErrorCodes {
+  INITIALIZATION_FAILED = 'STORAGE_INIT_FAILED',
+  QUERY_FAILED = 'STORAGE_QUERY_FAILED',
+  TRANSACTION_FAILED = 'STORAGE_TRANSACTION_FAILED',
+  PREPARED_STATEMENT_FAILED = 'STORAGE_PREPARED_STATEMENT_FAILED',
+  DATABASE_CORRUPTED = 'STORAGE_DB_CORRUPTED',
+  STORAGE_FULL = 'STORAGE_FULL',
+  CONCURRENT_ACCESS = 'STORAGE_CONCURRENT_ACCESS'
+}
+```
+
+2. **Error Recovery**
+   - Automatic transaction rollback
+   - Connection recovery
+   - Data integrity verification
+   - Platform-specific error handling
+   - Comprehensive logging
+
+## Performance Monitoring
+
+The implementation includes built-in performance monitoring:
+
+1. **Statistics**
+```typescript
+interface SQLiteStats {
+  totalQueries: number;
+  avgExecutionTime: number;
+  preparedStatements: number;
+  databaseSize: number;
+  walMode: boolean;
+  mmapActive: boolean;
+}
+```
+
+2. **Monitoring Features**
+   - Query execution time tracking
+   - Database size monitoring
+   - Prepared statement usage
+   - WAL and mmap status
+   - Platform-specific metrics
+
+## Security Considerations
+
+1. **Web Platform**
+   - Worker thread isolation
+   - Storage quota monitoring
+   - Origin isolation
+   - Cross-origin protection
+   - SharedArrayBuffer availability check
+
+2. **Mobile Platform**
+   - Platform-specific permissions
+   - Storage access control
+   - File system security
+   - Platform sandboxing
+
+## Testing Strategy
+
+1. **Unit Tests**
+   - Platform service tests
+   - SQLite service tests
+   - Error handling tests
+   - Performance tests
+
+2. **Integration Tests**
+   - Cross-platform tests
+   - Migration tests
+   - Transaction tests
+   - Concurrency tests
+
+3. **E2E Tests**
+   - Platform-specific workflows
+   - Error recovery scenarios
+   - Performance benchmarks
+   - Data integrity verification
+
+## Success Criteria
+
+1. **Performance**
+   - Query response time < 100ms
+   - Transaction completion < 500ms
+   - Memory usage < 50MB
+   - Database size < platform limits:
+     - Web: 1GB
+     - Mobile: 2GB
+
+2. **Reliability**
+   - 99.9% uptime
+   - Zero data loss
+   - Automatic recovery
+   - Transaction atomicity
+
+3. **Security**
+   - Platform-specific security features
+   - Storage access control
+   - Data protection
+   - Audit logging
+
+4. **User Experience**
+   - Smooth platform transitions
+   - Clear error messages
+   - Progress indicators
+   - Recovery options
+
+## Future Improvements
+
+1. **Planned Features**
+   - SQLCipher integration for mobile
+   - Electron platform support
+   - Advanced backup/restore
+   - Cross-platform sync
+
+2. **Security Enhancements**
+   - Biometric authentication
+   - Secure enclave usage
+   - Advanced encryption
+   - Key management
+
+3. **Performance Optimizations**
+   - Advanced caching
+   - Query optimization
+   - Memory management
+   - Storage efficiency

doc/storage-implementation-checklist.md

@@ -0,0 +1,759 @@
+# Storage Implementation Checklist
+
+## Core Services
+
+### 1. Platform Service Layer
+- [x] Create base `PlatformService` interface
+  - [x] Define platform capabilities
+    - [x] File system access detection
+    - [x] Camera availability
+    - [x] Mobile platform detection
+    - [x] iOS specific detection
+    - [x] File download capability
+    - [x] SQLite capabilities
+  - [x] Add SQLite operations interface
+    - [x] Database initialization
+    - [x] Query execution
+    - [x] Transaction management
+    - [x] Prepared statements
+    - [x] Database statistics
+  - [x] Include platform detection
+    - [x] Web platform detection
+    - [x] Mobile platform detection
+    - [x] Desktop platform detection
+  - [x] Add file system operations
+    - [x] File read operations
+    - [x] File write operations
+    - [x] File delete operations
+    - [x] Directory listing
+
+- [x] Implement platform-specific services
+  - [x] `WebPlatformService`
+    - [x] AbsurdSQL integration
+      - [x] SQL.js initialization
+      - [x] IndexedDB backend setup
+      - [x] Virtual file system configuration
+    - [x] Web Worker support
+      - [x] Worker thread initialization
+      - [x] Message passing
+      - [x] Error handling
+    - [x] IndexedDB backend
+      - [x] Database creation
+      - [x] Transaction handling
+      - [x] Storage quota management (1GB limit)
+    - [x] SharedArrayBuffer detection
+      - [x] Feature detection
+      - [x] Fallback handling
+    - [x] File system operations (intentionally not supported)
+      - [x] File read operations (not available in web)
+      - [x] File write operations (not available in web)
+      - [x] File delete operations (not available in web)
+      - [x] Directory operations (not available in web)
+    - [x] Settings implementation
+      - [x] AbsurdSQL settings operations
+        - [x] Worker-based settings updates
+        - [x] IndexedDB transaction handling
+        - [x] SharedArrayBuffer support
+      - [x] Web-specific settings features
+        - [x] Storage quota management
+        - [x] Worker thread isolation
+        - [x] Cross-origin settings
+      - [x] Web performance optimizations
+        - [x] Settings caching
+        - [x] Batch updates
+        - [x] Worker message optimization
+    - [x] Account implementation
+      - [x] Web-specific account handling
+        - [x] Browser storage persistence
+        - [x] Session management
+        - [x] Cross-tab synchronization
+      - [x] Web security features
+        - [x] Origin isolation
+        - [x] Worker thread security
+        - [x] Storage access control
+  - [x] `CapacitorPlatformService`
+    - [x] Native SQLite integration
+      - [x] Database connection
+      - [x] Query execution
+      - [x] Transaction handling
+    - [x] Platform capabilities
+      - [x] iOS detection
+      - [x] Android detection
+      - [x] Feature availability
+    - [x] File system operations
+      - [x] File read/write
+      - [x] Directory operations
+    - [x] Storage permissions
+      - [x] iOS permissions
+      - [x] Android permissions
+      - [x] Permission request handling
+    - [x] Settings implementation
+      - [x] Native SQLite settings operations
+        - [x] Platform-specific SQLite optimizations
+        - [x] Native transaction handling
+        - [x] Platform storage management
+      - [x] Mobile-specific settings features
+        - [x] Platform preferences sync
+        - [x] Background state handling
+      - [x] Mobile performance optimizations
+        - [x] Native caching
+        - [x] Battery-efficient updates
+        - [x] Memory management
+    - [x] Account implementation
+      - [x] Mobile-specific account handling
+        - [x] Platform storage integration
+        - [x] Background state handling
+      - [x] Mobile security features
+        - [x] Platform sandboxing
+        - [x] Storage access control
+        - [x] App sandboxing
+  - [ ] `ElectronPlatformService` (planned)
+    - [ ] Node SQLite integration
+      - [ ] Database connection
+      - [ ] Query execution
+      - [ ] Transaction handling
+    - [ ] File system access
+      - [ ] File read operations
+      - [ ] File write operations
+      - [ ] File delete operations
+      - [ ] Directory operations
+    - [ ] IPC communication
+      - [ ] Main process communication
+      - [ ] Renderer process handling
+      - [ ] Message passing
+    - [ ] Native features implementation
+      - [ ] System dialogs
+      - [ ] Native menus
+      - [ ] System integration
+    - [ ] Settings implementation
+      - [ ] Node SQLite settings operations
+        - [ ] Main process SQLite handling
+        - [ ] IPC-based updates
+        - [ ] File system persistence
+      - [ ] Desktop-specific settings features
+        - [ ] System preferences integration
+        - [ ] Multi-window sync
+        - [ ] Offline state handling
+      - [ ] Desktop performance optimizations
+        - [ ] Process-based caching
+        - [ ] Window state management
+        - [ ] Resource optimization
+    - [ ] Account implementation
+      - [ ] Desktop-specific account handling
+        - [ ] System keychain integration
+        - [ ] Native authentication
+        - [ ] Process isolation
+      - [ ] Desktop security features
+        - [ ] Process sandboxing
+        - [ ] IPC security
+        - [ ] File system protection
+
+### 2. SQLite Service Layer
+- [x] Create base `BaseSQLiteService`
+  - [x] Common SQLite operations
+    - [x] Query execution
+    - [x] Transaction management
+    - [x] Prepared statements
+    - [x] Database statistics
+  - [x] Performance monitoring
+    - [x] Query timing
+    - [x] Memory usage
+    - [x] Database size
+    - [x] Statement caching
+  - [x] Error handling
+    - [x] Connection errors
+    - [x] Query errors
+    - [x] Transaction errors
+    - [x] Resource errors
+  - [x] Transaction support
+    - [x] Begin transaction
+    - [x] Commit transaction
+    - [x] Rollback transaction
+    - [x] Nested transactions
+
+- [x] Implement platform-specific SQLite services
+  - [x] `AbsurdSQLService`
+    - [x] Web Worker initialization
+      - [x] Worker creation
+      - [x] Message handling
+      - [x] Error propagation
+    - [x] IndexedDB backend setup
+      - [x] Database creation
+      - [x] Transaction handling
+      - [x] Storage management
+    - [x] Prepared statements
+      - [x] Statement preparation
+      - [x] Parameter binding
+      - [x] Statement caching
+    - [x] Performance optimizations
+      - [x] WAL mode
+      - [x] Memory mapping
+      - [x] Cache configuration
+    - [x] WAL mode support
+      - [x] Journal mode configuration
+      - [x] Synchronization settings
+      - [x] Checkpoint handling
+    - [x] Memory-mapped I/O
+      - [x] MMAP size configuration (30GB)
+      - [x] Memory management
+      - [x] Performance monitoring
+  - [x] `CapacitorSQLiteService`
+    - [x] Native SQLite connection
+      - [x] Database initialization
+      - [x] Connection management
+      - [x] Error handling
+    - [x] Basic platform features
+      - [x] Query execution
+      - [x] Transaction handling
+      - [x] Statement management
+    - [x] Error handling
+      - [x] Connection errors
+      - [x] Query errors
+      - [x] Resource errors
+    - [x] WAL mode support
+      - [x] Journal mode
+      - [x] Synchronization
+      - [x] Checkpointing
+    - [ ] SQLCipher integration (planned)
+      - [ ] Encryption setup
+      - [ ] Key management
+      - [ ] Secure storage
+  - [ ] `ElectronSQLiteService` (planned)
+    - [ ] Node SQLite integration
+      - [ ] Database connection
+      - [ ] Query execution
+      - [ ] Transaction handling
+    - [ ] IPC communication
+      - [ ] Process communication
+      - [ ] Error handling
+      - [ ] Resource management
+    - [ ] File system access
+      - [ ] Native file operations
+      - [ ] Path handling
+      - [ ] Permissions
+    - [ ] Native features
+      - [ ] System integration
+      - [ ] Native dialogs
+      - [ ] Process management
+
+### 3. Security Layer
+- [x] Implement platform-specific security
+  - [x] Web platform
+    - [x] Worker isolation
+      - [x] Thread separation
+      - [x] Message security
+      - [x] Resource isolation
+    - [x] Storage quota management
+      - [x] Quota detection
+      - [x] Usage monitoring
+      - [x] Error handling
+    - [x] Origin isolation
+      - [x] Cross-origin protection
+      - [x] Resource isolation
+      - [x] Security policy
+    - [x] Storage security
+      - [x] Access control
+      - [x] Data protection
+      - [x] Quota management
+  - [x] Mobile platform
+    - [x] Platform permissions
+      - [x] Storage access
+      - [x] File operations
+      - [x] System integration
+    - [x] Platform security
+      - [x] App sandboxing
+      - [x] Storage protection
+      - [x] Access control
+    - [ ] SQLCipher integration (planned)
+      - [ ] Encryption setup
+      - [ ] Key management
+      - [ ] Secure storage
+  - [ ] Electron platform (planned)
+    - [ ] IPC security
+      - [ ] Message validation
+      - [ ] Process isolation
+      - [ ] Resource protection
+    - [ ] File system security
+      - [ ] Access control
+      - [ ] Path validation
+      - [ ] Permission management
+    - [ ] Auto-update security
+      - [ ] Update verification
+      - [ ] Code signing
+      - [ ] Rollback protection
+    - [ ] Native security features
+      - [ ] System integration
+      - [ ] Security policies
+      - [ ] Resource protection
+
+## Platform-Specific Implementation
+
+### Web Platform
+- [x] Setup absurd-sql
+  - [x] Install dependencies
+    ```json
+    {
+      "@jlongster/sql.js": "^1.8.0",
+      "absurd-sql": "^1.8.0"
+    }
+    ```
+  - [x] Configure Web Worker
+    - [x] Worker initialization
+    - [x] Message handling
+    - [x] Error propagation
+  - [x] Setup IndexedDB backend
+    - [x] Database creation
+    - [x] Transaction handling
+    - [x] Storage management
+  - [x] Configure database pragmas
+    ```sql
+    PRAGMA journal_mode = WAL;
+    PRAGMA synchronous = NORMAL;
+    PRAGMA temp_store = MEMORY;
+    PRAGMA cache_size = -2000;
+    PRAGMA mmap_size = 30000000000;
+    ```
+
+- [x] Update build configuration
+  - [x] Configure worker bundling
+    - [x] Worker file handling
+    - [x] Asset management
+    - [x] Source maps
+  - [x] Setup asset handling
+    - [x] SQL.js WASM
+    - [x] Worker scripts
+    - [x] Static assets
+  - [x] Configure chunk splitting
+    - [x] Code splitting
+    - [x] Dynamic imports
+    - [x] Asset optimization
+
+- [x] Implement fallback mechanisms
+  - [x] SharedArrayBuffer detection
+    - [x] Feature detection
+    - [x] Fallback handling
+    - [x] Error reporting
+  - [x] Storage quota monitoring
+    - [x] Quota detection
+    - [x] Usage tracking
+    - [x] Error handling
+  - [x] Worker initialization fallback
+    - [x] Fallback detection
+    - [x] Alternative initialization
+    - [x] Error recovery
+  - [x] Error recovery
+    - [x] Connection recovery
+    - [x] Transaction rollback
+    - [x] State restoration
+
+### Mobile Platform
+- [x] Setup Capacitor SQLite
+  - [x] Install dependencies
+    - [x] Core SQLite plugin
+    - [x] Platform plugins
+    - [x] Native dependencies
+  - [x] Configure native SQLite
+    - [x] Database initialization
+    - [x] Connection management
+    - [x] Query handling
+  - [x] Configure basic permissions
+    - [x] Storage access
+    - [x] File operations
+    - [x] System integration
+
+- [x] Update Capacitor config
+  - [x] Add basic platform permissions
+    - [x] iOS permissions
+    - [x] Android permissions
+    - [x] Feature flags
+  - [x] Configure storage limits
+    - [x] iOS storage limits
+    - [x] Android storage limits
+    - [x] Quota management
+  - [x] Setup platform security
+    - [x] App sandboxing
+    - [x] Storage protection
+    - [x] Access control
+
+### Electron Platform (planned)
+- [ ] Setup Node SQLite
+  - [ ] Install dependencies
+    - [ ] SQLite3 module
+    - [ ] Native bindings
+    - [ ] Development tools
+  - [ ] Configure IPC
+    - [ ] Main process setup
+    - [ ] Renderer process handling
+    - [ ] Message passing
+  - [ ] Setup file system access
+    - [ ] Native file operations
+    - [ ] Path handling
+    - [ ] Permission management
+  - [ ] Implement secure storage
+    - [ ] Encryption setup
+    - [ ] Key management
+    - [ ] Secure containers
+
+- [ ] Update Electron config
+  - [ ] Add security policies
+    - [ ] CSP configuration
+    - [ ] Process isolation
+    - [ ] Resource protection
+  - [ ] Configure file access
+    - [ ] Access control
+    - [ ] Path validation
+    - [ ] Permission management
+  - [ ] Setup auto-updates
+    - [ ] Update server
+    - [ ] Code signing
+    - [ ] Rollback protection
+  - [ ] Configure IPC security
+    - [ ] Message validation
+    - [ ] Process isolation
+    - [ ] Resource protection
+
+## Data Models and Types
+
+### 1. Database Schema
+- [x] Define tables
+  ```sql
+  -- Accounts table
+  CREATE TABLE accounts (
+    did TEXT PRIMARY KEY,
+    public_key_hex TEXT NOT NULL,
+    created_at INTEGER NOT NULL,
+    updated_at INTEGER NOT NULL
+  );
+
+  -- Settings table
+  CREATE TABLE settings (
+    key TEXT PRIMARY KEY,
+    value TEXT NOT NULL,
+    updated_at INTEGER NOT NULL
+  );
+
+  -- Contacts table
+  CREATE TABLE contacts (
+    id TEXT PRIMARY KEY,
+    did TEXT NOT NULL,
+    name TEXT,
+    created_at INTEGER NOT NULL,
+    updated_at INTEGER NOT NULL,
+    FOREIGN KEY (did) REFERENCES accounts(did)
+  );
+
+  -- Indexes for performance
+  CREATE INDEX idx_accounts_created_at ON accounts(created_at);
+  CREATE INDEX idx_contacts_did ON contacts(did);
+  CREATE INDEX idx_settings_updated_at ON settings(updated_at);
+  ```
+
+### 2. Type Definitions
+- [x] Create interfaces
+  ```typescript
+  interface PlatformCapabilities {
+    hasFileSystem: boolean;
+    hasCamera: boolean;
+    isMobile: boolean;
+    isIOS: boolean;
+    hasFileDownload: boolean;
+    needsFileHandlingInstructions: boolean;
+    sqlite: {
+      supported: boolean;
+      runsInWorker: boolean;
+      hasSharedArrayBuffer: boolean;
+      supportsWAL: boolean;
+      maxSize?: number;
+    };
+  }
+
+  interface SQLiteConfig {
+    name: string;
+    useWAL?: boolean;
+    useMMap?: boolean;
+    mmapSize?: number;
+    usePreparedStatements?: boolean;
+    maxPreparedStatements?: number;
+  }
+
+  interface SQLiteStats {
+    totalQueries: number;
+    avgExecutionTime: number;
+    preparedStatements: number;
+    databaseSize: number;
+    walMode: boolean;
+    mmapActive: boolean;
+  }
+  ```
+
+## Testing
+
+### 1. Unit Tests
+- [x] Test platform services
+  - [x] Platform detection
+    - [x] Web platform
+    - [x] Mobile platform
+    - [x] Desktop platform
+  - [x] Capability reporting
+    - [x] Feature detection
+    - [x] Platform specifics
+    - [x] Error cases
+  - [x] Basic SQLite operations
+    - [x] Query execution
+    - [x] Transaction handling
+    - [x] Error cases
+  - [x] Basic error handling
+    - [x] Connection errors
+    - [x] Query errors
+    - [x] Resource errors
+
+### 2. Integration Tests
+- [x] Test SQLite services
+  - [x] Web platform tests
+    - [x] Worker integration
+    - [x] IndexedDB backend
+    - [x] Performance tests
+  - [x] Basic mobile platform tests
+    - [x] Native SQLite
+    - [x] Platform features
+    - [x] Error handling
+  - [ ] Electron platform tests (planned)
+    - [ ] Node SQLite
+    - [ ] IPC communication
+    - [ ] File system
+  - [x] Cross-platform tests
+    - [x] Feature parity
+    - [x] Data consistency
+    - [x] Performance comparison
+
+### 3. E2E Tests
+- [x] Test workflows
+  - [x] Basic database operations
+    - [x] CRUD operations
+    - [x] Transaction handling
+    - [x] Error recovery
+  - [x] Platform transitions
+    - [x] Web to mobile
+    - [x] Mobile to web
+    - [x] State preservation
+  - [x] Basic error recovery
+    - [x] Connection loss
+    - [x] Transaction failure
+    - [x] Resource errors
+  - [x] Performance benchmarks
+    - [x] Query performance
+    - [x] Transaction speed
+    - [x] Memory usage
+    - [x] Storage efficiency
+
+## Documentation
+
+### 1. Technical Documentation
+- [x] Update architecture docs
+  - [x] System overview
+  - [x] Component interaction
+  - [x] Platform specifics
+- [x] Add basic API documentation
+  - [x] Interface definitions
+  - [x] Method signatures
+  - [x] Usage examples
+- [x] Document platform capabilities
+  - [x] Feature matrix
+  - [x] Platform support
+  - [x] Limitations
+- [x] Document security measures
+  - [x] Platform security
+  - [x] Access control
+  - [x] Security policies
+
+### 2. User Documentation
+- [x] Update basic user guides
+  - [x] Installation
+  - [x] Configuration
+  - [x] Basic usage
+- [x] Add basic troubleshooting guides
+  - [x] Common issues
+  - [x] Error messages
+  - [x] Recovery steps
+- [x] Document implemented platform features
+  - [x] Web platform
+  - [x] Mobile platform
+  - [x] Desktop platform
+- [x] Add basic performance tips
+  - [x] Optimization techniques
+  - [x] Best practices
+  - [x] Platform specifics
+
+## Monitoring and Analytics
+
+### 1. Performance Monitoring
+- [x] Basic query execution time
+  - [x] Query timing
+  - [x] Transaction timing
+  - [x] Statement timing
+- [x] Database size monitoring
+  - [x] Size tracking
+  - [x] Growth patterns
+  - [x] Quota management
+- [x] Basic memory usage
+  - [x] Heap usage
+  - [x] Cache usage
+  - [x] Worker memory
+- [x] Worker performance
+  - [x] Message timing
+  - [x] Processing time
+  - [x] Resource usage
+
+### 2. Error Tracking
+- [x] Basic error logging
+  - [x] Error capture
+  - [x] Stack traces
+  - [x] Context data
+- [x] Basic performance monitoring
+  - [x] Query metrics
+  - [x] Resource usage
+  - [x] Timing data
+- [x] Platform-specific errors
+  - [x] Web platform
+  - [x] Mobile platform
+  - [x] Desktop platform
+- [x] Basic recovery tracking
+  - [x] Recovery success
+  - [x] Failure patterns
+  - [x] User impact
+
+## Security Audit
+
+### 1. Code Review
+- [x] Review platform services
+  - [x] Interface security
+  - [x] Data handling
+  - [x] Error management
+- [x] Check basic SQLite implementations
+  - [x] Query security
+  - [x] Transaction safety
+  - [x] Resource management
+- [x] Verify basic error handling
+  - [x] Error propagation
+  - [x] Recovery procedures
+  - [x] User feedback
+- [x] Complete dependency audit
+  - [x] Security vulnerabilities
+  - [x] License compliance
+  - [x] Update requirements
+
+### 2. Platform Security
+- [x] Web platform
+  - [x] Worker isolation
+    - [x] Thread separation
+    - [x] Message security
+    - [x] Resource isolation
+  - [x] Basic storage security
+    - [x] Access control
+    - [x] Data protection
+    - [x] Quota management
+  - [x] Origin isolation
+    - [x] Cross-origin protection
+    - [x] Resource isolation
+    - [x] Security policy
+- [x] Mobile platform
+  - [x] Platform permissions
+    - [x] Storage access
+    - [x] File operations
+    - [x] System integration
+  - [x] Platform security
+    - [x] App sandboxing
+    - [x] Storage protection
+    - [x] Access control
+  - [ ] SQLCipher integration (planned)
+    - [ ] Encryption setup
+    - [ ] Key management
+    - [ ] Secure storage
+- [ ] Electron platform (planned)
+  - [ ] IPC security
+    - [ ] Message validation
+    - [ ] Process isolation
+    - [ ] Resource protection
+  - [ ] File system security
+    - [ ] Access control
+    - [ ] Path validation
+    - [ ] Permission management
+  - [ ] Auto-update security
+    - [ ] Update verification
+    - [ ] Code signing
+    - [ ] Rollback protection
+
+## Success Criteria
+
+### 1. Performance
+- [x] Basic query response time < 100ms
+  - [x] Simple queries
+  - [x] Indexed queries
+  - [x] Prepared statements
+- [x] Basic transaction completion < 500ms
+  - [x] Single operations
+  - [x] Batch operations
+  - [x] Complex transactions
+- [x] Basic memory usage < 50MB
+  - [x] Normal operation
+  - [x] Peak usage
+  - [x] Background state
+- [x] Database size < platform limits
+  - [x] Web platform (1GB)
+  - [x] Mobile platform (2GB)
+  - [ ] Desktop platform (10GB, planned)
+
+### 2. Reliability
+- [x] Basic uptime
+  - [x] Service availability
+  - [x] Connection stability
+  - [x] Error recovery
+- [x] Basic data integrity
+  - [x] Transaction atomicity
+  - [x] Data consistency
+  - [x] Error handling
+- [x] Basic recovery
+  - [x] Connection recovery
+  - [x] Transaction rollback
+  - [x] State restoration
+- [x] Basic transaction atomicity
+  - [x] Commit success
+  - [x] Rollback handling
+  - [x] Error recovery
+
+### 3. Security
+- [x] Platform-specific security
+  - [x] Web platform security
+  - [x] Mobile platform security
+  - [ ] Desktop platform security (planned)
+- [x] Basic access control
+  - [x] User permissions
+  - [x] Resource access
+  - [x] Operation limits
+- [x] Basic audit logging
+  - [x] Access logs
+  - [x] Operation logs
+  - [x] Security events
+- [ ] Advanced security features (planned)
+  - [ ] SQLCipher encryption
+  - [ ] Biometric authentication
+  - [ ] Secure enclave
+  - [ ] Key management
+
+### 4. User Experience
+- [x] Basic platform transitions
+  - [x] Web to mobile
+  - [x] Mobile to web
+  - [x] State preservation
+- [x] Basic error messages
+  - [x] User feedback
+  - [x] Recovery guidance
+  - [x] Error context
+- [x] Basic progress indicators
+  - [x] Operation status
+  - [x] Loading states
+  - [x] Completion feedback
+- [x] Basic recovery options
+  - [x] Automatic recovery
+  - [x] Manual intervention
+  - [x] Data restoration 

ios/App/App.xcodeproj/project.pbxproj

@@ -3,7 +3,7 @@
 	archiveVersion = 1;
 	classes = {
 	};
-	objectVersion = 48;
+	objectVersion = 54;
 	objects = {
 
 /* Begin PBXBuildFile section */
@@ -106,6 +106,7 @@
 				504EC3011FED79650016851F /* Frameworks */,
 				504EC3021FED79650016851F /* Resources */,
 				9592DBEFFC6D2A0C8D5DEB22 /* [CP] Embed Pods Frameworks */,
+				012076E8FFE4BF260A79B034 /* Fix Privacy Manifest */,
 			);
 			buildRules = (
 			);
@@ -122,8 +123,9 @@
 		504EC2FC1FED79650016851F /* Project object */ = {
 			isa = PBXProject;
 			attributes = {
+				BuildIndependentTargetsInParallel = YES;
 				LastSwiftUpdateCheck = 920;
-				LastUpgradeCheck = 920;
+				LastUpgradeCheck = 1630;
 				TargetAttributes = {
 					504EC3031FED79650016851F = {
 						CreatedOnToolsVersion = 9.2;
@@ -141,8 +143,6 @@
 				Base,
 			);
 			mainGroup = 504EC2FB1FED79650016851F;
-			packageReferences = (
-			);
 			productRefGroup = 504EC3051FED79650016851F /* Products */;
 			projectDirPath = "";
 			projectRoot = "";
@@ -169,6 +169,26 @@
 /* End PBXResourcesBuildPhase section */
 
 /* Begin PBXShellScriptBuildPhase section */
+		012076E8FFE4BF260A79B034 /* Fix Privacy Manifest */ = {
+			isa = PBXShellScriptBuildPhase;
+			alwaysOutOfDate = 1;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			inputFileListPaths = (
+			);
+			inputPaths = (
+			);
+			name = "Fix Privacy Manifest";
+			outputFileListPaths = (
+			);
+			outputPaths = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+			shellPath = /bin/sh;
+			shellScript = "\"${PROJECT_DIR}/app_privacy_manifest_fixer/fixer.sh\" ";
+			showEnvVarsInLog = 0;
+		};
 		6634F4EFEBD30273BCE97C65 /* [CP] Check Pods Manifest.lock */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
@@ -249,6 +269,7 @@
 				CLANG_WARN_BOOL_CONVERSION = YES;
 				CLANG_WARN_COMMA = YES;
 				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
 				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
 				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
 				CLANG_WARN_EMPTY_BODY = YES;
@@ -256,8 +277,10 @@
 				CLANG_WARN_INFINITE_RECURSION = YES;
 				CLANG_WARN_INT_CONVERSION = YES;
 				CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
+				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
 				CLANG_WARN_STRICT_PROTOTYPES = YES;
 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
@@ -267,8 +290,10 @@
 				CODE_SIGN_IDENTITY = "iPhone Developer";
 				COPY_PHASE_STRIP = NO;
 				DEBUG_INFORMATION_FORMAT = dwarf;
+				DEVELOPMENT_TEAM = 7XVXYPEQYJ;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
 				ENABLE_TESTABILITY = YES;
+				ENABLE_USER_SCRIPT_SANDBOXING = YES;
 				GCC_C_LANGUAGE_STANDARD = gnu11;
 				GCC_DYNAMIC_NO_PIC = NO;
 				GCC_NO_COMMON_BLOCKS = YES;
@@ -306,6 +331,7 @@
 				CLANG_WARN_BOOL_CONVERSION = YES;
 				CLANG_WARN_COMMA = YES;
 				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
 				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
 				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
 				CLANG_WARN_EMPTY_BODY = YES;
@@ -313,8 +339,10 @@
 				CLANG_WARN_INFINITE_RECURSION = YES;
 				CLANG_WARN_INT_CONVERSION = YES;
 				CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
+				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
 				CLANG_WARN_STRICT_PROTOTYPES = YES;
 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
@@ -324,8 +352,10 @@
 				CODE_SIGN_IDENTITY = "iPhone Developer";
 				COPY_PHASE_STRIP = NO;
 				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
+				DEVELOPMENT_TEAM = 7XVXYPEQYJ;
 				ENABLE_NS_ASSERTIONS = NO;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
+				ENABLE_USER_SCRIPT_SANDBOXING = YES;
 				GCC_C_LANGUAGE_STANDARD = gnu11;
 				GCC_NO_COMMON_BLOCKS = YES;
 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
@@ -337,7 +367,8 @@
 				IPHONEOS_DEPLOYMENT_TARGET = 13.0;
 				MTL_ENABLE_DEBUG_INFO = NO;
 				SDKROOT = iphoneos;
-				SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule";
+				SWIFT_COMPILATION_MODE = wholemodule;
+				SWIFT_OPTIMIZATION_LEVEL = "-O";
 				VALIDATE_PRODUCT = YES;
 			};
 			name = Release;
@@ -348,19 +379,23 @@
 			buildSettings = {
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 17;
-				DEVELOPMENT_TEAM = GM3FS5JQPH;
+				CURRENT_PROJECT_VERSION = 18;
+				ENABLE_APP_SANDBOX = NO;
+				ENABLE_USER_SCRIPT_SANDBOXING = NO;
 				INFOPLIST_FILE = App/Info.plist;
 				IPHONEOS_DEPLOYMENT_TARGET = 13.0;
-				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks";
-				MARKETING_VERSION = 0.4.6;
+				LD_RUNPATH_SEARCH_PATHS = (
+					"$(inherited)",
+					"@executable_path/Frameworks",
+				);
+				MARKETING_VERSION = 0.4.7;
 				OTHER_SWIFT_FLAGS = "$(inherited) \"-D\" \"COCOAPODS\" \"-DDEBUG\"";
 				PRODUCT_BUNDLE_IDENTIFIER = app.timesafari;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG;
 				SWIFT_VERSION = 5.0;
 				TARGETED_DEVICE_FAMILY = "1,2";
-				VERSIONING_SYSTEM = "apple-generic"; /* allows agvtool to set *_VERSION settings */
+				VERSIONING_SYSTEM = "apple-generic";
 			};
 			name = Debug;
 		};
@@ -370,18 +405,22 @@
 			buildSettings = {
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 17;
-				DEVELOPMENT_TEAM = GM3FS5JQPH;
+				CURRENT_PROJECT_VERSION = 18;
+				ENABLE_APP_SANDBOX = NO;
+				ENABLE_USER_SCRIPT_SANDBOXING = NO;
 				INFOPLIST_FILE = App/Info.plist;
 				IPHONEOS_DEPLOYMENT_TARGET = 13.0;
-				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks";
-				MARKETING_VERSION = 0.4.6;
+				LD_RUNPATH_SEARCH_PATHS = (
+					"$(inherited)",
+					"@executable_path/Frameworks",
+				);
+				MARKETING_VERSION = 0.4.7;
 				PRODUCT_BUNDLE_IDENTIFIER = app.timesafari;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				SWIFT_ACTIVE_COMPILATION_CONDITIONS = "";
 				SWIFT_VERSION = 5.0;
 				TARGETED_DEVICE_FAMILY = "1,2";
-				VERSIONING_SYSTEM = "apple-generic"; /* allows agvtool to set *_VERSION settings */
+				VERSIONING_SYSTEM = "apple-generic";
 			};
 			name = Release;
 		};

ios/App/app_privacy_manifest_fixer/.gitignore

@@ -0,0 +1,5 @@
+# macOS
+.DS_Store
+
+# Build
+/Build/

ios/App/app_privacy_manifest_fixer/CHANGELOG.md

@@ -0,0 +1,58 @@
+## 1.4.1
+- Fix macOS app re-signing issue.
+- Automatically enable Hardened Runtime in macOS codesign.
+- Add clean script.
+
+## 1.4.0
+- Support for macOS app ([#9](https://github.com/crasowas/app_privacy_manifest_fixer/issues/9)).
+
+## 1.3.11
+- Fix install issue by skipping `PBXAggregateTarget` ([#4](https://github.com/crasowas/app_privacy_manifest_fixer/issues/4)).
+
+## 1.3.10
+- Fix app re-signing issue.
+- Enhance Build Phases script robustness.
+
+## 1.3.9
+- Add log file output.
+
+## 1.3.8
+- Add version info to privacy access report.
+- Remove empty tables from privacy access report.
+
+## 1.3.7
+- Enhance API symbols analysis with strings tool.
+- Improve performance of API usage analysis.
+
+## 1.3.5
+- Fix issue with inaccurate privacy manifest search.
+- Disable dependency analysis to force the script to run on every build.
+- Add placeholder for privacy access report.
+- Update build output directory naming convention.
+- Add examples for privacy access report.
+
+## 1.3.0
+- Add privacy access report generation.
+
+## 1.2.3
+- Fix issue with relative path parameter.
+- Add support for all application targets.
+
+## 1.2.1
+- Fix backup issue with empty user templates directory.
+
+## 1.2.0
+- Add uninstall script.
+
+## 1.1.2
+- Remove `Templates/.gitignore` to track `UserTemplates`.
+- Fix incorrect use of `App.xcprivacy` template in `App.framework`.
+
+## 1.1.0
+- Add logs for latest release fetch failure.
+- Fix issue with converting published time to local time.
+- Disable showing environment variables in the build log.
+- Add `--install-builds-only` command line option.
+
+## 1.0.0
+- Initial version.

ios/App/app_privacy_manifest_fixer/Common/constants.sh

@@ -0,0 +1,80 @@
+#!/bin/bash
+
+# Copyright (c) 2025, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+set -e
+
+# Prevent duplicate loading
+if [ -n "$CONSTANTS_SH_LOADED" ]; then
+    return
+fi
+
+readonly CONSTANTS_SH_LOADED=1
+
+# File name of the privacy manifest
+readonly PRIVACY_MANIFEST_FILE_NAME="PrivacyInfo.xcprivacy"
+
+# Common privacy manifest template file names
+readonly APP_TEMPLATE_FILE_NAME="AppTemplate.xcprivacy"
+readonly FRAMEWORK_TEMPLATE_FILE_NAME="FrameworkTemplate.xcprivacy"
+
+# Universal delimiter
+readonly DELIMITER=":"
+
+# Space escape symbol for handling space in path
+readonly SPACE_ESCAPE="\u0020"
+
+# Default value when the version cannot be retrieved
+readonly UNKNOWN_VERSION="unknown"
+
+# Categories of required reason APIs
+readonly API_CATEGORIES=(
+    "NSPrivacyAccessedAPICategoryFileTimestamp"
+    "NSPrivacyAccessedAPICategorySystemBootTime"
+    "NSPrivacyAccessedAPICategoryDiskSpace"
+    "NSPrivacyAccessedAPICategoryActiveKeyboards"
+    "NSPrivacyAccessedAPICategoryUserDefaults"
+)
+
+# Symbol of the required reason APIs and their categories
+#
+# See also:
+#   * https://developer.apple.com/documentation/bundleresources/describing-use-of-required-reason-api
+#   * https://github.com/Wooder/ios_17_required_reason_api_scanner/blob/main/required_reason_api_binary_scanner.sh
+readonly API_SYMBOLS=(
+    # NSPrivacyAccessedAPICategoryFileTimestamp
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}getattrlist"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}getattrlistbulk"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}fgetattrlist"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}stat"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}fstat"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}fstatat"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}lstat"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}getattrlistat"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}NSFileCreationDate"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}NSFileModificationDate"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}NSURLContentModificationDateKey"
+    "NSPrivacyAccessedAPICategoryFileTimestamp${DELIMITER}NSURLCreationDateKey"
+    # NSPrivacyAccessedAPICategorySystemBootTime
+    "NSPrivacyAccessedAPICategorySystemBootTime${DELIMITER}systemUptime"
+    "NSPrivacyAccessedAPICategorySystemBootTime${DELIMITER}mach_absolute_time"
+    # NSPrivacyAccessedAPICategoryDiskSpace
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}statfs"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}statvfs"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}fstatfs"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}fstatvfs"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}NSFileSystemFreeSize"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}NSFileSystemSize"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}NSURLVolumeAvailableCapacityKey"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}NSURLVolumeAvailableCapacityForImportantUsageKey"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}NSURLVolumeAvailableCapacityForOpportunisticUsageKey"
+    "NSPrivacyAccessedAPICategoryDiskSpace${DELIMITER}NSURLVolumeTotalCapacityKey"
+    # NSPrivacyAccessedAPICategoryActiveKeyboards
+    "NSPrivacyAccessedAPICategoryActiveKeyboards${DELIMITER}activeInputModes"
+    # NSPrivacyAccessedAPICategoryUserDefaults
+    "NSPrivacyAccessedAPICategoryUserDefaults${DELIMITER}NSUserDefaults"
+)

ios/App/app_privacy_manifest_fixer/Common/utils.sh

@@ -0,0 +1,125 @@
+#!/bin/bash
+
+# Copyright (c) 2025, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+set -e
+
+# Prevent duplicate loading
+if [ -n "$UTILS_SH_LOADED" ]; then
+    return
+fi
+
+readonly UTILS_SH_LOADED=1
+
+# Absolute path of the script and the tool's root directory
+script_path="$(realpath "${BASH_SOURCE[0]}")"
+tool_root_path="$(dirname "$(dirname "$script_path")")"
+
+# Load common constants
+source "$tool_root_path/Common/constants.sh"
+
+# Print the elements of an array along with their indices
+function print_array() {
+    local -a array=("$@")
+    
+    for ((i=0; i<${#array[@]}; i++)); do
+        echo "[$i] $(decode_path "${array[i]}")"
+    done
+}
+
+# Split a string into substrings using a specified delimiter
+function split_string_by_delimiter() {
+    local string="$1"
+    local -a substrings=()
+
+    IFS="$DELIMITER" read -ra substrings <<< "$string"
+
+    echo "${substrings[@]}"
+}
+
+# Encode a path string by replacing space with an escape character
+function encode_path() {
+    echo "$1" | sed "s/ /$SPACE_ESCAPE/g"
+}
+
+# Decode a path string by replacing encoded character with space
+function decode_path() {
+    echo "$1" | sed "s/$SPACE_ESCAPE/ /g"
+}
+
+# Get the dependency name by removing common suffixes
+function get_dependency_name() {
+    local path="$1"
+    
+    local dir_name="$(basename "$path")"
+    # Remove `.app`, `.framework`, and `.xcframework` suffixes
+    local dep_name="${dir_name%.*}"
+    
+    echo "$dep_name"
+}
+
+# Get the executable name from the specified `Info.plist` file
+function get_plist_executable() {
+    local plist_file="$1"
+    
+    if [ ! -f "$plist_file" ]; then
+        echo ""
+    else
+        /usr/libexec/PlistBuddy -c "Print :CFBundleExecutable" "$plist_file" 2>/dev/null || echo ""
+    fi
+}
+
+# Get the version from the specified `Info.plist` file
+function get_plist_version() {
+    local plist_file="$1"
+
+    if [ ! -f "$plist_file" ]; then
+        echo "$UNKNOWN_VERSION"
+    else
+        /usr/libexec/PlistBuddy -c "Print :CFBundleShortVersionString" "$plist_file" 2>/dev/null || echo "$UNKNOWN_VERSION"
+    fi
+}
+
+# Get the path of the specified framework version
+function get_framework_path() {
+    local path="$1"
+    local version_path="$2"
+
+    if [ -z "$version_path" ]; then
+        echo "$path"
+    else
+        echo "$path/$version_path"
+    fi
+}
+
+# Search for privacy manifest files in the specified directory
+function search_privacy_manifest_files() {
+    local path="$1"
+    local -a privacy_manifest_files=()
+
+    # Create a temporary file to store search results
+    local temp_file="$(mktemp)"
+
+    # Ensure the temporary file is deleted on script exit
+    trap "rm -f $temp_file" EXIT
+
+    # Find privacy manifest files within the specified directory and store the results in the temporary file
+    find "$path" -type f -name "$PRIVACY_MANIFEST_FILE_NAME" -print0 2>/dev/null > "$temp_file"
+
+    while IFS= read -r -d '' file; do
+        privacy_manifest_files+=($(encode_path "$file"))
+    done < "$temp_file"
+
+    echo "${privacy_manifest_files[@]}"
+}
+
+# Get the privacy manifest file with the shortest path
+function get_privacy_manifest_file() {
+    local privacy_manifest_file="$(printf "%s\n" "$@" | awk '{print length, $0}' | sort -n | head -n1 | cut -d ' ' -f2-)"
+    
+    echo "$(decode_path "$privacy_manifest_file")"
+}

ios/App/app_privacy_manifest_fixer/Helper/xcode_install_helper.rb

@@ -0,0 +1,80 @@
+# Copyright (c) 2024, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+require 'xcodeproj'
+
+RUN_SCRIPT_PHASE_NAME = 'Fix Privacy Manifest'
+
+if ARGV.length < 2
+  puts "Usage: ruby xcode_install_helper.rb <project_path> <script_content> [install_builds_only (true|false)]"
+  exit 1
+end
+
+project_path = ARGV[0]
+run_script_content = ARGV[1]
+install_builds_only = ARGV[2] == 'true'
+
+# Find the first .xcodeproj file in the project directory
+xcodeproj_path = Dir.glob(File.join(project_path, "*.xcodeproj")).first
+
+# Validate the .xcodeproj file existence
+unless xcodeproj_path
+  puts "Error: No .xcodeproj file found in the specified directory."
+  exit 1
+end
+
+# Open the Xcode project file
+begin
+  project = Xcodeproj::Project.open(xcodeproj_path)
+rescue StandardError => e
+  puts "Error: Unable to open the project file - #{e.message}"
+  exit 1
+end
+
+# Process all targets in the project
+project.targets.each do |target|
+  # Skip PBXAggregateTarget
+  if target.is_a?(Xcodeproj::Project::Object::PBXAggregateTarget)
+    puts "Skipping aggregate target: #{target.name}."
+    next
+  end
+
+  # Check if the target is a native application target
+  if target.product_type == 'com.apple.product-type.application'
+    puts "Processing target: #{target.name}..."
+
+    # Check for an existing Run Script phase with the specified name
+    existing_phase = target.shell_script_build_phases.find { |phase| phase.name == RUN_SCRIPT_PHASE_NAME }
+
+    # Remove the existing Run Script phase if found
+    if existing_phase
+      puts "  - Removing existing Run Script."
+      target.build_phases.delete(existing_phase)
+    end
+
+    # Add the new Run Script phase at the end
+    puts "  - Adding new Run Script."
+    new_phase = target.new_shell_script_build_phase(RUN_SCRIPT_PHASE_NAME)
+    new_phase.shell_script = run_script_content
+    # Disable showing environment variables in the build log
+    new_phase.show_env_vars_in_log = '0'
+    # Run only for deployment post-processing if install_builds_only is true
+    new_phase.run_only_for_deployment_postprocessing = install_builds_only ? '1' : '0'
+    # Disable dependency analysis to force the script to run on every build, unless restricted to deployment builds by post-processing setting
+    new_phase.always_out_of_date = '1'
+  else
+    puts "Skipping non-application target: #{target.name}."
+  end
+end
+
+# Save the project file
+begin
+  project.save
+  puts "Successfully added the Run Script phase: '#{RUN_SCRIPT_PHASE_NAME}'."
+rescue StandardError => e
+  puts "Error: Unable to save the project file - #{e.message}"
+  exit 1
+end

ios/App/app_privacy_manifest_fixer/Helper/xcode_uninstall_helper.rb

@@ -0,0 +1,63 @@
+# Copyright (c) 2024, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+require 'xcodeproj'
+
+RUN_SCRIPT_PHASE_NAME = 'Fix Privacy Manifest'
+
+if ARGV.length < 1
+  puts "Usage: ruby xcode_uninstall_helper.rb <project_path>"
+  exit 1
+end
+
+project_path = ARGV[0]
+
+# Find the first .xcodeproj file in the project directory
+xcodeproj_path = Dir.glob(File.join(project_path, "*.xcodeproj")).first
+
+# Validate the .xcodeproj file existence
+unless xcodeproj_path
+  puts "Error: No .xcodeproj file found in the specified directory."
+  exit 1
+end
+
+# Open the Xcode project file
+begin
+  project = Xcodeproj::Project.open(xcodeproj_path)
+rescue StandardError => e
+  puts "Error: Unable to open the project file - #{e.message}"
+  exit 1
+end
+
+# Process all targets in the project
+project.targets.each do |target|
+  # Check if the target is an application target
+  if target.product_type == 'com.apple.product-type.application'
+    puts "Processing target: #{target.name}..."
+
+    # Check for an existing Run Script phase with the specified name
+    existing_phase = target.shell_script_build_phases.find { |phase| phase.name == RUN_SCRIPT_PHASE_NAME }
+
+    # Remove the existing Run Script phase if found
+    if existing_phase
+      puts "  - Removing existing Run Script."
+      target.build_phases.delete(existing_phase)
+    else
+      puts "  - No existing Run Script found."
+    end
+  else
+    puts "Skipping non-application target: #{target.name}."
+  end
+end
+
+# Save the project file
+begin
+  project.save
+  puts "Successfully removed the Run Script phase: '#{RUN_SCRIPT_PHASE_NAME}'."
+rescue StandardError => e
+  puts "Error: Unable to save the project file - #{e.message}"
+  exit 1
+end

ios/App/app_privacy_manifest_fixer/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 crasowas
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

ios/App/app_privacy_manifest_fixer/README.md

@@ -0,0 +1,240 @@
+# App Privacy Manifest Fixer
+
+[![Latest Version](https://img.shields.io/github/v/release/crasowas/app_privacy_manifest_fixer?logo=github)](https://github.com/crasowas/app_privacy_manifest_fixer/releases/latest)
+![Supported Platforms](https://img.shields.io/badge/Supported%20Platforms-iOS%20%7C%20macOS-brightgreen)
+[![License](https://img.shields.io/badge/License-MIT-green.svg)](https://opensource.org/licenses/MIT)
+
+**English | [简体中文](./README.zh-CN.md)**
+
+This tool is an automation solution based on Shell scripts, designed to analyze and fix the privacy manifest of iOS/macOS apps to ensure compliance with App Store requirements. It leverages the [App Store Privacy Manifest Analyzer](https://github.com/crasowas/app_store_required_privacy_manifest_analyser) to analyze API usage within the app and its dependencies, and generate or fix the `PrivacyInfo.xcprivacy` file.
+
+## ✨ Features
+
+- **Non-Intrusive Integration**: No need to modify the source code or adjust the project structure.
+- **Fast Installation and Uninstallation**: Quickly install or uninstall the tool with a single command.
+- **Automatic Analysis and Fixes**: Automatically analyzes API usage and fixes privacy manifest issues during the project build.
+- **Flexible Template Customization**: Supports custom privacy manifest templates for apps and frameworks, accommodating various usage scenarios.
+- **Privacy Access Report**: Automatically generates a report displaying the `NSPrivacyAccessedAPITypes` declarations for the app and SDKs.
+- **Effortless Version Upgrades**: Provides an upgrade script for quick updates to the latest version.
+
+## 📥 Installation
+
+### Download the Tool
+
+1. Download the [latest release](https://github.com/crasowas/app_privacy_manifest_fixer/releases/latest).
+2. Extract the downloaded file:
+   - The extracted directory is usually named `app_privacy_manifest_fixer-xxx` (where `xxx` is the version number).
+   - It is recommended to rename it to `app_privacy_manifest_fixer` or use the full directory name in subsequent paths.
+   - **It is advised to move the directory to your iOS/macOS project to avoid path-related issues on different devices, and to easily customize the privacy manifest template for each project**.
+
+### ⚡ Automatic Installation (Recommended)
+
+1. **Navigate to the tool's directory**:
+
+   ```shell
+   cd /path/to/app_privacy_manifest_fixer
+   ```
+
+2. **Run the installation script**:
+
+   ```shell
+   sh install.sh <project_path>
+   ```
+
+   - For Flutter projects, `project_path` should be the path to the `ios/macos` directory within the Flutter project.
+   - If the installation command is run again, the tool will first remove any existing installation (if present). To modify command-line options, simply rerun the installation command without the need to uninstall first.
+
+### Manual Installation
+
+If you prefer not to use the installation script, you can manually add the `Fix Privacy Manifest` task to the Xcode **Build Phases**. Follow these steps:
+
+#### 1. Add the Script in Xcode
+
+- Open your iOS/macOS project in Xcode, go to the **TARGETS** tab, and select your app target.
+- Navigate to **Build Phases**, click the **+** button, and select **New Run Script Phase**.
+- Rename the newly created **Run Script** to `Fix Privacy Manifest`.
+- In the Shell script box, add the following code:
+
+  ```shell
+  # Use relative path (recommended): if `app_privacy_manifest_fixer` is within the project directory
+  "$PROJECT_DIR/path/to/app_privacy_manifest_fixer/fixer.sh"
+
+  # Use absolute path: if `app_privacy_manifest_fixer` is outside the project directory
+  # "/absolute/path/to/app_privacy_manifest_fixer/fixer.sh"
+  ```
+
+  **Modify `path/to` or `absolute/path/to` as needed, and ensure the paths are correct. Remove or comment out the unused lines accordingly.**
+
+#### 2. Adjust the Script Execution Order
+
+**Move this script after all other Build Phases to ensure the privacy manifest is fixed after all resource copying and build tasks are completed**.
+
+### Build Phases Screenshot
+
+Below is a screenshot of the Xcode Build Phases configuration after successful automatic/manual installation (with no command-line options enabled):
+
+![Build Phases Screenshot](https://img.crasowas.dev/app_privacy_manifest_fixer/20250225011407.png)
+
+## 🚀 Getting Started
+
+After installation, the tool will automatically run with each project build, and the resulting application bundle will include the fixes.
+
+If the `--install-builds-only` command-line option is enabled during installation, the tool will only run during the installation of the build.
+
+### Xcode Build Log Screenshot
+
+Below is a screenshot of the log output from the tool during the project build (by default, it will be saved to the `app_privacy_manifest_fixer/Build` directory, unless the `-s` command-line option is enabled):
+
+![Xcode Build Log Screenshot](https://img.crasowas.dev/app_privacy_manifest_fixer/20250225011551.png)
+
+## 📖 Usage
+
+### Command Line Options
+
+- **Force overwrite existing privacy manifest (Not recommended)**:
+
+  ```shell
+  sh install.sh <project_path> -f
+  ```
+
+  Enabling the `-f` option will force the tool to generate a new privacy manifest based on the API usage analysis and privacy manifest template, overwriting the existing privacy manifest. By default (without `-f`), the tool only fixes missing privacy manifests.
+
+- **Silent mode**:
+
+  ```shell
+  sh install.sh <project_path> -s
+  ```
+
+  Enabling the `-s` option disables output during the fix process. The tool will no longer copy the generated `*.app`, automatically generate the privacy access report, or output the fix logs. By default (without `-s`), these outputs are stored in the `app_privacy_manifest_fixer/Build` directory.
+
+- **Run only during installation builds (Recommended)**:
+
+  ```shell
+  sh install.sh <project_path> --install-builds-only
+  ```
+
+  Enabling the `--install-builds-only` option makes the tool run only during installation builds (such as the **Archive** operation), optimizing build performance for daily development. If you manually installed, this option is ineffective, and you need to manually check the **"For install builds only"** option.
+
+  **Note**: If the iOS/macOS project is built in a development environment (where the generated app contains `*.debug.dylib` files), the tool's API usage analysis results may be inaccurate.
+
+### Upgrade the Tool
+
+To update to the latest version, run the following command:
+
+```shell
+sh upgrade.sh
+```
+
+### Uninstall the Tool
+
+To quickly uninstall the tool, run the following command:
+
+```shell
+sh uninstall.sh <project_path>
+```
+
+### Clean the Tool-Generated Files
+
+To remove files generated by the tool, run the following command:
+
+```shell
+sh clean.sh
+```
+
+## 🔥 Privacy Manifest Templates
+
+The privacy manifest templates are stored in the [`Templates`](https://github.com/crasowas/app_privacy_manifest_fixer/tree/main/Templates) directory, with the default templates already included in the root directory.
+
+**How can you customize the privacy manifests for apps or SDKs? Simply use [custom templates](#custom-templates)!**
+
+### Template Types
+
+The templates are categorized as follows:
+- **AppTemplate.xcprivacy**: A privacy manifest template for the app.
+- **FrameworkTemplate.xcprivacy**: A generic privacy manifest template for frameworks.
+- **FrameworkName.xcprivacy**: A privacy manifest template for a specific framework, available only in the `Templates/UserTemplates` directory.
+
+### Template Priority
+
+For an app, the priority of privacy manifest templates is as follows:
+- `Templates/UserTemplates/AppTemplate.xcprivacy` > `Templates/AppTemplate.xcprivacy`
+
+For a specific framework, the priority of privacy manifest templates is as follows:
+- `Templates/UserTemplates/FrameworkName.xcprivacy` > `Templates/UserTemplates/FrameworkTemplate.xcprivacy` > `Templates/FrameworkTemplate.xcprivacy`
+
+### Default Templates
+
+The default templates are located in the `Templates` root directory and currently include the following templates:
+- `Templates/AppTemplate.xcprivacy`
+- `Templates/FrameworkTemplate.xcprivacy`
+
+These templates will be modified based on the API usage analysis results, especially the `NSPrivacyAccessedAPIType` entries, to generate new privacy manifests for fixes, ensuring compliance with App Store requirements.
+
+**If adjustments to the privacy manifest template are needed, such as in the following scenarios, avoid directly modifying the default templates. Instead, use a custom template. If a custom template with the same name exists, it will take precedence over the default template for fixes.**
+- Generating a non-compliant privacy manifest due to inaccurate API usage analysis.
+- Modifying the reason declared in the template.
+- Adding declarations for collected data.
+
+The privacy access API categories and their associated declared reasons in `AppTemplate.xcprivacy` are listed below:
+
+| [NSPrivacyAccessedAPIType](https://developer.apple.com/documentation/bundleresources/app-privacy-configuration/nsprivacyaccessedapitypes/nsprivacyaccessedapitype) | [NSPrivacyAccessedAPITypeReasons](https://developer.apple.com/documentation/bundleresources/app-privacy-configuration/nsprivacyaccessedapitypes/nsprivacyaccessedapitypereasons) |
+|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| NSPrivacyAccessedAPICategoryFileTimestamp                                                                                                                          | C617.1: Inside app or group container                                                                                                                                            |
+| NSPrivacyAccessedAPICategorySystemBootTime                                                                                                                         | 35F9.1: Measure time on-device                                                                                                                                                   |
+| NSPrivacyAccessedAPICategoryDiskSpace                                                                                                                              | E174.1: Write or delete file on-device                                                                                                                                           |
+| NSPrivacyAccessedAPICategoryActiveKeyboards                                                                                                                        | 54BD.1: Customize UI on-device                                                                                                                                                   |
+| NSPrivacyAccessedAPICategoryUserDefaults                                                                                                                           | CA92.1: Access info from same app                                                                                                                                                |
+
+The privacy access API categories and their associated declared reasons in `FrameworkTemplate.xcprivacy` are listed below:
+
+| [NSPrivacyAccessedAPIType](https://developer.apple.com/documentation/bundleresources/app-privacy-configuration/nsprivacyaccessedapitypes/nsprivacyaccessedapitype) | [NSPrivacyAccessedAPITypeReasons](https://developer.apple.com/documentation/bundleresources/app-privacy-configuration/nsprivacyaccessedapitypes/nsprivacyaccessedapitypereasons) |
+|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| NSPrivacyAccessedAPICategoryFileTimestamp                                                                                                                          | 0A2A.1: 3rd-party SDK wrapper on-device                                                                                                                                          |
+| NSPrivacyAccessedAPICategorySystemBootTime                                                                                                                         | 35F9.1: Measure time on-device                                                                                                                                                   |
+| NSPrivacyAccessedAPICategoryDiskSpace                                                                                                                              | E174.1: Write or delete file on-device                                                                                                                                           |
+| NSPrivacyAccessedAPICategoryActiveKeyboards                                                                                                                        | 54BD.1: Customize UI on-device                                                                                                                                                   |
+| NSPrivacyAccessedAPICategoryUserDefaults                                                                                                                           | C56D.1: 3rd-party SDK wrapper on-device                                                                                                                                          |
+
+### Custom Templates
+
+To create custom templates, place them in the `Templates/UserTemplates` directory with the following structure:
+- `Templates/UserTemplates/AppTemplate.xcprivacy`
+- `Templates/UserTemplates/FrameworkTemplate.xcprivacy`
+- `Templates/UserTemplates/FrameworkName.xcprivacy`
+
+Among these templates, only `FrameworkTemplate.xcprivacy` will be modified based on the API usage analysis results to adjust the `NSPrivacyAccessedAPIType` entries, thereby generating a new privacy manifest for framework fixes. The other templates will remain unchanged and will be directly used for fixes.
+
+**Important Notes:**
+- The template for a specific framework must follow the naming convention `FrameworkName.xcprivacy`, where `FrameworkName` should match the name of the framework. For example, the template for `Flutter.framework` should be named `Flutter.xcprivacy`.
+- For macOS frameworks, the naming convention should be `FrameworkName.Version.xcprivacy`, where the version name is added to distinguish different versions. For a single version macOS framework, the `Version` is typically `A`.
+- The name of an SDK may not exactly match the name of the framework. To determine the correct framework name, check the `Frameworks` directory in the application bundle after building the project.
+
+## 📑 Privacy Access Report
+
+By default, the tool automatically generates privacy access reports for both the original and fixed versions of the app during each project build, and stores the reports in the `app_privacy_manifest_fixer/Build` directory.
+
+If you need to manually generate a privacy access report for a specific app, run the following command:
+
+```shell
+sh Report/report.sh <app_path> <report_output_path>
+# <app_path>: Path to the app (e.g., /path/to/App.app)
+# <report_output_path>: Path to save the report file (e.g., /path/to/report.html)
+```
+
+**Note**: The report generated by the tool currently only includes the privacy access section (`NSPrivacyAccessedAPITypes`). To view the data collection section (`NSPrivacyCollectedDataTypes`), please use Xcode to generate the `PrivacyReport`.
+
+### Sample Report Screenshots
+
+| Original App Report (report-original.html)                                                     | Fixed App Report (report.html)                                                              |
+|------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------|
+| ![Original App Report](https://img.crasowas.dev/app_privacy_manifest_fixer/20241218230746.png) | ![Fixed App Report](https://img.crasowas.dev/app_privacy_manifest_fixer/20241218230822.png) |
+
+## 💡 Important Considerations
+
+- If the latest version of the SDK supports a privacy manifest, please upgrade as soon as possible to avoid unnecessary risks.
+- This tool is a temporary solution and should not replace proper SDK management practices.
+- Before submitting your app for review, ensure that the privacy manifest fix complies with the latest App Store requirements.
+
+## 🙌 Contributing
+
+Contributions in any form are welcome, including code optimizations, bug fixes, documentation improvements, and more. Please follow the project's guidelines and maintain a consistent coding style. Thank you for your support!

ios/App/app_privacy_manifest_fixer/README.zh-CN.md

@@ -0,0 +1,240 @@
+# App Privacy Manifest Fixer
+
+[![Latest Version](https://img.shields.io/github/v/release/crasowas/app_privacy_manifest_fixer?logo=github)](https://github.com/crasowas/app_privacy_manifest_fixer/releases/latest)
+![Supported Platforms](https://img.shields.io/badge/Supported%20Platforms-iOS%20%7C%20macOS-brightgreen)
+[![License](https://img.shields.io/badge/License-MIT-green.svg)](https://opensource.org/licenses/MIT)
+
+**[English](./README.md) | 简体中文**
+
+本工具是一个基于 Shell 脚本的自动化解决方案，旨在分析和修复 iOS/macOS App 的隐私清单，确保 App 符合 App Store 的要求。它利用 [App Store Privacy Manifest Analyzer](https://github.com/crasowas/app_store_required_privacy_manifest_analyser) 对 App 及其依赖项进行 API 使用分析，并生成或修复`PrivacyInfo.xcprivacy`文件。
+
+## ✨ 功能特点
+
+- **非侵入式集成**：无需修改源码或调整项目结构。
+- **极速安装与卸载**：一行命令即可快速完成工具的安装或卸载。
+- **自动分析与修复**：项目构建时自动分析 API 使用情况并修复隐私清单问题。
+- **灵活定制模板**：支持自定义 App 和 Framework 的隐私清单模板，满足多种使用场景。
+- **隐私访问报告**：自动生成报告用于查看 App 和 SDK 的`NSPrivacyAccessedAPITypes`声明情况。
+- **版本轻松升级**：提供升级脚本快速更新至最新版本。
+
+## 📥 安装
+
+### 下载工具
+
+1. 下载[最新发布版本](https://github.com/crasowas/app_privacy_manifest_fixer/releases/latest)。
+2. 解压下载的文件：
+   - 解压后的目录通常为`app_privacy_manifest_fixer-xxx`（其中`xxx`是版本号）。
+   - 建议重命名为`app_privacy_manifest_fixer`，或在后续路径中使用完整目录名。
+   - **建议将该目录移动至 iOS/macOS 项目中，以避免因路径问题在不同设备上运行时出现错误，同时便于为每个项目单独自定义隐私清单模板**。
+
+### ⚡ 自动安装（推荐）
+
+1. **切换到工具所在目录**：
+
+   ```shell
+   cd /path/to/app_privacy_manifest_fixer
+   ```
+
+2. **运行以下安装脚本**：
+
+   ```shell
+   sh install.sh <project_path>
+   ```  
+   
+   - 如果是 Flutter 项目，`project_path`应为 Flutter 项目中的`ios/macos`目录路径。
+   - 重复运行安装命令时，工具会先移除现有安装（如果有）。若需修改命令行选项，只需重新运行安装命令，无需先卸载。
+
+### 手动安装
+
+如果不使用安装脚本，可以手动添加`Fix Privacy Manifest`任务到 Xcode 的 **Build Phases** 完成安装。安装步骤如下：
+
+#### 1. 在 Xcode 中添加脚本
+
+- 用 Xcode 打开你的 iOS/macOS 项目，进入 **TARGETS** 选项卡，选择你的 App 目标。
+- 进入 **Build Phases**，点击 **+** 按钮，选择 **New Run Script Phase**。
+- 将新建的 **Run Script** 重命名为`Fix Privacy Manifest`。
+- 在 Shell 脚本框中添加以下代码：
+
+  ```shell
+  # 使用相对路径（推荐）：如果`app_privacy_manifest_fixer`在项目目录内
+  "$PROJECT_DIR/path/to/app_privacy_manifest_fixer/fixer.sh"
+
+  # 使用绝对路径：如果`app_privacy_manifest_fixer`不在项目目录内
+  # "/absolute/path/to/app_privacy_manifest_fixer/fixer.sh"
+  ```
+
+  **请根据实际情况修改`path/to`或`absolute/path/to`，并确保路径正确。同时，删除或注释掉不适用的行**。
+
+#### 2. 调整脚本执行顺序
+
+**将该脚本移动到所有其他 Build Phases 之后，确保隐私清单在所有资源拷贝和编译任务完成后再进行修复**。
+
+### Build Phases 截图
+
+下面是自动/手动安装成功后的 Xcode Build Phases 配置截图（未启用任何命令行选项）：
+
+![Build Phases Screenshot](https://img.crasowas.dev/app_privacy_manifest_fixer/20250225011407.png)
+
+## 🚀 快速开始
+
+安装后，工具将在每次构建项目时自动运行，构建完成后得到的 App 包已经是修复后的结果。
+
+如果启用`--install-builds-only`命令行选项安装，工具将仅在安装构建时运行。
+
+### Xcode Build Log 截图
+
+下面是项目构建时工具输出的日志截图（默认会存储到`app_privacy_manifest_fixer/Build`目录，除非启用`-s`命令行选项）：
+
+![Xcode Build Log Screenshot](https://img.crasowas.dev/app_privacy_manifest_fixer/20250225011551.png)
+
+## 📖 使用方法
+
+### 命令行选项
+
+- **强制覆盖现有隐私清单（不推荐）**：
+
+  ```shell
+  sh install.sh <project_path> -f
+  ```
+
+  启用`-f`选项后，工具会根据 API 使用分析结果和隐私清单模板生成新的隐私清单，并强制覆盖现有隐私清单。默认情况下（未启用`-f`），工具仅修复缺失的隐私清单。
+
+- **静默模式**：
+
+  ```shell
+  sh install.sh <project_path> -s
+  ```
+
+  启用`-s`选项后，工具将禁用修复时的输出，不再复制构建生成的`*.app`、自动生成隐私访问报告或输出修复日志。默认情况下（未启用`-s`），这些输出存储在`app_privacy_manifest_fixer/Build`目录。
+
+- **仅在安装构建时运行（推荐）**：
+
+  ```shell
+  sh install.sh <project_path> --install-builds-only
+  ```
+
+  启用`--install-builds-only`选项后，工具仅在执行安装构建（如 **Archive** 操作）时运行，以优化日常开发时的构建性能。如果你是手动安装的，该命令行选项无效，需要手动勾选 **"For install builds only"** 选项。
+
+  **注意**：如果 iOS/macOS 项目在开发环境构建（生成的 App 包含`*.debug.dylib`文件），工具的 API 使用分析结果可能不准确。
+
+### 升级工具
+
+要更新至最新版本，请运行以下命令：
+
+```shell
+sh upgrade.sh
+```
+
+### 卸载工具
+
+要快速卸载本工具，请运行以下命令：
+
+```shell
+sh uninstall.sh <project_path>
+```
+
+### 清理工具生成的文件
+
+要删除工具生成的文件，请运行以下命令：
+
+```shell
+sh clean.sh
+```
+
+## 🔥 隐私清单模板
+
+隐私清单模板存储在[`Templates`](https://github.com/crasowas/app_privacy_manifest_fixer/tree/main/Templates)目录，其中根目录已经包含默认模板。
+
+**如何为 App 或 SDK 自定义隐私清单？只需使用[自定义模板](#自定义模板)！**
+
+### 模板类型
+
+模板分为以下几类：
+- **AppTemplate.xcprivacy**：App 的隐私清单模板。
+- **FrameworkTemplate.xcprivacy**：通用的 Framework 隐私清单模板。
+- **FrameworkName.xcprivacy**：特定的 Framework 隐私清单模板，仅在`Templates/UserTemplates`目录有效。
+
+### 模板优先级
+
+对于 App，隐私清单模板的优先级如下：
+- `Templates/UserTemplates/AppTemplate.xcprivacy` > `Templates/AppTemplate.xcprivacy`
+
+对于特定的 Framework，隐私清单模板的优先级如下：
+- `Templates/UserTemplates/FrameworkName.xcprivacy` > `Templates/UserTemplates/FrameworkTemplate.xcprivacy` > `Templates/FrameworkTemplate.xcprivacy`
+
+### 默认模板
+
+默认模板位于`Templates`根目录，目前包括以下模板：
+- `Templates/AppTemplate.xcprivacy`
+- `Templates/FrameworkTemplate.xcprivacy`
+
+这些模板将根据 API 使用分析结果进行修改，特别是`NSPrivacyAccessedAPIType`条目将被调整，以生成新的隐私清单用于修复，确保符合 App Store 要求。
+
+**如果需要调整隐私清单模板，例如以下场景，请避免直接修改默认模板，而是使用自定义模板。如果存在相同名称的自定义模板，它将优先于默认模板用于修复。**
+- 由于 API 使用分析结果不准确，生成了不合规的隐私清单。
+- 需要修改模板中声明的理由。
+- 需要声明收集的数据。
+
+`AppTemplate.xcprivacy`中隐私访问 API 类别及其对应声明的理由如下：
+
+| [NSPrivacyAccessedAPIType](https://developer.apple.com/documentation/bundleresources/app-privacy-configuration/nsprivacyaccessedapitypes/nsprivacyaccessedapitype) | [NSPrivacyAccessedAPITypeReasons](https://developer.apple.com/documentation/bundleresources/app-privacy-configuration/nsprivacyaccessedapitypes/nsprivacyaccessedapitypereasons) |
+|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| NSPrivacyAccessedAPICategoryFileTimestamp                                                                                                                          | C617.1: Inside app or group container                                                                                                                                            |
+| NSPrivacyAccessedAPICategorySystemBootTime                                                                                                                         | 35F9.1: Measure time on-device                                                                                                                                                   |
+| NSPrivacyAccessedAPICategoryDiskSpace                                                                                                                              | E174.1: Write or delete file on-device                                                                                                                                           |
+| NSPrivacyAccessedAPICategoryActiveKeyboards                                                                                                                        | 54BD.1: Customize UI on-device                                                                                                                                                   |
+| NSPrivacyAccessedAPICategoryUserDefaults                                                                                                                           | CA92.1: Access info from same app                                                                                                                                                |
+
+`FrameworkTemplate.xcprivacy`中隐私访问 API 类别及其对应声明的理由如下：
+
+| [NSPrivacyAccessedAPIType](https://developer.apple.com/documentation/bundleresources/app-privacy-configuration/nsprivacyaccessedapitypes/nsprivacyaccessedapitype) | [NSPrivacyAccessedAPITypeReasons](https://developer.apple.com/documentation/bundleresources/app-privacy-configuration/nsprivacyaccessedapitypes/nsprivacyaccessedapitypereasons) |
+|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| NSPrivacyAccessedAPICategoryFileTimestamp                                                                                                                          | 0A2A.1: 3rd-party SDK wrapper on-device                                                                                                                                          |
+| NSPrivacyAccessedAPICategorySystemBootTime                                                                                                                         | 35F9.1: Measure time on-device                                                                                                                                                   |
+| NSPrivacyAccessedAPICategoryDiskSpace                                                                                                                              | E174.1: Write or delete file on-device                                                                                                                                           |
+| NSPrivacyAccessedAPICategoryActiveKeyboards                                                                                                                        | 54BD.1: Customize UI on-device                                                                                                                                                   |
+| NSPrivacyAccessedAPICategoryUserDefaults                                                                                                                           | C56D.1: 3rd-party SDK wrapper on-device                                                                                                                                          |
+
+### 自定义模板
+
+要创建自定义模板，请将其放在`Templates/UserTemplates`目录，结构如下：
+- `Templates/UserTemplates/AppTemplate.xcprivacy`
+- `Templates/UserTemplates/FrameworkTemplate.xcprivacy`
+- `Templates/UserTemplates/FrameworkName.xcprivacy`
+
+在这些模板中，只有`FrameworkTemplate.xcprivacy`会根据 API 使用分析结果对`NSPrivacyAccessedAPIType`条目进行调整，以生成新的隐私清单用于 Framework 修复。其他模板保持不变，将直接用于修复。
+
+**重要说明：**
+- 特定的 Framework 模板必须遵循命名规范`FrameworkName.xcprivacy`，其中`FrameworkName`需与 Framework 的名称匹配。例如`Flutter.framework`的模板应命名为`Flutter.xcprivacy`。
+- 对于 macOS Framework，应遵循命名规范`FrameworkName.Version.xcprivacy`，额外增加版本名称用于区分不同的版本。对于单一版本的 macOS Framework，`Version`通常为`A`。
+- SDK 的名称可能与 Framework 的名称不完全一致。要确定正确的 Framework 名称，请在构建项目后检查 App 包中的`Frameworks`目录。
+
+## 📑 隐私访问报告
+
+默认情况下，工具会自动在每次构建时为原始 App 和修复后的 App 生成隐私访问报告，并存储到`app_privacy_manifest_fixer/Build`目录。
+
+如果需要手动为特定 App 生成隐私访问报告，请运行以下命令：
+
+```shell
+sh Report/report.sh <app_path> <report_output_path>
+# <app_path>: App路径（例如：/path/to/App.app）
+# <report_output_path>: 报告文件保存路径（例如：/path/to/report.html）
+```
+
+**注意**：工具生成的报告目前仅包含隐私访问部分（`NSPrivacyAccessedAPITypes`），如果想看数据收集部分（`NSPrivacyCollectedDataTypes`）请使用 Xcode 生成`PrivacyReport`。
+
+### 报告示例截图
+
+| 原始 App 报告（report-original.html）                                                                | 修复后 App 报告（report.html）                                                                     |
+|------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------|
+| ![Original App Report](https://img.crasowas.dev/app_privacy_manifest_fixer/20241218230746.png) | ![Fixed App Report](https://img.crasowas.dev/app_privacy_manifest_fixer/20241218230822.png) |
+
+## 💡 重要考量 
+
+- 如果最新版本的 SDK 支持隐私清单，请尽可能升级，以避免不必要的风险。
+- 此工具仅为临时解决方案，不应替代正确的 SDK 管理实践。
+- 在提交 App 审核之前，请检查隐私清单修复后是否符合最新的 App Store 要求。
+
+## 🙌 贡献
+
+欢迎任何形式的贡献，包括代码优化、Bug 修复、文档改进等。请确保遵循项目规范，并保持代码风格一致。感谢你的支持！

ios/App/app_privacy_manifest_fixer/Report/report-template.html

@@ -0,0 +1,124 @@
+<!--
+  Copyright (c) 2024, crasowas.
+
+  Use of this source code is governed by a MIT-style license
+  that can be found in the LICENSE file or at
+  https://opensource.org/licenses/MIT.
+-->
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+    <title>Privacy Access Report</title>
+
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            margin: 20px;
+            color: #333;
+            background-color: #f9f9f9;
+            line-height: 1.6;
+        }
+
+        .card {
+            background-color: #fff;
+            border-radius: 10px;
+            box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
+            margin-bottom: 20px;
+            padding: 20px;
+            min-width: 735px;
+        }
+
+        h2 {
+            font-size: 1.2em;
+            margin: 0 0 15px;
+            padding: 12px 20px;
+            color: #fff;
+            background-color: #5a9e6d;
+            border-radius: 8px;
+            display: flex;
+            justify-content: space-between;
+            align-items: center;
+        }
+
+        h2 .version {
+            font-size: 0.7em;
+            color: #5a9e6d;
+            background: #f1f1f1;
+            padding: 2px 6px;
+            border-radius: 6px;
+        }
+
+        a {
+            text-decoration: none;
+            color: #5a9e6d;
+            background-color: #fcfcfc;
+            padding: 8px 16px;
+            border: 1px solid #5a9e6d;
+            border-radius: 5px;
+            font-size: 0.9em;
+            margin-right: 16px;
+            transition: background-color 0.3s ease, color 0.3s ease;
+        }
+
+        a:hover {
+            color: #fff;
+            background-color: #5a9e6d;
+        }
+
+        a.warning {
+            color: #e0b73c;
+            background-color: #fcfcfc;
+            border: 1px solid #e0b73c;
+        }
+
+        a.warning:hover {
+            color: #fff;
+            background-color: #e0b73c;
+        }
+
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            background-color: #fff;
+            border-radius: 8px;
+            overflow: hidden;
+            margin-top: 20px;
+        }
+
+        th,
+        td {
+            border: 1px solid #ddd;
+            padding: 12px 20px;
+            text-align: left;
+        }
+
+        th {
+            color: #fff;
+            background-color: #b0b8b1;
+            font-weight: bold;
+        }
+
+        tbody tr:nth-child(odd) {
+            background-color: #f9f9f9;
+        }
+
+        tbody tr:hover {
+            background-color: #f0f0f0;
+        }
+    </style>
+</head>
+<body>
+<div class="card" style="display: flex; justify-content: space-between; align-items: center;">
+    <span>
+        This report was generated using version <strong>{{TOOL_VERSION}}</strong>.
+    </span>
+    <a href="https://github.com/crasowas/app_privacy_manifest_fixer" target="_blank">Like this
+        project? 🌟Star it on GitHub!</a>
+</div>
+{{REPORT_CONTENT}}
+</body>
+</html>

ios/App/app_privacy_manifest_fixer/Report/report.sh

@@ -0,0 +1,285 @@
+#!/bin/bash
+
+# Copyright (c) 2024, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+set -e
+
+# Absolute path of the script and the tool's root directory
+script_path="$(realpath "$0")"
+tool_root_path="$(dirname "$(dirname "$script_path")")"
+
+# Load common constants and utils
+source "$tool_root_path/Common/constants.sh"
+source "$tool_root_path/Common/utils.sh"
+
+# Path to the app
+app_path="$1"
+
+# Check if the app exists
+if [ ! -d "$app_path" ] || [[ "$app_path" != *.app ]]; then
+    echo "Unable to find the app: $app_path"
+    exit 1
+fi
+
+# Check if the app is iOS or macOS
+is_ios_app=true
+frameworks_dir="$app_path/Frameworks"
+if [ -d "$app_path/Contents/MacOS" ]; then
+    is_ios_app=false
+    frameworks_dir="$app_path/Contents/Frameworks"
+fi
+
+report_output_file="$2"
+# Additional arguments as template usage records
+template_usage_records=("${@:2}")
+
+# Copy report template to output file
+report_template_file="$tool_root_path/Report/report-template.html"
+if ! rsync -a "$report_template_file" "$report_output_file"; then
+    echo "Failed to copy the report template to $report_output_file"
+    exit 1
+fi
+
+# Read the current tool's version from the VERSION file
+tool_version_file="$tool_root_path/VERSION"
+tool_version="N/A"
+if [ -f "$tool_version_file" ]; then
+    tool_version="$(cat "$tool_version_file")"
+fi
+
+# Initialize report content
+report_content=""
+
+# Get the template file used for fixing based on the app or framework name
+function get_used_template_file() {
+    local name="$1"
+    
+    for template_usage_record in "${template_usage_records[@]}"; do
+        if [[ "$template_usage_record" == "$name$DELIMITER"* ]]; then
+            echo "${template_usage_record#*$DELIMITER}"
+            return
+        fi
+    done
+    
+    echo ""
+}
+
+# Analyze accessed API types and their corresponding reasons
+function analyze_privacy_accessed_api() {
+    local privacy_manifest_file="$1"
+    local -a results=()
+
+    if [ -f "$privacy_manifest_file" ]; then
+        local api_count=$(xmllint --xpath 'count(//dict/key[text()="NSPrivacyAccessedAPIType"])' "$privacy_manifest_file")
+
+        for ((i=1; i<=api_count; i++)); do
+            local api_type=$(xmllint --xpath "(//dict/key[text()='NSPrivacyAccessedAPIType']/following-sibling::string[1])[$i]/text()" "$privacy_manifest_file" 2>/dev/null)
+            local api_reasons=$(xmllint --xpath "(//dict/key[text()='NSPrivacyAccessedAPITypeReasons']/following-sibling::array[1])[position()=$i]/string/text()" "$privacy_manifest_file" 2>/dev/null | paste -sd "/" -)
+            
+            if [ -z "$api_type" ]; then
+                api_type="N/A"
+            fi
+            
+            if [ -z "$api_reasons" ]; then
+                api_reasons="N/A"
+            fi
+            
+            results+=("$api_type$DELIMITER$api_reasons")
+        done
+    fi
+
+    echo "${results[@]}"
+}
+
+# Get the path to the `Info.plist` file for the specified app or framework
+function get_plist_file() {
+    local path="$1"
+    local version_path="$2"
+    local plist_file=""
+    
+    if [[ "$path" == *.app ]]; then
+        if [ "$is_ios_app" == true ]; then
+            plist_file="$path/Info.plist"
+        else
+            plist_file="$path/Contents/Info.plist"
+        fi
+    elif [[ "$path" == *.framework ]]; then
+        local framework_path="$(get_framework_path "$path" "$version_path")"
+        
+        if [ "$is_ios_app" == true ]; then
+            plist_file="$framework_path/Info.plist"
+        else
+            plist_file="$framework_path/Resources/Info.plist"
+        fi
+    fi
+    
+    echo "$plist_file"
+}
+
+# Add an HTML <div> element with the `card` class
+function add_html_card_container() {
+    local card="$1"
+    
+    report_content="$report_content<div class=\"card\">$card</div>"
+}
+
+# Generate an HTML <h2> element
+function generate_html_header() {
+    local title="$1"
+    local version="$2"
+    
+    echo "<h2>$title<span class=\"version\">Version $version</span></h2>"
+}
+
+# Generate an HTML <a> element with optional `warning` class
+function generate_html_anchor() {
+    local text="$1"
+    local href="$2"
+    local warning="$3"
+    
+    if [ "$warning" == true ]; then
+        echo "<a class=\"warning\" href=\"$href\">$text</a>"
+    else
+        echo "<a href=\"$href\">$text</a>"
+    fi
+}
+
+# Generate an HTML <table> element
+function generate_html_table() {
+    local thead="$1"
+    local tbody="$2"
+    
+    echo "<table>$thead$tbody</table>"
+}
+
+# Generate an HTML <thead> element
+function generate_html_thead() {
+    local ths=("$@")
+    local tr=""
+    
+    for th in "${ths[@]}"; do
+        tr="$tr<th>$th</th>"
+    done
+    
+    echo "<thead><tr>$tr</tr></thead>"
+}
+
+# Generate an HTML <tbody> element
+function generate_html_tbody() {
+    local trs=("$@")
+    local tbody=""
+    
+    for tr in "${trs[@]}"; do
+        tbody="$tbody<tr>"
+        local tds=($(split_string_by_delimiter "$tr"))
+        
+        for td in "${tds[@]}"; do
+            tbody="$tbody<td>$td</td>"
+        done
+        
+        tbody="$tbody</tr>"
+    done
+    
+    echo "<tbody>$tbody</tbody>"
+}
+
+# Generate the report content for the specified directory
+function generate_report_content() {
+    local path="$1"
+    local version_path="$2"
+    local privacy_manifest_file=""
+    
+    if [[ "$path" == *.app ]]; then
+        # Per the documentation, the privacy manifest should be placed at the root of the app’s bundle for iOS, while for macOS, it should be located in `Contents/Resources/` within the app’s bundle
+        # Reference: https://developer.apple.com/documentation/bundleresources/adding-a-privacy-manifest-to-your-app-or-third-party-sdk#Add-a-privacy-manifest-to-your-app
+        if [ "$is_ios_app" == true ]; then
+            privacy_manifest_file="$path/$PRIVACY_MANIFEST_FILE_NAME"
+        else
+            privacy_manifest_file="$path/Contents/Resources/$PRIVACY_MANIFEST_FILE_NAME"
+        fi
+    else
+        # Per the documentation, the privacy manifest should be placed at the root of the iOS framework, while for a macOS framework with multiple versions, it should be located in the `Resources` directory within the corresponding version
+        # Some SDKs don’t follow the guideline, so we use a search-based approach for now
+        # Reference: https://developer.apple.com/documentation/bundleresources/adding-a-privacy-manifest-to-your-app-or-third-party-sdk#Add-a-privacy-manifest-to-your-framework
+        local framework_path="$(get_framework_path "$path" "$version_path")"
+        local privacy_manifest_files=($(search_privacy_manifest_files "$framework_path"))
+        privacy_manifest_file="$(get_privacy_manifest_file "${privacy_manifest_files[@]}")"
+    fi
+    
+    local name="$(basename "$path")"
+    local title="$name"
+    if [ -n "$version_path" ]; then
+        title="$name ($version_path)"
+    fi
+    
+    local plist_file="$(get_plist_file "$path" "$version_path")"
+    local version="$(get_plist_version "$plist_file")"
+    local card="$(generate_html_header "$title" "$version")"
+    
+    if [ -f "$privacy_manifest_file" ]; then
+        card="$card$(generate_html_anchor "$PRIVACY_MANIFEST_FILE_NAME" "$privacy_manifest_file" false)"
+        
+        local used_template_file="$(get_used_template_file "$name$version_path")"
+        
+        if [ -f "$used_template_file" ]; then
+            card="$card$(generate_html_anchor "Template Used: $(basename "$used_template_file")" "$used_template_file" false)"
+        fi
+        
+        local trs=($(analyze_privacy_accessed_api "$privacy_manifest_file"))
+        
+        # Generate table only if the accessed privacy API types array is not empty
+        if [[ ${#trs[@]} -gt 0 ]]; then
+            local thead="$(generate_html_thead "NSPrivacyAccessedAPIType" "NSPrivacyAccessedAPITypeReasons")"
+            local tbody="$(generate_html_tbody "${trs[@]}")"
+            
+            card="$card$(generate_html_table "$thead" "$tbody")"
+        fi
+    else
+        card="$card$(generate_html_anchor "Missing Privacy Manifest" "$path" true)"
+    fi
+    
+    add_html_card_container "$card"
+}
+
+# Generate the report content for app
+function generate_app_report_content() {
+    generate_report_content "$app_path" ""
+}
+
+# Generate the report content for frameworks
+function generate_frameworks_report_content() {
+    if ! [ -d "$frameworks_dir" ]; then
+        return
+    fi
+    
+    for path in "$frameworks_dir"/*; do
+        if [ -d "$path" ]; then
+            local versions_dir="$path/Versions"
+            
+            if [ -d "$versions_dir" ]; then
+                for version in $(ls -1 "$versions_dir" | grep -vE '^Current$'); do
+                    local version_path="Versions/$version"
+                    generate_report_content "$path" "$version_path"
+                done
+            else
+                generate_report_content "$path" ""
+            fi
+        fi
+    done
+}
+
+# Generate the final report with all content
+function generate_final_report() {
+    # Replace placeholders in the template with the tool's version and report content
+    sed -i "" -e "s|{{TOOL_VERSION}}|$tool_version|g" -e "s|{{REPORT_CONTENT}}|${report_content}|g" "$report_output_file"
+    
+    echo "Privacy Access Report has been generated: $report_output_file"
+}
+
+generate_app_report_content
+generate_frameworks_report_content
+generate_final_report

ios/App/app_privacy_manifest_fixer/Templates/AppTemplate.xcprivacy

@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>NSPrivacyTracking</key>
+	<false/>
+	<key>NSPrivacyTrackingDomains</key>
+	<array/>
+	<key>NSPrivacyCollectedDataTypes</key>
+	<array/>
+	<key>NSPrivacyAccessedAPITypes</key>
+	<array>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>C617.1</string>
+			</array>
+		</dict>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategorySystemBootTime</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>35F9.1</string>
+			</array>
+		</dict>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategoryDiskSpace</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>E174.1</string>
+			</array>
+		</dict>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategoryActiveKeyboards</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>54BD.1</string>
+			</array>
+		</dict>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>CA92.1</string>
+			</array>
+		</dict>
+	</array>
+</dict>
+</plist>

ios/App/app_privacy_manifest_fixer/Templates/FrameworkTemplate.xcprivacy

@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>NSPrivacyTracking</key>
+	<false/>
+	<key>NSPrivacyTrackingDomains</key>
+	<array/>
+	<key>NSPrivacyCollectedDataTypes</key>
+	<array/>
+	<key>NSPrivacyAccessedAPITypes</key>
+	<array>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>0A2A.1</string>
+			</array>
+		</dict>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategorySystemBootTime</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>35F9.1</string>
+			</array>
+		</dict>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategoryDiskSpace</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>E174.1</string>
+			</array>
+		</dict>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategoryActiveKeyboards</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>54BD.1</string>
+			</array>
+		</dict>
+		<dict>
+			<key>NSPrivacyAccessedAPIType</key>
+			<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
+			<key>NSPrivacyAccessedAPITypeReasons</key>
+			<array>
+				<string>C56D.1</string>
+			</array>
+		</dict>
+	</array>
+</dict>
+</plist>

ios/App/app_privacy_manifest_fixer/VERSION

@@ -0,0 +1 @@
+v1.4.1

ios/App/app_privacy_manifest_fixer/clean.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+# Copyright (c) 2025, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+set -e
+
+target_paths=("Build")
+
+echo "Cleaning..."
+
+deleted_anything=false
+
+for path in "${target_paths[@]}"; do
+    if [ -e "$path" ]; then
+        echo "Removing $path..."
+        rm -rf "./$path"
+        deleted_anything=true
+    fi
+done
+
+if [ "$deleted_anything" == true ]; then
+    echo "Cleanup completed."
+else
+    echo "Nothing to clean."
+fi

ios/App/app_privacy_manifest_fixer/fixer.sh

@@ -0,0 +1,490 @@
+#!/bin/bash
+
+# Copyright (c) 2024, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+set -e
+
+# Absolute path of the script and the tool's root directory
+script_path="$(realpath "$0")"
+tool_root_path="$(dirname "$script_path")"
+
+# Load common constants and utils
+source "$tool_root_path/Common/constants.sh"
+source "$tool_root_path/Common/utils.sh"
+
+# Force replace the existing privacy manifest when the `-f` option is enabled
+force=false
+
+# Enable silent mode to disable build output when the `-s` option is enabled
+silent=false
+
+# Parse command-line options
+while getopts ":fs" opt; do
+    case $opt in
+        f)
+            force=true
+            ;;
+        s)
+            silent=true
+            ;;
+        \?)
+            echo "Invalid option: -$OPTARG" >&2
+            exit 1
+            ;;
+    esac
+done
+
+shift $((OPTIND - 1))
+
+# Path of the app produced by the build process
+app_path="${TARGET_BUILD_DIR}/${WRAPPER_NAME}"
+
+# Check if the app exists
+if [ ! -d "$app_path" ] || [[ "$app_path" != *.app ]]; then
+    echo "Unable to find the app: $app_path"
+    exit 1
+fi
+
+# Check if the app is iOS or macOS
+is_ios_app=true
+frameworks_dir="$app_path/Frameworks"
+if [ -d "$app_path/Contents/MacOS" ]; then
+    is_ios_app=false
+    frameworks_dir="$app_path/Contents/Frameworks"
+fi
+
+# Default template directories
+templates_dir="$tool_root_path/Templates"
+user_templates_dir="$tool_root_path/Templates/UserTemplates"
+
+# Use user-defined app privacy manifest template if it exists, otherwise fallback to default
+app_template_file="$user_templates_dir/$APP_TEMPLATE_FILE_NAME"
+if [ ! -f "$app_template_file" ]; then
+    app_template_file="$templates_dir/$APP_TEMPLATE_FILE_NAME"
+fi
+
+# Use user-defined framework privacy manifest template if it exists, otherwise fallback to default
+framework_template_file="$user_templates_dir/$FRAMEWORK_TEMPLATE_FILE_NAME"
+if [ ! -f "$framework_template_file" ]; then
+    framework_template_file="$templates_dir/$FRAMEWORK_TEMPLATE_FILE_NAME"
+fi
+
+# Disable build output in silent mode
+if [ "$silent" == false ]; then
+    # Script used to generate the privacy access report
+    report_script="$tool_root_path/Report/report.sh"
+    # An array to record template usage for generating the privacy access report
+    template_usage_records=()
+    
+    # Build output directory
+    build_dir="$tool_root_path/Build/${PRODUCT_NAME}-${CONFIGURATION}_${MARKETING_VERSION}_${CURRENT_PROJECT_VERSION}_$(date +%Y%m%d%H%M%S)"
+    # Ensure the build directory exists
+    mkdir -p "$build_dir"
+
+    # Redirect both stdout and stderr to a log file while keeping console output
+    exec > >(tee "$build_dir/fix.log") 2>&1
+fi
+
+# Get the path to the `Info.plist` file for the specified app or framework
+function get_plist_file() {
+    local path="$1"
+    local version_path="$2"
+    local plist_file=""
+    
+    if [[ "$path" == *.app ]]; then
+        if [ "$is_ios_app" == true ]; then
+            plist_file="$path/Info.plist"
+        else
+            plist_file="$path/Contents/Info.plist"
+        fi
+    elif [[ "$path" == *.framework ]]; then
+        local framework_path="$(get_framework_path "$path" "$version_path")"
+        
+        if [ "$is_ios_app" == true ]; then
+            plist_file="$framework_path/Info.plist"
+        else
+            plist_file="$framework_path/Resources/Info.plist"
+        fi
+    fi
+    
+    echo "$plist_file"
+}
+
+# Get the path to the executable for the specified app or framework
+function get_executable_path() {
+    local path="$1"
+    local version_path="$2"
+    local executable_path=""
+    
+    local plist_file="$(get_plist_file "$path" "$version_path")"
+    local executable_name="$(get_plist_executable "$plist_file")"
+    
+    if [[ "$path" == *.app ]]; then
+        if [ "$is_ios_app" == true ]; then
+            executable_path="$path/$executable_name"
+        else
+            executable_path="$path/Contents/MacOS/$executable_name"
+        fi
+    elif [[ "$path" == *.framework ]]; then
+        local framework_path="$(get_framework_path "$path" "$version_path")"
+        executable_path="$framework_path/$executable_name"
+    fi
+    
+    echo "$executable_path"
+}
+
+# Analyze the specified binary file for API symbols and their categories
+function analyze_binary_file() {
+    local path="$1"
+    local -a results=()
+
+    # Check if the API symbol exists in the binary file using `nm` and `strings`
+    local nm_output=$(nm "$path" 2>/dev/null | xcrun swift-demangle)
+    local strings_output=$(strings "$path")
+    local combined_output="$nm_output"$'\n'"$strings_output"
+
+    for api_symbol in "${API_SYMBOLS[@]}"; do
+        local substrings=($(split_string_by_delimiter "$api_symbol"))
+        local category=${substrings[0]}
+        local api=${substrings[1]}
+
+        if echo "$combined_output" | grep -E "$api\$" >/dev/null; then
+            local index=-1
+            for ((i=0; i < ${#results[@]}; i++)); do
+                local result="${results[i]}"
+                local result_substrings=($(split_string_by_delimiter "$result"))
+                # If the category matches an existing result, update it
+                if [ "$category" == "${result_substrings[0]}" ]; then
+                    index=i
+                    results[i]="${result_substrings[0]}$DELIMITER${result_substrings[1]},$api$DELIMITER${result_substrings[2]}"
+                    break
+                fi
+            done
+
+            # If no matching category found, add a new result
+            if [[ $index -eq -1 ]]; then
+                results+=("$category$DELIMITER$api$DELIMITER$(encode_path "$path")")
+            fi
+        fi
+    done
+    
+    echo "${results[@]}"
+}
+
+# Analyze API usage in a binary file
+function analyze_api_usage() {
+    local path="$1"
+    local version_path="$2"
+    local -a results=()
+    
+    local binary_file="$(get_executable_path "$path" "$version_path")"
+    
+    if [ -f "$binary_file" ]; then
+        results+=($(analyze_binary_file "$binary_file"))
+    fi
+
+    echo "${results[@]}"
+}
+
+
+
+# Get unique categories from analysis results
+function get_categories() {
+    local results=("$@")
+    local -a categories=()
+    
+    for result in "${results[@]}"; do
+        local substrings=($(split_string_by_delimiter "$result"))
+        local category=${substrings[0]}
+        if [[ ! "${categories[@]}" =~ "$category" ]]; then
+            categories+=("$category")
+        fi
+    done
+    
+    echo "${categories[@]}"
+}
+
+# Get template file for the specified app or framework
+function get_template_file() {
+    local path="$1"
+    local version_path="$2"
+    local template_file=""
+    
+    if [[ "$path" == *.app ]]; then
+        template_file="$app_template_file"
+    else
+        # Give priority to the user-defined framework privacy manifest template
+        local dep_name="$(get_dependency_name "$path")"
+        if [ -n "$version_path" ]; then
+            dep_name="$dep_name.$(basename "$version_path")"
+        fi
+        
+        local dep_template_file="$user_templates_dir/${dep_name}.xcprivacy"
+        if [ -f "$dep_template_file" ]; then
+            template_file="$dep_template_file"
+        else
+            template_file="$framework_template_file"
+        fi
+    fi
+    
+    echo "$template_file"
+}
+
+# Check if the specified template file should be modified
+#
+# The following template files will be modified based on analysis:
+# * Templates/AppTemplate.xcprivacy
+# * Templates/FrameworkTemplate.xcprivacy
+# * Templates/UserTemplates/FrameworkTemplate.xcprivacy
+function is_template_modifiable() {
+    local template_file="$1"
+    
+    local template_file_name="$(basename "$template_file")"
+
+    if [[ "$template_file" != "$user_templates_dir"* ]] || [ "$template_file_name" == "$FRAMEWORK_TEMPLATE_FILE_NAME" ]; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+# Check if `Hardened Runtime` is enabled for the specified path
+function is_hardened_runtime_enabled() {
+    local path="$1"
+
+    # Check environment variable first
+    if [ "${ENABLE_HARDENED_RUNTIME:-}" == "YES" ]; then
+        return 0
+    fi
+
+    # Check the code signature flags if environment variable is not set
+    local flags=$(codesign -dvvv "$path" 2>&1 | grep "flags=")
+    if echo "$flags" | grep -q "runtime"; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+# Re-sign the target app or framework if code signing is enabled
+function resign() {
+    local path="$1"
+
+    if [ -n "${EXPANDED_CODE_SIGN_IDENTITY:-}" ] && [ "${CODE_SIGNING_REQUIRED:-}" != "NO" ] && [ "${CODE_SIGNING_ALLOWED:-}" != "NO" ]; then
+        echo "Re-signing $path with Identity ${EXPANDED_CODE_SIGN_IDENTITY_NAME:-$EXPANDED_CODE_SIGN_IDENTITY}"
+
+        local codesign_cmd="/usr/bin/codesign --force --sign ${EXPANDED_CODE_SIGN_IDENTITY} ${OTHER_CODE_SIGN_FLAGS:-} --preserve-metadata=identifier,entitlements"
+
+        if [ "$is_ios_app" == true ]; then
+            $codesign_cmd "$path"
+        else
+            if is_hardened_runtime_enabled "$path"; then
+                codesign_cmd="$codesign_cmd -o runtime"
+            fi
+            
+            if [ -d "$path/Contents/MacOS" ]; then
+                find "$path/Contents/MacOS" -type f -name "*.dylib" | while read -r dylib_file; do
+                    $codesign_cmd "$dylib_file"
+                done
+            fi
+            
+            $codesign_cmd "$path"
+        fi
+    fi
+}
+
+# Fix the privacy manifest for the app or specified framework
+# To accelerate the build, existing privacy manifests will be left unchanged unless the `-f` option is enabled
+# After fixing, the app or framework will be automatically re-signed
+function fix() {
+    local path="$1"
+    local version_path="$2"
+    local force_resign="$3"
+    local privacy_manifest_file=""
+    
+    if [[ "$path" == *.app ]]; then
+        # Per the documentation, the privacy manifest should be placed at the root of the app’s bundle for iOS, while for macOS, it should be located in `Contents/Resources/` within the app’s bundle
+        # Reference: https://developer.apple.com/documentation/bundleresources/adding-a-privacy-manifest-to-your-app-or-third-party-sdk#Add-a-privacy-manifest-to-your-app
+        if [ "$is_ios_app" == true ]; then
+            privacy_manifest_file="$path/$PRIVACY_MANIFEST_FILE_NAME"
+        else
+            privacy_manifest_file="$path/Contents/Resources/$PRIVACY_MANIFEST_FILE_NAME"
+        fi
+    else
+        # Per the documentation, the privacy manifest should be placed at the root of the iOS framework, while for a macOS framework with multiple versions, it should be located in the `Resources` directory within the corresponding version
+        # Some SDKs don’t follow the guideline, so we use a search-based approach for now
+        # Reference: https://developer.apple.com/documentation/bundleresources/adding-a-privacy-manifest-to-your-app-or-third-party-sdk#Add-a-privacy-manifest-to-your-framework
+        local framework_path="$(get_framework_path "$path" "$version_path")"
+        local privacy_manifest_files=($(search_privacy_manifest_files "$framework_path"))
+        privacy_manifest_file="$(get_privacy_manifest_file "${privacy_manifest_files[@]}")"
+        
+        if [ -z "$privacy_manifest_file" ]; then
+            if [ "$is_ios_app" == true ]; then
+                privacy_manifest_file="$framework_path/$PRIVACY_MANIFEST_FILE_NAME"
+            else
+                privacy_manifest_file="$framework_path/Resources/$PRIVACY_MANIFEST_FILE_NAME"
+            fi
+        fi
+    fi
+    
+    # Check if the privacy manifest file exists
+    if [ -f "$privacy_manifest_file" ]; then
+        echo "💡 Found privacy manifest file: $privacy_manifest_file"
+        
+        if [ "$force" == false ]; then
+            if [ "$force_resign" == true ]; then
+                resign "$path"
+            fi
+            echo "✅ Privacy manifest file already exists, skipping fix."
+            return
+        fi
+    else
+        echo "⚠️  Missing privacy manifest file!"
+    fi
+    
+    local results=($(analyze_api_usage "$path" "$version_path"))
+    echo "API usage analysis result(s): ${#results[@]}"
+    print_array "${results[@]}"
+    
+    local template_file="$(get_template_file "$path" "$version_path")"
+    template_usage_records+=("$(basename "$path")$version_path$DELIMITER$template_file")
+    
+    # Copy the template file to the privacy manifest location, overwriting if it exists
+    cp "$template_file" "$privacy_manifest_file"
+    
+    if is_template_modifiable "$template_file"; then
+        local categories=($(get_categories "${results[@]}"))
+        local remove_categories=()
+        
+        # Check if categories is non-empty
+        if [[ ${#categories[@]} -gt 0 ]]; then
+            # Convert categories to a single space-separated string for easy matching
+            local categories_set=" ${categories[*]} "
+            
+            # Iterate through each element in `API_CATEGORIES`
+            for element in "${API_CATEGORIES[@]}"; do
+                # If element is not found in `categories_set`, add it to `remove_categories`
+                if [[ ! $categories_set =~ " $element " ]]; then
+                    remove_categories+=("$element")
+                fi
+            done
+        else
+            # If categories is empty, add all of `API_CATEGORIES` to `remove_categories`
+            remove_categories=("${API_CATEGORIES[@]}")
+        fi
+
+        # Remove extra spaces in the XML file to simplify node removal
+        xmllint --noblanks "$privacy_manifest_file" -o "$privacy_manifest_file"
+
+        # Build a sed command to remove all matching nodes at once
+        local sed_pattern=""
+        for category in "${remove_categories[@]}"; do
+            # Find the node for the current category
+            local remove_node="$(xmllint --xpath "//dict[string='$category']" "$privacy_manifest_file" 2>/dev/null || true)"
+            
+            # If the node is found, escape special characters and append it to the sed pattern
+            if [ -n "$remove_node" ]; then
+                local escaped_node=$(echo "$remove_node" | sed 's/[\/&]/\\&/g')
+                sed_pattern+="s/$escaped_node//g;"
+            fi
+        done
+
+        # Apply the combined sed pattern to the file if it's not empty
+        if [ -n "$sed_pattern" ]; then
+            sed -i "" "$sed_pattern" "$privacy_manifest_file"
+        fi
+
+        # Reformat the XML file to restore spaces for readability
+        xmllint --format "$privacy_manifest_file" -o "$privacy_manifest_file"
+    fi
+    
+    resign "$path"
+    
+    echo "✅ Privacy manifest file fixed: $privacy_manifest_file."
+}
+
+# Fix privacy manifests for all frameworks
+function fix_frameworks() {
+    if ! [ -d "$frameworks_dir" ]; then
+        return
+    fi
+    
+    echo "🛠️ Fixing Frameworks..."
+    for path in "$frameworks_dir"/*; do
+        if [ -d "$path" ]; then
+            local dep_name="$(get_dependency_name "$path")"
+            local versions_dir="$path/Versions"
+            
+            if [ -d "$versions_dir" ]; then
+                for version in $(ls -1 "$versions_dir" | grep -vE '^Current$'); do
+                    local version_path="Versions/$version"
+                    echo "Analyzing $dep_name ($version_path) ..."
+                    fix "$path" "$version_path" false
+                    echo ""
+                done
+            else
+                echo "Analyzing $dep_name ..."
+                fix "$path" "" false
+                echo ""
+            fi
+        fi
+    done
+}
+
+# Fix the privacy manifest for the app
+function fix_app() {
+    echo "🛠️ Fixing $(basename "$app_path" .app) App..."
+    # Since the framework may have undergone fixes, the app must be forcefully re-signed
+    fix "$app_path" "" true
+    echo ""
+}
+
+# Generate the privacy access report for the app
+function generate_report() {
+    local original="$1"
+    
+    if [ "$silent" == true ]; then
+        return
+    fi
+
+    local app_name="$(basename "$app_path")"
+    local name="${app_name%.*}"
+    local report_name=""
+
+    # Adjust output names if the app is flagged as original
+    if [ "$original" == true ]; then
+        app_name="${name}-original.app"
+        report_name="report-original.html"
+    else
+        app_name="$name.app"
+        report_name="report.html"
+    fi
+    
+    local target_app_path="$build_dir/$app_name"
+    local report_path="$build_dir/$report_name"
+    
+    echo "Copy app to $target_app_path"
+    rsync -a "$app_path/" "$target_app_path/"
+    
+    # Generate the privacy access report using the script
+    sh "$report_script" "$target_app_path" "$report_path" "${template_usage_records[@]}"
+    echo ""
+}
+
+start_time=$(date +%s)
+
+generate_report true
+fix_frameworks
+fix_app
+generate_report false
+
+end_time=$(date +%s)
+
+echo "🎉 All fixed! ⏰ $((end_time - start_time)) seconds"
+echo "🌟 If you found this script helpful, please consider giving it a star on GitHub. Your support is appreciated. Thank you!"
+echo "🔗 Homepage: https://github.com/crasowas/app_privacy_manifest_fixer"
+echo "🐛 Report issues: https://github.com/crasowas/app_privacy_manifest_fixer/issues"

ios/App/app_privacy_manifest_fixer/install.sh

@@ -0,0 +1,71 @@
+#!/bin/bash
+
+# Copyright (c) 2024, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+set -e
+
+# Check if at least one argument (project_path) is provided
+if [[ "$#" -lt 1 ]]; then
+    echo "Usage: $0 <project_path> [options...]"
+    exit 1
+fi
+
+project_path="$1"
+
+shift
+
+options=()
+install_builds_only=false
+
+# Check if the `--install-builds-only` option is provided and separate it from other options
+for arg in "$@"; do
+  if [ "$arg" == "--install-builds-only" ]; then
+    install_builds_only=true
+  else
+    options+=("$arg")
+  fi
+done
+
+# Verify Ruby installation
+if ! command -v ruby &>/dev/null; then
+    echo "Ruby is not installed. Please install Ruby and try again."
+    exit 1
+fi
+
+# Check if xcodeproj gem is installed
+if ! gem list -i xcodeproj &>/dev/null; then
+    echo "The 'xcodeproj' gem is not installed."
+    read -p "Would you like to install it now? [Y/n] " response
+    if [[ "$response" =~ ^[Nn]$ ]]; then
+        echo "Please install 'xcodeproj' manually and re-run the script."
+        exit 1
+    fi
+    gem install xcodeproj || { echo "Failed to install 'xcodeproj'."; exit 1; }
+fi
+
+# Convert project path to an absolute path if it is relative
+if [[ ! "$project_path" = /* ]]; then
+    project_path="$(realpath "$project_path")"
+fi
+
+# Absolute path of the script and the tool's root directory
+script_path="$(realpath "$0")"
+tool_root_path="$(dirname "$script_path")"
+
+tool_portable_path="$tool_root_path"
+# If the tool's root directory is inside the project path, make the path portable
+if [[ "$tool_root_path" == "$project_path"* ]]; then
+    # Extract the path of the tool's root directory relative to the project path
+    tool_relative_path="${tool_root_path#$project_path}"
+    # Formulate a portable path using the `PROJECT_DIR` environment variable provided by Xcode
+    tool_portable_path="\${PROJECT_DIR}${tool_relative_path}"
+fi
+
+run_script_content="\"$tool_portable_path/fixer.sh\" ${options[@]}"
+
+# Execute the Ruby helper script
+ruby "$tool_root_path/Helper/xcode_install_helper.rb" "$project_path" "$run_script_content" "$install_builds_only"

ios/App/app_privacy_manifest_fixer/uninstall.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+
+# Copyright (c) 2024, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+set -e
+
+# Check if the project path is provided
+if [[ $# -eq 0 ]]; then
+    echo "Usage: $0 <project_path>"
+    exit 1
+fi
+
+project_path="$1"
+
+# Verify Ruby installation
+if ! command -v ruby &>/dev/null; then
+    echo "Ruby is not installed. Please install Ruby and try again."
+    exit 1
+fi
+
+# Check if xcodeproj gem is installed
+if ! gem list -i xcodeproj &>/dev/null; then
+    echo "The 'xcodeproj' gem is not installed."
+    read -p "Would you like to install it now? [Y/n] " response
+    if [[ "$response" =~ ^[Nn]$ ]]; then
+        echo "Please install 'xcodeproj' manually and re-run the script."
+        exit 1
+    fi
+    gem install xcodeproj || { echo "Failed to install 'xcodeproj'."; exit 1; }
+fi
+
+# Convert project path to an absolute path if it is relative
+if [[ ! "$project_path" = /* ]]; then
+    project_path="$(realpath "$project_path")"
+fi
+
+# Absolute path of the script and the tool's root directory
+script_path="$(realpath "$0")"
+tool_root_path="$(dirname "$script_path")"
+
+# Execute the Ruby helper script
+ruby "$tool_root_path/Helper/xcode_uninstall_helper.rb" "$project_path"

ios/App/app_privacy_manifest_fixer/upgrade.sh

@@ -0,0 +1,108 @@
+#!/bin/bash
+
+# Copyright (c) 2024, crasowas.
+#
+# Use of this source code is governed by a MIT-style license
+# that can be found in the LICENSE file or at
+# https://opensource.org/licenses/MIT.
+
+set -e
+
+# Absolute path of the script and the tool's root directory
+script_path="$(realpath "$0")"
+tool_root_path="$(dirname "$script_path")"
+
+# Repository details
+readonly REPO_OWNER="crasowas"
+readonly REPO_NAME="app_privacy_manifest_fixer"
+
+# URL to fetch the latest release information
+readonly LATEST_RELEASE_URL="https://api.github.com/repos/$REPO_OWNER/$REPO_NAME/releases/latest"
+
+# Fetch the release information from GitHub API
+release_info=$(curl -s "$LATEST_RELEASE_URL")
+
+# Extract the latest release version, download URL, and published time
+latest_version=$(echo "$release_info" | grep -o '"tag_name": "[^"]*' | sed 's/"tag_name": "//')
+download_url=$(echo "$release_info" | grep -o '"zipball_url": "[^"]*' | sed 's/"zipball_url": "//')
+published_time=$(echo "$release_info" | grep -o '"published_at": "[^"]*' | sed 's/"published_at": "//')
+
+# Ensure the latest version, download URL, and published time are successfully retrieved
+if [ -z "$latest_version" ] || [ -z "$download_url" ]  || [ -z "$published_time" ]; then
+    echo "Unable to fetch the latest release information."
+    echo "Request URL: $LATEST_RELEASE_URL"
+    echo "Response Data: $release_info"
+    exit 1
+fi
+
+# Convert UTC time to local time
+published_time=$(TZ=UTC date -j -f "%Y-%m-%dT%H:%M:%SZ" "$published_time" +"%s" | xargs -I{} date -j -r {} +"%Y-%m-%d %H:%M:%S %z")
+
+# Read the current tool's version from the VERSION file
+tool_version_file="$tool_root_path/VERSION"
+if [ ! -f "$tool_version_file" ]; then
+    echo "VERSION file not found."
+    exit 1
+fi
+
+local_version="$(cat "$tool_version_file")"
+
+# Skip upgrade if the current version is already the latest
+if [ "$local_version" == "$latest_version" ]; then
+    echo "Version $latest_version • $published_time"
+    echo "Already up-to-date."
+    exit 0
+fi
+
+# Create a temporary directory for downloading the release
+temp_dir=$(mktemp -d)
+trap "rm -rf $temp_dir" EXIT
+
+download_file_name="latest-release.tar.gz"
+
+# Download the latest release archive
+echo "Downloading version $latest_version..."
+curl -L "$download_url" -o "$temp_dir/$download_file_name"
+
+# Check if the download was successful
+if [ $? -ne 0 ]; then
+    echo "Download failed, please check your network connection and try again."
+    exit 1
+fi
+
+# Extract the downloaded release archive
+echo "Extracting files..."
+tar -xzf "$temp_dir/$download_file_name" -C "$temp_dir"
+
+# Find the extracted release
+extracted_release_path=$(find "$temp_dir" -mindepth 1 -maxdepth 1 -type d -name "*$REPO_NAME*" | head -n 1)
+
+# Verify that an extracted release was found
+if [ -z "$extracted_release_path" ]; then
+    echo "No extracted release found for the latest version."
+    exit 1
+fi
+
+user_templates_dir="$tool_root_path/Templates/UserTemplates"
+user_templates_backup_dir="$temp_dir/Templates/UserTemplates"
+
+# Backup the user templates directory if it exists
+if [ -d "$user_templates_dir" ]; then
+    echo "Backing up user templates..."
+    mkdir -p "$user_templates_backup_dir"
+    rsync -a --exclude='.*' "$user_templates_dir/" "$user_templates_backup_dir/"
+fi
+
+# Replace old version files with the new version files
+echo "Replacing old version files..."
+rsync -a --delete "$extracted_release_path/" "$tool_root_path/"
+
+# Restore the user templates from the backup
+if [ -d "$user_templates_backup_dir" ]; then
+    echo "Restoring user templates..."
+    rsync -a --exclude='.*' "$user_templates_backup_dir/" "$user_templates_dir/"
+fi
+
+# Upgrade complete
+echo "Version $latest_version • $published_time"
+echo "Upgrade completed successfully!"

main.js

@@ -1,29 +0,0 @@
-const { app, BrowserWindow } = require('electron');
-const path = require('path');
-
-function createWindow() {
-  const win = new BrowserWindow({
-    width: 1200,
-    height: 800,
-    webPreferences: {
-      nodeIntegration: true,
-      contextIsolation: false
-    }
-  });
-
-  win.loadFile(path.join(__dirname, 'dist-electron/www/index.html'));
-}
-
-app.whenReady().then(createWindow);
-
-app.on('window-all-closed', () => {
-  if (process.platform !== 'darwin') {
-    app.quit();
-  }
-});
-
-app.on('activate', () => {
-  if (BrowserWindow.getAllWindows().length === 0) {
-    createWindow();
-  }
-}); 

package.json

@@ -11,7 +11,7 @@
     "build": "VITE_GIT_HASH=`git log -1 --pretty=format:%h` vite build --config vite.config.mts",
     "lint": "eslint --ext .js,.ts,.vue --ignore-path .gitignore src",
     "lint-fix": "eslint --ext .js,.ts,.vue --ignore-path .gitignore --fix src",
-    "prebuild": "eslint --ext .js,.ts,.vue --ignore-path .gitignore src && node sw_combine.js",
+    "prebuild": "eslint --ext .js,.ts,.vue --ignore-path .gitignore src && node sw_combine.js && node scripts/copy-wasm.js",
     "test:all": "npm run test:prerequisites && npm run build && npm run test:web && npm run test:mobile",
     "test:prerequisites": "node scripts/check-prerequisites.js",
     "test:web": "npx playwright test -c playwright.config-local.ts --trace on",
@@ -46,6 +46,7 @@
     "electron:build-mac-universal": "npm run build:electron-prod && electron-builder --mac --universal"
   },
   "dependencies": {
+    "@capacitor-community/sqlite": "6.0.0",
     "@capacitor-mlkit/barcode-scanning": "^6.0.0",
     "@capacitor/android": "^6.2.0",
     "@capacitor/app": "^6.0.0",
@@ -63,6 +64,7 @@
     "@fortawesome/fontawesome-svg-core": "^6.5.1",
     "@fortawesome/free-solid-svg-icons": "^6.5.1",
     "@fortawesome/vue-fontawesome": "^3.0.6",
+    "@jlongster/sql.js": "^1.6.7",
     "@peculiar/asn1-ecc": "^2.3.8",
     "@peculiar/asn1-schema": "^2.3.8",
     "@pvermeer/dexie-encrypted-addon": "^3.0.0",
@@ -81,6 +83,7 @@
     "@vue-leaflet/vue-leaflet": "^0.10.1",
     "@vueuse/core": "^12.3.0",
     "@zxing/text-encoding": "^0.9.0",
+    "absurd-sql": "^0.0.54",
     "asn1-ber": "^1.2.2",
     "axios": "^1.6.8",
     "cbor-x": "^1.5.9",
@@ -113,6 +116,7 @@
     "reflect-metadata": "^0.1.14",
     "register-service-worker": "^1.7.2",
     "simple-vue-camera": "^1.1.3",
+    "sqlite": "^5.1.1",
     "sqlite3": "^5.1.7",
     "stream-browserify": "^3.0.0",
     "three": "^0.156.1",
@@ -144,7 +148,9 @@
     "@vitejs/plugin-vue": "^5.2.1",
     "@vue/eslint-config-typescript": "^11.0.3",
     "autoprefixer": "^10.4.19",
+    "browserify-fs": "^1.0.0",
     "concurrently": "^8.2.2",
+    "crypto-browserify": "^3.12.1",
     "electron": "^33.2.1",
     "electron-builder": "^25.1.8",
     "eslint": "^8.57.0",
@@ -155,12 +161,14 @@
     "markdownlint": "^0.37.4",
     "markdownlint-cli": "^0.44.0",
     "npm-check-updates": "^17.1.13",
+    "path-browserify": "^1.0.1",
     "postcss": "^8.4.38",
     "prettier": "^3.2.5",
     "rimraf": "^6.0.1",
     "tailwindcss": "^3.4.1",
     "typescript": "~5.2.2",
     "vite": "^5.2.0",
+    "vite-plugin-node-polyfills": "^0.23.0",
     "vite-plugin-pwa": "^0.19.8"
   },
   "main": "./dist-electron/main.js",

scripts/copy-wasm.js

@@ -0,0 +1,15 @@
+const fs = require('fs');
+const path = require('path');
+
+// Create public/wasm directory if it doesn't exist
+const wasmDir = path.join(__dirname, '../public/wasm');
+if (!fs.existsSync(wasmDir)) {
+  fs.mkdirSync(wasmDir, { recursive: true });
+}
+
+// Copy the WASM file from node_modules to public/wasm
+const sourceFile = path.join(__dirname, '../node_modules/@jlongster/sql.js/dist/sql-wasm.wasm');
+const targetFile = path.join(wasmDir, 'sql-wasm.wasm');
+
+fs.copyFileSync(sourceFile, targetFile);
+console.log('WASM file copied successfully!'); 

src/components/DataExportSection.vue

@@ -131,7 +131,20 @@ export default class DataExportSection extends Vue {
    */
   public async exportDatabase() {
     try {
-      const blob = await db.export({ prettyJson: true });
+      const blob = await db.export({
+        prettyJson: true,
+        transform: (table, value, key) => {
+          if (table === "contacts") {
+            // Dexie inserts a number 0 when some are undefined, so we need to totally remove them.
+            Object.keys(value).forEach((prop) => {
+              if (value[prop] === undefined) {
+                delete value[prop];
+              }
+            });
+          }
+          return { value, key };
+        },
+      });
       const fileName = `${db.name}-backup.json`;
 
       if (this.platformCapabilities.hasFileDownload) {
@@ -155,7 +168,7 @@ export default class DataExportSection extends Vue {
           title: "Export Successful",
           text: this.platformCapabilities.hasFileDownload
             ? "See your downloads directory for the backup. It is in the Dexie format."
-            : "Please choose a location to save your backup file.",
+            : "You should have been prompted to save your backup file.",
         },
         -1,
       );

src/components/FeedFilters.vue

@@ -99,8 +99,6 @@ import {
   LTileLayer,
 } from "@vue-leaflet/vue-leaflet";
 import { Router } from "vue-router";
-import { MASTER_SETTINGS_KEY } from "../db/tables/settings";
-import { db, retrieveSettingsForActiveAccount } from "../db/index";
 
 @Component({
   components: {
@@ -122,7 +120,8 @@ export default class FeedFilters extends Vue {
   async open(onCloseIfChanged: () => void) {
     this.onCloseIfChanged = onCloseIfChanged;
 
-    const settings = await retrieveSettingsForActiveAccount();
+    const platform = this.$platform;
+    const settings = await platform.getActiveAccountSettings();
     this.hasVisibleDid = !!settings.filterFeedByVisible;
     this.isNearby = !!settings.filterFeedByNearby;
     if (settings.searchBoxes && settings.searchBoxes.length > 0) {
@@ -136,7 +135,8 @@ export default class FeedFilters extends Vue {
   async toggleHasVisibleDid() {
     this.settingChanged = true;
     this.hasVisibleDid = !this.hasVisibleDid;
-    await db.settings.update(MASTER_SETTINGS_KEY, {
+    const platform = this.$platform;
+    await platform.updateMasterSettings({
       filterFeedByVisible: this.hasVisibleDid,
     });
   }
@@ -144,7 +144,8 @@ export default class FeedFilters extends Vue {
   async toggleNearby() {
     this.settingChanged = true;
     this.isNearby = !this.isNearby;
-    await db.settings.update(MASTER_SETTINGS_KEY, {
+    const platform = this.$platform;
+    await platform.updateMasterSettings({
       filterFeedByNearby: this.isNearby,
     });
   }
@@ -154,7 +155,8 @@ export default class FeedFilters extends Vue {
       this.settingChanged = true;
     }
 
-    await db.settings.update(MASTER_SETTINGS_KEY, {
+    const platform = this.$platform;
+    await platform.updateMasterSettings({
       filterFeedByNearby: false,
       filterFeedByVisible: false,
     });
@@ -168,7 +170,8 @@ export default class FeedFilters extends Vue {
       this.settingChanged = true;
     }
 
-    await db.settings.update(MASTER_SETTINGS_KEY, {
+    const platform = this.$platform;
+    await platform.updateMasterSettings({
       filterFeedByNearby: true,
       filterFeedByVisible: true,
     });

src/components/ImageMethodDialog.vue

@@ -16,6 +16,36 @@
         </div>
       </div>
 
+      <!-- FEEDBACK: Show if camera preview is not visible after mounting -->
+      <div
+        v-if="!showCameraPreview && !blob && isRegistered"
+        class="bg-red-100 text-red-700 border border-red-400 rounded px-4 py-3 my-4 text-sm"
+      >
+        <strong>Camera preview not started.</strong>
+        <div v-if="cameraState === 'off'">
+          <span v-if="platformCapabilities.isMobile">
+            <b>Note:</b> This mobile browser may not support direct camera
+            access, or the app is treating it as a native app.<br />
+            <b>Tip:</b> Try using a desktop browser, or check if your browser
+            supports camera access for web apps.<br />
+            <b>Developer:</b> The platform detection logic may be skipping
+            camera preview for mobile browsers. <br />
+            <b>Action:</b> Review <code>platformCapabilities.isMobile</code> and
+            ensure web browsers on mobile are not treated as native apps.
+          </span>
+          <span v-else>
+            <b>Tip:</b> Your browser supports camera APIs, but the preview did
+            not start. Try refreshing the page or checking browser permissions.
+          </span>
+        </div>
+        <div v-else-if="cameraState === 'error'">
+          <b>Error:</b> {{ error || cameraStateMessage }}
+        </div>
+        <div v-else>
+          <b>Status:</b> {{ cameraStateMessage || "Unknown reason." }}
+        </div>
+      </div>
+
       <div class="mt-4">
         <template v-if="isRegistered">
           <div v-if="!blob">
@@ -30,6 +60,57 @@
               v-if="showCameraPreview"
               class="camera-preview relative flex bg-black overflow-hidden mb-4"
             >
+              <!-- Diagnostic Panel -->
+              <div
+                v-if="showDiagnostics"
+                class="absolute top-0 left-0 right-0 bg-black/80 text-white text-xs p-2 pt-8 z-20 overflow-auto max-h-[50vh]"
+              >
+                <div class="grid grid-cols-2 gap-2">
+                  <div>
+                    <p><strong>Camera State:</strong> {{ cameraState }}</p>
+                    <p>
+                      <strong>State Message:</strong>
+                      {{ cameraStateMessage || "None" }}
+                    </p>
+                    <p><strong>Error:</strong> {{ error || "None" }}</p>
+                    <p>
+                      <strong>Preview Active:</strong>
+                      {{ showCameraPreview ? "Yes" : "No" }}
+                    </p>
+                    <p>
+                      <strong>Stream Active:</strong>
+                      {{ !!cameraStream ? "Yes" : "No" }}
+                    </p>
+                  </div>
+                  <div>
+                    <p><strong>Browser:</strong> {{ userAgent }}</p>
+                    <p>
+                      <strong>HTTPS:</strong>
+                      {{ isSecureContext ? "Yes" : "No" }}
+                    </p>
+                    <p>
+                      <strong>MediaDevices:</strong>
+                      {{ hasMediaDevices ? "Yes" : "No" }}
+                    </p>
+                    <p>
+                      <strong>GetUserMedia:</strong>
+                      {{ hasGetUserMedia ? "Yes" : "No" }}
+                    </p>
+                    <p>
+                      <strong>Platform:</strong>
+                      {{ platformCapabilities.isMobile ? "Mobile" : "Desktop" }}
+                    </p>
+                  </div>
+                </div>
+              </div>
+
+              <!-- Toggle Diagnostics Button -->
+              <button
+                class="absolute top-2 right-2 bg-black/50 text-white px-2 py-1 rounded text-xs z-30"
+                @click="toggleDiagnostics"
+              >
+                {{ showDiagnostics ? "Hide Diagnostics" : "Show Diagnostics" }}
+              </button>
               <div class="camera-container w-full h-full relative">
                 <video
                   ref="videoElement"
@@ -104,14 +185,14 @@
                     dragMode: 'crop',
                     aspectRatio: 1 / 1,
                   }"
-                  class="max-h-[90vh] max-w-[90vw] object-contain"
+                  class="max-h-[50vh] max-w-[90vw] object-contain"
                 />
               </div>
               <div v-else>
                 <div class="flex justify-center">
                   <img
                     :src="createBlobURL(blob)"
-                    class="mt-2 rounded max-h-[90vh] max-w-[90vw] object-contain"
+                    class="mt-2 rounded max-h-[50vh] max-w-[90vw] object-contain"
                   />
                 </div>
               </div>
@@ -227,12 +308,31 @@ export default class ImageMethodDialog extends Vue {
 
   private platformCapabilities = this.platformService.getCapabilities();
 
+  // Add diagnostic properties
+  showDiagnostics = false;
+  userAgent = navigator.userAgent;
+  isSecureContext = window.isSecureContext;
+  hasMediaDevices = !!navigator.mediaDevices;
+  hasGetUserMedia = !!(
+    navigator.mediaDevices && navigator.mediaDevices.getUserMedia
+  );
+  cameraState:
+    | "off"
+    | "initializing"
+    | "ready"
+    | "active"
+    | "error"
+    | "permission_denied"
+    | "not_found"
+    | "in_use" = "off";
+  cameraStateMessage?: string;
+  error: string | null = null;
+
   /**
    * Lifecycle hook: Initializes component and retrieves user settings
    * @throws {Error} When settings retrieval fails
    */
   async mounted() {
-    console.log("ImageMethodDialog mounted");
     try {
       const settings = await retrieveSettingsForActiveAccount();
       this.activeDid = settings.activeDid || "";
@@ -267,7 +367,7 @@ export default class ImageMethodDialog extends Vue {
     this.visible = true;
 
     // Start camera preview immediately if not on mobile
-    if (!this.platformCapabilities.isMobile) {
+    if (!this.platformCapabilities.isNativeApp) {
       this.startCameraPreview();
     }
   }
@@ -339,14 +439,23 @@ export default class ImageMethodDialog extends Vue {
     logger.debug("Current showCameraPreview state:", this.showCameraPreview);
     logger.debug("Platform capabilities:", this.platformCapabilities);
 
-    if (this.platformCapabilities.isMobile) {
+    if (this.platformCapabilities.isNativeApp) {
       logger.debug("Using platform service for mobile device");
+      this.cameraState = "initializing";
+      this.cameraStateMessage = "Using platform camera service...";
       try {
         const result = await this.platformService.takePicture();
         this.blob = result.blob;
         this.fileName = result.fileName;
+        this.cameraState = "ready";
+        this.cameraStateMessage = "Photo captured successfully";
       } catch (error) {
         logger.error("Error taking picture:", error);
+        this.cameraState = "error";
+        this.cameraStateMessage =
+          error instanceof Error ? error.message : "Failed to take picture";
+        this.error =
+          error instanceof Error ? error.message : "Failed to take picture";
         this.$notify(
           {
             group: "alert",
@@ -362,13 +471,18 @@ export default class ImageMethodDialog extends Vue {
 
     logger.debug("Starting camera preview for desktop browser");
     try {
+      this.cameraState = "initializing";
+      this.cameraStateMessage = "Requesting camera access...";
       this.showCameraPreview = true;
       await this.$nextTick();
 
       const stream = await navigator.mediaDevices.getUserMedia({
         video: { facingMode: "environment" },
       });
+      logger.debug("Camera access granted");
       this.cameraStream = stream;
+      this.cameraState = "active";
+      this.cameraStateMessage = "Camera is active";
 
       await this.$nextTick();
 
@@ -385,12 +499,30 @@ export default class ImageMethodDialog extends Vue {
       }
     } catch (error) {
       logger.error("Error starting camera preview:", error);
+      let errorMessage =
+        error instanceof Error ? error.message : "Failed to access camera";
+      if (
+        error.name === "NotReadableError" ||
+        error.name === "TrackStartError"
+      ) {
+        errorMessage =
+          "Camera is in use by another application. Please close any other apps or browser tabs using the camera and try again.";
+      } else if (
+        error.name === "NotAllowedError" ||
+        error.name === "PermissionDeniedError"
+      ) {
+        errorMessage =
+          "Camera access was denied. Please allow camera access in your browser settings.";
+      }
+      this.cameraState = "error";
+      this.cameraStateMessage = errorMessage;
+      this.error = errorMessage;
       this.$notify(
         {
           group: "alert",
           type: "danger",
           title: "Error",
-          text: "Failed to access camera. Please try again.",
+          text: errorMessage,
         },
         5000,
       );
@@ -404,6 +536,9 @@ export default class ImageMethodDialog extends Vue {
       this.cameraStream = null;
     }
     this.showCameraPreview = false;
+    this.cameraState = "off";
+    this.cameraStateMessage = "Camera stopped";
+    this.error = null;
   }
 
   async capturePhoto() {
@@ -449,7 +584,7 @@ export default class ImageMethodDialog extends Vue {
 
   async retryImage() {
     this.blob = undefined;
-    if (!this.platformCapabilities.isMobile) {
+    if (!this.platformCapabilities.isNativeApp) {
       await this.startCameraPreview();
     }
   }
@@ -533,6 +668,11 @@ export default class ImageMethodDialog extends Vue {
       this.blob = undefined;
     }
   }
+
+  // Add toggle method
+  toggleDiagnostics() {
+    this.showDiagnostics = !this.showDiagnostics;
+  }
 }
 </script>
 
@@ -562,4 +702,11 @@ export default class ImageMethodDialog extends Vue {
   display: flex;
   flex-direction: column;
 }
+
+/* Add styles for diagnostic panel */
+.diagnostic-panel {
+  font-family: monospace;
+  white-space: pre-wrap;
+  word-break: break-all;
+}
 </style>

src/db-sql/migration.ts

@@ -0,0 +1,106 @@
+import migrationService from "../services/migrationService";
+import type { QueryExecResult, SqlValue } from "../interfaces/database";
+
+// Each migration can include multiple SQL statements (with semicolons)
+const MIGRATIONS = [
+  {
+    name: "001_initial",
+    // see ../db/tables files for explanations of the fields
+    sql: `
+      CREATE TABLE IF NOT EXISTS accounts (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        dateCreated TEXT NOT NULL,
+        derivationPath TEXT,
+        did TEXT NOT NULL,
+        identity TEXT,
+        mnemonic TEXT,
+        passkeyCredIdHex TEXT,
+        publicKeyHex TEXT NOT NULL
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_accounts_did ON accounts(did);
+
+      CREATE TABLE IF NOT EXISTS secret (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        secret TEXT NOT NULL
+      );
+
+      CREATE TABLE IF NOT EXISTS settings (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        accountDid TEXT,
+        activeDid TEXT,
+        apiServer TEXT,
+        filterFeedByNearby BOOLEAN,
+        filterFeedByVisible BOOLEAN,
+        finishedOnboarding BOOLEAN,
+        firstName TEXT,
+        hideRegisterPromptOnNewContact BOOLEAN,
+        isRegistered BOOLEAN,
+        lastName TEXT,
+        lastAckedOfferToUserJwtId TEXT,
+        lastAckedOfferToUserProjectsJwtId TEXT,
+        lastNotifiedClaimId TEXT,
+        lastViewedClaimId TEXT,
+        notifyingNewActivityTime TEXT,
+        notifyingReminderMessage TEXT,
+        notifyingReminderTime TEXT,
+        partnerApiServer TEXT,
+        passkeyExpirationMinutes INTEGER,
+        profileImageUrl TEXT,
+        searchBoxes TEXT, -- Stored as JSON string
+        showContactGivesInline BOOLEAN,
+        showGeneralAdvanced BOOLEAN,
+        showShortcutBvc BOOLEAN,
+        vapid TEXT,
+        warnIfProdServer BOOLEAN,
+        warnIfTestServer BOOLEAN,
+        webPushServer TEXT
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_settings_accountDid ON settings(accountDid);
+
+      CREATE TABLE IF NOT EXISTS contacts (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        did TEXT NOT NULL,
+        name TEXT,
+        contactMethods TEXT, -- Stored as JSON string
+        nextPubKeyHashB64 TEXT,
+        notes TEXT,
+        profileImageUrl TEXT,
+        publicKeyBase64 TEXT,
+        seesMe BOOLEAN,
+        registered BOOLEAN
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_contacts_did ON contacts(did);
+      CREATE INDEX IF NOT EXISTS idx_contacts_name ON contacts(name);
+
+      CREATE TABLE IF NOT EXISTS logs (
+        date TEXT PRIMARY KEY,
+        message TEXT NOT NULL
+      );
+
+      CREATE TABLE IF NOT EXISTS temp (
+        id TEXT PRIMARY KEY,
+        blobB64 TEXT
+      );
+      `,
+  },
+];
+
+export async function registerMigrations(): Promise<void> {
+  // Register all migrations
+  for (const migration of MIGRATIONS) {
+    await migrationService.registerMigration(migration);
+  }
+}
+
+export async function runMigrations(
+  sqlExec: (
+    sql: string,
+    params?: SqlValue[],
+  ) => Promise<Array<QueryExecResult>>,
+): Promise<void> {
+  await registerMigrations();
+  await migrationService.runMigrations(sqlExec);
+}

src/db/index.ts

@@ -87,9 +87,85 @@ const DEFAULT_SETTINGS: Settings = {
 
 // Event handler to initialize the non-sensitive database with default settings
 db.on("populate", async () => {
-  await db.settings.add(DEFAULT_SETTINGS);
+  try {
+    await db.settings.add(DEFAULT_SETTINGS);
+  } catch (error) {
+    logger.error("Error populating the database with default settings:", error);
+  }
 });
 
+// Helper function to safely open the database with retries
+async function safeOpenDatabase(retries = 1, delay = 500): Promise<void> {
+  // logger.log("Starting safeOpenDatabase with retries:", retries);
+  for (let i = 0; i < retries; i++) {
+    try {
+      // logger.log(`Attempt ${i + 1}: Checking if database is open...`);
+      if (!db.isOpen()) {
+        // logger.log(`Attempt ${i + 1}: Database is closed, attempting to open...`);
+
+        // Create a promise that rejects after 5 seconds
+        const timeoutPromise = new Promise((_, reject) => {
+          setTimeout(() => reject(new Error("Database open timed out")), 500);
+        });
+
+        // Race between the open operation and the timeout
+        const openPromise = db.open();
+        // logger.log(`Attempt ${i + 1}: Waiting for db.open() promise...`);
+        await Promise.race([openPromise, timeoutPromise]);
+
+        // If we get here, the open succeeded
+        // logger.log(`Attempt ${i + 1}: Database opened successfully`);
+        return;
+      }
+      // logger.log(`Attempt ${i + 1}: Database was already open`);
+      return;
+    } catch (error) {
+      logger.error(`Attempt ${i + 1}: Database open failed:`, error);
+      if (i < retries - 1) {
+        logger.log(`Attempt ${i + 1}: Waiting ${delay}ms before retry...`);
+        await new Promise((resolve) => setTimeout(resolve, delay));
+      } else {
+        throw error;
+      }
+    }
+  }
+}
+
+export async function updateDefaultSettings(
+  settingsChanges: Settings,
+): Promise<number> {
+  delete settingsChanges.accountDid; // just in case
+  // ensure there is no "id" that would override the key
+  delete settingsChanges.id;
+  try {
+    try {
+      // logger.log("Database state before open:", db.isOpen() ? "open" : "closed");
+      // logger.log("Database name:", db.name);
+      // logger.log("Database version:", db.verno);
+      await safeOpenDatabase();
+    } catch (openError: unknown) {
+      logger.error("Failed to open database:", openError, String(openError));
+      throw new Error(
+        `The database connection failed. We recommend you try again or restart the app.`,
+      );
+    }
+    const result = await db.settings.update(
+      MASTER_SETTINGS_KEY,
+      settingsChanges,
+    );
+    return result;
+  } catch (error) {
+    logger.error("Error updating default settings:", error);
+    if (error instanceof Error) {
+      throw error; // Re-throw if it's already an Error with a message
+    } else {
+      throw new Error(
+        `Failed to update settings. We recommend you try again or restart the app.`,
+      );
+    }
+  }
+}
+
 // Manage the encryption key.
 
 // It's not really secure to maintain the secret next to the user's data.
@@ -183,15 +259,6 @@ export async function retrieveSettingsForActiveAccount(): Promise<Settings> {
   }
 }
 
-export async function updateDefaultSettings(
-  settingsChanges: Settings,
-): Promise<void> {
-  delete settingsChanges.accountDid; // just in case
-  // ensure there is no "id" that would override the key
-  delete settingsChanges.id;
-  await db.settings.update(MASTER_SETTINGS_KEY, settingsChanges);
-}
-
 export async function updateAccountSettings(
   accountDid: string,
   settingsChanges: Settings,

src/interfaces/database.ts

@@ -0,0 +1,17 @@
+export type SqlValue = string | number | null | Uint8Array;
+
+export interface QueryExecResult {
+  columns: Array<string>;
+  values: Array<Array<SqlValue>>;
+}
+
+export interface DatabaseService {
+  initialize(): Promise<void>;
+  query(sql: string, params?: unknown[]): Promise<QueryExecResult[]>;
+  run(
+    sql: string,
+    params?: unknown[],
+  ): Promise<{ changes: number; lastId?: number }>;
+  getOneRow(sql: string, params?: unknown[]): Promise<unknown[] | undefined>;
+  getAll(sql: string, params?: unknown[]): Promise<unknown[][]>;
+}

src/libs/util.ts

@@ -6,28 +6,24 @@ import * as R from "ramda";
 import { useClipboard } from "@vueuse/core";
 
 import { DEFAULT_PUSH_SERVER, NotificationIface } from "../constants/app";
-import {
-  accountsDBPromise,
-  retrieveSettingsForActiveAccount,
-  updateAccountSettings,
-  updateDefaultSettings,
-} from "../db/index";
+import { retrieveSettingsForActiveAccount } from "../db/index";
 import { Account } from "../db/tables/accounts";
 import { Contact } from "../db/tables/contacts";
 import { DEFAULT_PASSKEY_EXPIRATION_MINUTES } from "../db/tables/settings";
 import { deriveAddress, generateSeed, newIdentifier } from "../libs/crypto";
 import * as serverUtil from "../libs/endorserServer";
 import {
-  containsHiddenDid,
   GenericCredWrapper,
   GenericVerifiableCredential,
   GiveSummaryRecord,
   OfferVerifiableCredential,
-} from "../libs/endorserServer";
+} from "../interfaces";
+import { containsHiddenDid } from "../libs/endorserServer";
 import { KeyMeta } from "../libs/crypto/vc";
 import { createPeerDid } from "../libs/crypto/vc/didPeer";
 import { registerCredential } from "../libs/crypto/vc/passkeyDidPeer";
 import { logger } from "../utils/logger";
+import type { PlatformService } from "../services/PlatformService";
 
 export interface GiverReceiverInputInfo {
   did?: string;
@@ -459,45 +455,38 @@ export function findAllVisibleToDids(
 
 export interface AccountKeyInfo extends Account, KeyMeta {}
 
-export const retrieveAccountCount = async (): Promise<number> => {
-  // one of the few times we use accountsDBPromise directly; try to avoid more usage
-  const accountsDB = await accountsDBPromise;
-  return await accountsDB.accounts.count();
+export const retrieveAccountCount = async (
+  platform: PlatformService,
+): Promise<number> => {
+  const accounts = await platform.getAccounts();
+  return accounts.length;
 };
 
-export const retrieveAccountDids = async (): Promise<string[]> => {
-  // one of the few times we use accountsDBPromise directly; try to avoid more usage
-  const accountsDB = await accountsDBPromise;
-  const allAccounts = await accountsDB.accounts.toArray();
-  const allDids = allAccounts.map((acc) => acc.did);
-  return allDids;
+export const retrieveAccountDids = async (
+  platform: PlatformService,
+): Promise<string[]> => {
+  const accounts = await platform.getAccounts();
+  return accounts.map((acc: Account) => acc.did);
 };
 
-// This is provided and recommended when the full key is not necessary so that
-// future work could separate this info from the sensitive key material.
 export const retrieveAccountMetadata = async (
+  platform: PlatformService,
   activeDid: string,
 ): Promise<AccountKeyInfo | undefined> => {
-  // one of the few times we use accountsDBPromise directly; try to avoid more usage
-  const accountsDB = await accountsDBPromise;
-  const account = (await accountsDB.accounts
-    .where("did")
-    .equals(activeDid)
-    .first()) as Account;
+  const account = await platform.getAccount(activeDid);
   if (account) {
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
     const { identity, mnemonic, ...metadata } = account;
     return metadata;
-  } else {
-    return undefined;
   }
+  return undefined;
 };
 
-export const retrieveAllAccountsMetadata = async (): Promise<Account[]> => {
-  // one of the few times we use accountsDBPromise directly; try to avoid more usage
-  const accountsDB = await accountsDBPromise;
-  const array = await accountsDB.accounts.toArray();
-  return array.map((account) => {
+export const retrieveAllAccountsMetadata = async (
+  platform: PlatformService,
+): Promise<Account[]> => {
+  const accounts = await platform.getAccounts();
+  return accounts.map((account: Account) => {
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
     const { identity, mnemonic, ...metadata } = account;
     return metadata;
@@ -505,58 +494,51 @@ export const retrieveAllAccountsMetadata = async (): Promise<Account[]> => {
 };
 
 export const retrieveFullyDecryptedAccount = async (
+  platform: PlatformService,
   activeDid: string,
 ): Promise<AccountKeyInfo | undefined> => {
-  // one of the few times we use accountsDBPromise directly; try to avoid more usage
-  const accountsDB = await accountsDBPromise;
-  const account = (await accountsDB.accounts
-    .where("did")
-    .equals(activeDid)
-    .first()) as Account;
-  return account;
+  return await platform.getAccount(activeDid);
 };
 
-// let's try and eliminate this
-export const retrieveAllFullyDecryptedAccounts = async (): Promise<
-  Array<AccountKeyInfo>
-> => {
-  const accountsDB = await accountsDBPromise;
-  const allAccounts = await accountsDB.accounts.toArray();
-  return allAccounts;
+export const retrieveAllFullyDecryptedAccounts = async (
+  platform: PlatformService,
+): Promise<Array<AccountKeyInfo>> => {
+  return await platform.getAccounts();
 };
 
-/**
- * Generates a new identity, saves it to the database, and sets it as the active identity.
- * @return {Promise<string>} with the DID of the new identity
- */
-export const generateSaveAndActivateIdentity = async (): Promise<string> => {
+export const generateSaveAndActivateIdentity = async (
+  platform: PlatformService,
+): Promise<string> => {
   const mnemonic = generateSeed();
-  // address is 0x... ETH address, without "did:eth:"
   const [address, privateHex, publicHex, derivationPath] =
     deriveAddress(mnemonic);
 
   const newId = newIdentifier(address, publicHex, privateHex, derivationPath);
   const identity = JSON.stringify(newId);
 
-  // one of the few times we use accountsDBPromise directly; try to avoid more usage
-  const accountsDB = await accountsDBPromise;
-  await accountsDB.accounts.add({
-    dateCreated: new Date().toISOString(),
-    derivationPath: derivationPath,
-    did: newId.did,
-    identity: identity,
-    mnemonic: mnemonic,
-    publicKeyHex: newId.keys[0].publicKeyHex,
-  });
-
-  await updateDefaultSettings({ activeDid: newId.did });
-  //console.log("Updated default settings in util");
-  await updateAccountSettings(newId.did, { isRegistered: false });
+  try {
+    await platform.addAccount({
+      dateCreated: new Date().toISOString(),
+      derivationPath: derivationPath,
+      did: newId.did,
+      identity: identity,
+      mnemonic: mnemonic,
+      publicKeyHex: newId.keys[0].publicKeyHex,
+    });
 
+    await platform.updateMasterSettings({ activeDid: newId.did });
+    await platform.updateAccountSettings(newId.did, { isRegistered: false });
+  } catch (error) {
+    logger.error("Failed to save new identity:", error);
+    throw new Error(
+      "Failed to save new identity. Please try again or restart the app.",
+    );
+  }
   return newId.did;
 };
 
 export const registerAndSavePasskey = async (
+  platform: PlatformService,
   keyName: string,
 ): Promise<Account> => {
   const cred = await registerCredential(keyName);
@@ -570,23 +552,25 @@ export const registerAndSavePasskey = async (
     passkeyCredIdHex,
     publicKeyHex: Buffer.from(publicKeyBytes).toString("hex"),
   };
-  // one of the few times we use accountsDBPromise directly; try to avoid more usage
-  const accountsDB = await accountsDBPromise;
-  await accountsDB.accounts.add(account);
+
+  await platform.addAccount(account);
   return account;
 };
 
 export const registerSaveAndActivatePasskey = async (
+  platform: PlatformService,
   keyName: string,
 ): Promise<Account> => {
-  const account = await registerAndSavePasskey(keyName);
-  await updateDefaultSettings({ activeDid: account.did });
-  await updateAccountSettings(account.did, { isRegistered: false });
+  const account = await registerAndSavePasskey(platform, keyName);
+  await platform.updateMasterSettings({ activeDid: account.did });
+  await platform.updateAccountSettings(account.did, { isRegistered: false });
   return account;
 };
 
-export const getPasskeyExpirationSeconds = async (): Promise<number> => {
-  const settings = await retrieveSettingsForActiveAccount();
+export const getPasskeyExpirationSeconds = async (
+  platform: PlatformService,
+): Promise<number> => {
+  const settings = await platform.getActiveAccountSettings();
   return (
     (settings?.passkeyExpirationMinutes ?? DEFAULT_PASSKEY_EXPIRATION_MINUTES) *
     60

src/main.capacitor.ts

@@ -86,5 +86,19 @@ const handleDeepLink = async (data: { url: string }) => {
 App.addListener("appUrlOpen", handleDeepLink);
 
 logger.log("[Capacitor] Mounting app");
-app.mount("#app");
+
+// Initialize and mount the app
+initializeApp().then((app) => {
+  app.mount("#app");
+}).catch((error) => {
+  console.error("Failed to initialize app:", error);
+  document.body.innerHTML = `
+    <div style="color: red; padding: 20px; font-family: sans-serif;">
+      <h1>Failed to initialize app</h1>
+      <p>${error instanceof Error ? error.message : "Unknown error"}</p>
+      <p>Please try restarting the app or contact support if the problem persists.</p>
+    </div>
+  `;
+});
+
 logger.log("[Capacitor] App mounted");

src/main.common.ts

@@ -9,6 +9,7 @@ import "./assets/styles/tailwind.css";
 import { FontAwesomeIcon } from "./libs/fontawesome";
 import Camera from "simple-vue-camera";
 import { logger } from "./utils/logger";
+import { PlatformServiceFactory } from "./services/PlatformServiceFactory";
 
 // Global Error Handler
 function setupGlobalErrorHandler(app: VueApp) {
@@ -31,7 +32,7 @@ function setupGlobalErrorHandler(app: VueApp) {
 }
 
 // Function to initialize the app
-export function initializeApp() {
+export async function initializeApp() {
   logger.log("[App Init] Starting app initialization");
   logger.log("[App Init] Platform:", process.env.VITE_PLATFORM);
 
@@ -54,6 +55,22 @@ export function initializeApp() {
   app.use(Notifications);
   logger.log("[App Init] Notifications initialized");
 
+  // Initialize platform service
+  const platform = await PlatformServiceFactory.getInstance();
+  app.config.globalProperties.$platform = platform;
+  logger.log("[App Init] Platform service initialized");
+
+  // Initialize SQLite
+  try {
+    const sqlite = await platform.getSQLite();
+    const config = { name: "TimeSafariDB", useWAL: true };
+    await sqlite.initialize(config);
+    logger.log("[App Init] SQLite database initialized");
+  } catch (error) {
+    logger.error("[App Init] Failed to initialize SQLite:", error);
+    // Don't throw here - we want the app to start even if SQLite fails
+  }
+
   setupGlobalErrorHandler(app);
   logger.log("[App Init] App initialization complete");
 

src/main.electron.ts

@@ -1,4 +1,15 @@
 import { initializeApp } from "./main.common";
 
-const app = initializeApp();
-app.mount("#app");
+// Initialize and mount the app
+initializeApp().then((app) => {
+  app.mount("#app");
+}).catch((error) => {
+  console.error("Failed to initialize app:", error);
+  document.body.innerHTML = `
+    <div style="color: red; padding: 20px; font-family: sans-serif;">
+      <h1>Failed to initialize app</h1>
+      <p>${error instanceof Error ? error.message : "Unknown error"}</p>
+      <p>Please try restarting the app or contact support if the problem persists.</p>
+    </div>
+  `;
+});

src/main.pywebview.ts

@@ -1,4 +1,15 @@
 import { initializeApp } from "./main.common";
 
-const app = initializeApp();
-app.mount("#app");
+// Initialize and mount the app
+initializeApp().then((app) => {
+  app.mount("#app");
+}).catch((error) => {
+  console.error("Failed to initialize app:", error);
+  document.body.innerHTML = `
+    <div style="color: red; padding: 20px; font-family: sans-serif;">
+      <h1>Failed to initialize app</h1>
+      <p>${error instanceof Error ? error.message : "Unknown error"}</p>
+      <p>Please try restarting the app or contact support if the problem persists.</p>
+    </div>
+  `;
+});

src/main.ts

@@ -1,215 +0,0 @@
-import { createPinia } from "pinia";
-import { App as VueApp, ComponentPublicInstance, createApp } from "vue";
-import App from "./App.vue";
-import "./registerServiceWorker";
-import router from "./router";
-import axios from "axios";
-import VueAxios from "vue-axios";
-import Notifications from "notiwind";
-import "./assets/styles/tailwind.css";
-
-import { library } from "@fortawesome/fontawesome-svg-core";
-import {
-  faArrowDown,
-  faArrowLeft,
-  faArrowRight,
-  faArrowRotateBackward,
-  faArrowUpRightFromSquare,
-  faArrowUp,
-  faBan,
-  faBitcoinSign,
-  faBurst,
-  faCalendar,
-  faCamera,
-  faCameraRotate,
-  faCaretDown,
-  faChair,
-  faCheck,
-  faChevronDown,
-  faChevronLeft,
-  faChevronRight,
-  faChevronUp,
-  faCircle,
-  faCircleCheck,
-  faCircleInfo,
-  faCircleQuestion,
-  faCircleUser,
-  faClock,
-  faCoins,
-  faComment,
-  faCopy,
-  faDollar,
-  faEllipsis,
-  faEllipsisVertical,
-  faEnvelopeOpenText,
-  faEraser,
-  faEye,
-  faEyeSlash,
-  faFileContract,
-  faFileLines,
-  faFilter,
-  faFloppyDisk,
-  faFolderOpen,
-  faForward,
-  faGift,
-  faGlobe,
-  faHammer,
-  faHand,
-  faHandHoldingDollar,
-  faHandHoldingHeart,
-  faHouseChimney,
-  faImage,
-  faImagePortrait,
-  faLeftRight,
-  faLightbulb,
-  faLink,
-  faLocationDot,
-  faLongArrowAltLeft,
-  faLongArrowAltRight,
-  faMagnifyingGlass,
-  faMessage,
-  faMinus,
-  faPen,
-  faPersonCircleCheck,
-  faPersonCircleQuestion,
-  faPlus,
-  faQuestion,
-  faQrcode,
-  faRightFromBracket,
-  faRotate,
-  faShareNodes,
-  faSpinner,
-  faSquare,
-  faSquareCaretDown,
-  faSquareCaretUp,
-  faSquarePlus,
-  faTrashCan,
-  faTriangleExclamation,
-  faUser,
-  faUsers,
-  faXmark,
-} from "@fortawesome/free-solid-svg-icons";
-
-library.add(
-  faArrowDown,
-  faArrowLeft,
-  faArrowRight,
-  faArrowRotateBackward,
-  faArrowUpRightFromSquare,
-  faArrowUp,
-  faBan,
-  faBitcoinSign,
-  faBurst,
-  faCalendar,
-  faCamera,
-  faCameraRotate,
-  faCaretDown,
-  faChair,
-  faCheck,
-  faChevronDown,
-  faChevronLeft,
-  faChevronRight,
-  faChevronUp,
-  faCircle,
-  faCircleCheck,
-  faCircleInfo,
-  faCircleQuestion,
-  faCircleUser,
-  faClock,
-  faCoins,
-  faComment,
-  faCopy,
-  faDollar,
-  faEllipsis,
-  faEllipsisVertical,
-  faEnvelopeOpenText,
-  faEraser,
-  faEye,
-  faEyeSlash,
-  faFileContract,
-  faFileLines,
-  faFilter,
-  faFloppyDisk,
-  faFolderOpen,
-  faForward,
-  faGift,
-  faGlobe,
-  faHammer,
-  faHand,
-  faHandHoldingDollar,
-  faHandHoldingHeart,
-  faHouseChimney,
-  faImage,
-  faImagePortrait,
-  faLeftRight,
-  faLightbulb,
-  faLink,
-  faLocationDot,
-  faLongArrowAltLeft,
-  faLongArrowAltRight,
-  faMagnifyingGlass,
-  faMessage,
-  faMinus,
-  faPen,
-  faPersonCircleCheck,
-  faPersonCircleQuestion,
-  faPlus,
-  faQrcode,
-  faQuestion,
-  faRotate,
-  faRightFromBracket,
-  faShareNodes,
-  faSpinner,
-  faSquare,
-  faSquareCaretDown,
-  faSquareCaretUp,
-  faSquarePlus,
-  faTrashCan,
-  faTriangleExclamation,
-  faUser,
-  faUsers,
-  faXmark,
-);
-
-import { FontAwesomeIcon } from "@fortawesome/vue-fontawesome";
-import Camera from "simple-vue-camera";
-import { logger } from "./utils/logger";
-
-// Can trigger this with a 'throw' inside some top-level function, eg. on the HomeView
-function setupGlobalErrorHandler(app: VueApp) {
-  // @ts-expect-error 'cause we cannot see why config is not defined
-  app.config.errorHandler = (
-    err: Error,
-    instance: ComponentPublicInstance | null,
-    info: string,
-  ) => {
-    logger.error(
-      "Ouch! Global Error Handler.",
-      "Error:",
-      err,
-      "- Error toString:",
-      err.toString(),
-      "- Info:",
-      info,
-      "- Instance:",
-      instance,
-    );
-    // Want to show a nice notiwind notification but can't figure out how.
-    alert(
-      (err.message || "Something bad happened") +
-        " - Try reloading or restarting the app.",
-    );
-  };
-}
-
-const app = createApp(App)
-  .component("fa", FontAwesomeIcon)
-  .component("camera", Camera)
-  .use(createPinia())
-  .use(VueAxios, axios)
-  .use(router)
-  .use(Notifications);
-
-setupGlobalErrorHandler(app);
-
-app.mount("#app");

src/main.web.ts

@@ -1,5 +1,34 @@
+import { initBackend } from "absurd-sql/dist/indexeddb-main-thread";
 import { initializeApp } from "./main.common";
 import "./registerServiceWorker"; // Web PWA support
 
 const app = initializeApp();
-app.mount("#app");
+
+function sqlInit() {
+  // see https://github.com/jlongster/absurd-sql
+  const worker = new Worker(
+    new URL("./registerSQLWorker.js", import.meta.url),
+    {
+      type: "module",
+    },
+  );
+  // This is only required because Safari doesn't support nested
+  // workers. This installs a handler that will proxy creating web
+  // workers through the main thread
+  initBackend(worker);
+}
+sqlInit();
+
+// Initialize and mount the app
+initializeApp().then((app) => {
+  app.mount("#app");
+}).catch((error) => {
+  console.error("Failed to initialize app:", error);
+  document.body.innerHTML = `
+    <div style="color: red; padding: 20px; font-family: sans-serif;">
+      <h1>Failed to initialize app</h1>
+      <p>${error instanceof Error ? error.message : "Unknown error"}</p>
+      <p>Please try refreshing the page or contact support if the problem persists.</p>
+    </div>
+  `;
+});

src/registerSQLWorker.js

@@ -0,0 +1,6 @@
+import databaseService from "./services/database";
+
+async function run() {
+  await databaseService.initialize();
+}
+run();

src/router/index.ts

@@ -88,9 +88,9 @@ const routes: Array<RouteRecordRaw> = [
     component: () => import("../views/ContactQRScanShowView.vue"),
   },
   {
-    path: "/contact-qr-scan",
-    name: "contact-qr-scan",
-    component: () => import("../views/ContactQRScanView.vue"),
+    path: "/contact-qr-scan-full",
+    name: "contact-qr-scan-full",
+    component: () => import("../views/ContactQRScanFullView.vue"),
   },
   {
     path: "/contacts",
@@ -243,11 +243,6 @@ const routes: Array<RouteRecordRaw> = [
     name: "recent-offers-to-user-projects",
     component: () => import("../views/RecentOffersToUserProjectsView.vue"),
   },
-  {
-    path: "/scan-contact",
-    name: "scan-contact",
-    component: () => import("../views/ContactScanView.vue"),
-  },
   {
     path: "/search-area",
     name: "search-area",

src/services/ElectronPlatformService.ts

@@ -0,0 +1,370 @@
+import {
+  PlatformService,
+  PlatformCapabilities,
+  SQLiteOperations,
+  SQLiteConfig,
+  PreparedStatement,
+  SQLiteResult,
+  ImageResult,
+} from "./PlatformService";
+import { BaseSQLiteService } from "./sqlite/BaseSQLiteService";
+import { app } from "electron";
+import { dialog } from "electron";
+import fs from "fs";
+import path from "path";
+import sqlite3 from "sqlite3";
+import { open, Database } from "sqlite";
+import { logger } from "../utils/logger";
+import { Settings } from "../db/tables/settings";
+import { Account } from "../db/tables/accounts";
+import { Contact } from "../db/tables/contacts";
+import { db } from "../db";
+import { MASTER_SETTINGS_KEY } from "../db/tables/settings";
+import { accountsDBPromise } from "../db";
+import { accessToken } from "../libs/crypto";
+import { getPlanFromCache as getPlanFromCacheImpl } from "../libs/endorserServer";
+import { PlanSummaryRecord } from "../interfaces/records";
+import { Axios } from "axios";
+
+interface SQLiteDatabase extends Database {
+  changes: number;
+}
+
+// Create Promise-based versions of fs functions
+const readFileAsync = (filePath: string, encoding: BufferEncoding): Promise<string> => {
+  return new Promise((resolve, reject) => {
+    fs.readFile(filePath, { encoding }, (err: NodeJS.ErrnoException | null, data: string) => {
+      if (err) reject(err);
+      else resolve(data);
+    });
+  });
+};
+
+const readFileBufferAsync = (filePath: string): Promise<Buffer> => {
+  return new Promise((resolve, reject) => {
+    fs.readFile(filePath, (err: NodeJS.ErrnoException | null, data: Buffer) => {
+      if (err) reject(err);
+      else resolve(data);
+    });
+  });
+};
+
+const writeFileAsync = (filePath: string, data: string, encoding: BufferEncoding): Promise<void> => {
+  return new Promise((resolve, reject) => {
+    fs.writeFile(filePath, data, { encoding }, (err: NodeJS.ErrnoException | null) => {
+      if (err) reject(err);
+      else resolve();
+    });
+  });
+};
+
+const unlinkAsync = (filePath: string): Promise<void> => {
+  return new Promise((resolve, reject) => {
+    fs.unlink(filePath, (err: NodeJS.ErrnoException | null) => {
+      if (err) reject(err);
+      else resolve();
+    });
+  });
+};
+
+const readdirAsync = (dirPath: string): Promise<string[]> => {
+  return new Promise((resolve, reject) => {
+    fs.readdir(dirPath, (err: NodeJS.ErrnoException | null, files: string[]) => {
+      if (err) reject(err);
+      else resolve(files);
+    });
+  });
+};
+
+const statAsync = (filePath: string): Promise<fs.Stats> => {
+  return new Promise((resolve, reject) => {
+    fs.stat(filePath, (err: NodeJS.ErrnoException | null, stats: fs.Stats) => {
+      if (err) reject(err);
+      else resolve(stats);
+    });
+  });
+};
+
+/**
+ * SQLite implementation for Electron using native sqlite3
+ */
+class ElectronSQLiteService extends BaseSQLiteService {
+  private db: SQLiteDatabase | null = null;
+  private config: SQLiteConfig | null = null;
+
+  async initialize(config: SQLiteConfig): Promise<void> {
+    if (this.initialized) {
+      return;
+    }
+
+    try {
+      this.config = config;
+      const dbPath = path.join(app.getPath("userData"), `${config.name}.db`);
+
+      this.db = await open({
+        filename: dbPath,
+        driver: sqlite3.Database,
+      });
+
+      // Configure database settings
+      if (config.useWAL) {
+        await this.execute("PRAGMA journal_mode = WAL");
+        this.stats.walMode = true;
+      }
+
+      // Set other pragmas for performance
+      await this.execute("PRAGMA synchronous = NORMAL");
+      await this.execute("PRAGMA temp_store = MEMORY");
+      await this.execute("PRAGMA cache_size = -2000"); // Use 2MB of cache
+
+      this.initialized = true;
+      await this.updateStats();
+    } catch (error) {
+      logger.error("Failed to initialize Electron SQLite:", error);
+      throw error;
+    }
+  }
+
+  async close(): Promise<void> {
+    if (!this.initialized || !this.db) {
+      return;
+    }
+
+    try {
+      await this.db.close();
+      this.db = null;
+      this.initialized = false;
+    } catch (error) {
+      logger.error("Failed to close Electron SQLite connection:", error);
+      throw error;
+    }
+  }
+
+  protected async _executeQuery<T>(
+    sql: string,
+    params: unknown[] = [],
+    operation: "query" | "execute" = "query",
+  ): Promise<SQLiteResult<T>> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+
+    try {
+      if (operation === "query") {
+        const rows = await this.db.all<T[]>(sql, params);
+        const result = await this.db.run("SELECT last_insert_rowid() as id");
+        return {
+          rows,
+          rowsAffected: this.db.changes,
+          lastInsertId: result.lastID,
+          executionTime: 0, // Will be set by base class
+        };
+      } else {
+        const result = await this.db.run(sql, params);
+        return {
+          rows: [],
+          rowsAffected: this.db.changes,
+          lastInsertId: result.lastID,
+          executionTime: 0, // Will be set by base class
+        };
+      }
+    } catch (error) {
+      logger.error("Electron SQLite query failed:", {
+        sql,
+        params,
+        error: error instanceof Error ? error.message : String(error),
+      });
+      throw error;
+    }
+  }
+
+  protected async _beginTransaction(): Promise<void> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+    await this.db.run("BEGIN TRANSACTION");
+  }
+
+  protected async _commitTransaction(): Promise<void> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+    await this.db.run("COMMIT");
+  }
+
+  protected async _rollbackTransaction(): Promise<void> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+    await this.db.run("ROLLBACK");
+  }
+
+  protected async _prepareStatement<T>(
+    sql: string,
+  ): Promise<PreparedStatement<T>> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+
+    const stmt = await this.db.prepare(sql);
+    return {
+      execute: async (params: unknown[] = []) => {
+        if (!this.db) {
+          throw new Error("Database not initialized");
+        }
+
+        const rows = await stmt.all<T>(params);
+        return {
+          rows,
+          rowsAffected: this.db.changes,
+          lastInsertId: (await this.db.run("SELECT last_insert_rowid() as id"))
+            .lastID,
+          executionTime: 0, // Will be set by base class
+        };
+      },
+      finalize: async () => {
+        await stmt.finalize();
+      },
+    };
+  }
+
+  protected async _finalizeStatement(_sql: string): Promise<void> {
+    // Statements are finalized when the PreparedStatement is finalized
+  }
+
+  async getDatabaseSize(): Promise<number> {
+    if (!this.db || !this.config) {
+      throw new Error("Database not initialized");
+    }
+
+    try {
+      const dbPath = path.join(app.getPath("userData"), `${this.config.name}.db`);
+      const stats = await statAsync(dbPath);
+      return stats.size;
+    } catch (error) {
+      logger.error("Failed to get database size:", error);
+      return 0;
+    }
+  }
+}
+
+// Only import Electron-specific code in Electron environment
+let ElectronPlatformServiceImpl: typeof import("./platforms/ElectronPlatformService").ElectronPlatformService;
+
+async function initializeElectronPlatformService() {
+  if (process.env.ELECTRON) {
+    // Dynamic import for Electron environment
+    const { ElectronPlatformService } = await import("./platforms/ElectronPlatformService");
+    ElectronPlatformServiceImpl = ElectronPlatformService;
+  } else {
+    // Stub implementation for non-Electron environments
+    class StubElectronPlatformService implements PlatformService {
+      #sqliteService: SQLiteOperations | null = null;
+
+      getCapabilities(): PlatformCapabilities {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async getSQLite(): Promise<SQLiteOperations> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async readFile(path: string): Promise<string> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async writeFile(path: string, content: string): Promise<void> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async deleteFile(path: string): Promise<void> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async listFiles(directory: string): Promise<string[]> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async takePicture(): Promise<ImageResult> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async pickImage(): Promise<ImageResult> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async handleDeepLink(url: string): Promise<void> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async getAccounts(): Promise<Account[]> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async getAccount(did: string): Promise<Account | undefined> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async addAccount(account: Account): Promise<void> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async getContacts(): Promise<Contact[]> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async getAllContacts(): Promise<Contact[]> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async updateMasterSettings(settingsChanges: Partial<Settings>): Promise<void> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async getActiveAccountSettings(): Promise<Settings> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async updateAccountSettings(accountDid: string, settingsChanges: Partial<Settings>): Promise<void> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async getHeaders(did?: string): Promise<Record<string, string>> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      async getPlanFromCache(
+        handleId: string | undefined,
+        axios: Axios,
+        apiServer: string,
+        requesterDid?: string,
+      ): Promise<PlanSummaryRecord | undefined> {
+        throw new Error("Electron platform service is not available in this environment");
+      }
+
+      isCapacitor(): boolean {
+        return false;
+      }
+
+      isElectron(): boolean {
+        return false;
+      }
+
+      isPyWebView(): boolean {
+        return false;
+      }
+
+      isWeb(): boolean {
+        return false;
+      }
+    }
+    ElectronPlatformServiceImpl = StubElectronPlatformService;
+  }
+}
+
+// Initialize the service
+initializeElectronPlatformService().catch(error => {
+  logger.error("Failed to initialize Electron platform service:", error);
+});
+
+export class ElectronPlatformService extends ElectronPlatformServiceImpl {}

src/services/PlatformService.ts

@@ -1,3 +1,9 @@
+import { Settings } from "../db/tables/settings";
+import { Account } from "../db/tables/accounts";
+import { Contact } from "../db/tables/contacts";
+import { Axios } from "axios";
+import { PlanSummaryRecord } from "../interfaces/records";
+
 /**
  * Represents the result of an image capture or selection operation.
  * Contains both the image data as a Blob and the associated filename.
@@ -26,6 +32,154 @@ export interface PlatformCapabilities {
   hasFileDownload: boolean;
   /** Whether the platform requires special file handling instructions */
   needsFileHandlingInstructions: boolean;
+  /** SQLite capabilities of the platform */
+  sqlite: {
+    /** Whether SQLite is supported on this platform */
+    supported: boolean;
+    /** Whether SQLite runs in a Web Worker (browser) */
+    runsInWorker: boolean;
+    /** Whether the platform supports SharedArrayBuffer (required for optimal performance) */
+    hasSharedArrayBuffer: boolean;
+    /** Whether the platform supports WAL mode */
+    supportsWAL: boolean;
+    /** Maximum database size in bytes (if known) */
+    maxSize?: number;
+  };
+}
+
+/**
+ * SQLite configuration options
+ */
+export interface SQLiteConfig {
+  /** Database name */
+  name: string;
+  /** Whether to use WAL mode (if supported) */
+  useWAL?: boolean;
+  /** Whether to use memory-mapped I/O (if supported) */
+  useMMap?: boolean;
+  /** Size of memory map in bytes (if using mmap) */
+  mmapSize?: number;
+  /** Whether to use prepared statements cache */
+  usePreparedStatements?: boolean;
+  /** Maximum number of prepared statements to cache */
+  maxPreparedStatements?: number;
+}
+
+/**
+ * Represents a SQLite query result with typed rows
+ */
+export interface SQLiteResult<T> {
+  /** The rows returned by the query */
+  rows: T[];
+  /** The number of rows affected by the query */
+  rowsAffected: number;
+  /** The last inserted row ID (if applicable) */
+  lastInsertId?: number;
+  /** Execution time in milliseconds */
+  executionTime: number;
+}
+
+/**
+ * SQLite operations interface for platform-agnostic database access
+ */
+export interface SQLiteOperations {
+  /**
+   * Initializes the SQLite database with the given configuration
+   * @param config - SQLite configuration options
+   * @returns Promise resolving when initialization is complete
+   */
+  initialize(config: SQLiteConfig): Promise<void>;
+
+  /**
+   * Executes a SQL query and returns typed results
+   * @param sql - The SQL query to execute
+   * @param params - Optional parameters for the query
+   * @returns Promise resolving to the query results
+   */
+  query<T>(sql: string, params?: unknown[]): Promise<SQLiteResult<T>>;
+
+  /**
+   * Executes a SQL query that modifies data (INSERT, UPDATE, DELETE)
+   * @param sql - The SQL query to execute
+   * @param params - Optional parameters for the query
+   * @returns Promise resolving to the number of rows affected
+   */
+  execute(sql: string, params?: unknown[]): Promise<number>;
+
+  /**
+   * Executes multiple SQL statements in a transaction
+   * @param statements - Array of SQL statements to execute
+   * @returns Promise resolving when the transaction is complete
+   */
+  transaction(statements: { sql: string; params?: unknown[] }[]): Promise<void>;
+
+  /**
+   * Gets the maximum value of a column for matching rows
+   * @param table - The table to query
+   * @param column - The column to find the maximum value of
+   * @param where - Optional WHERE clause conditions
+   * @param params - Optional parameters for the WHERE clause
+   * @returns Promise resolving to the maximum value
+   */
+  getMaxValue<T>(
+    table: string,
+    column: string,
+    where?: string,
+    params?: unknown[],
+  ): Promise<T | null>;
+
+  /**
+   * Prepares a SQL statement for repeated execution
+   * @param sql - The SQL statement to prepare
+   * @returns A prepared statement that can be executed multiple times
+   */
+  prepare<T>(sql: string): Promise<PreparedStatement<T>>;
+
+  /**
+   * Gets the current database size in bytes
+   * @returns Promise resolving to the database size
+   */
+  getDatabaseSize(): Promise<number>;
+
+  /**
+   * Gets the current database statistics
+   * @returns Promise resolving to database statistics
+   */
+  getStats(): Promise<SQLiteStats>;
+
+  /**
+   * Closes the database connection
+   * @returns Promise resolving when the connection is closed
+   */
+  close(): Promise<void>;
+}
+
+/**
+ * Represents a prepared SQL statement
+ */
+export interface PreparedStatement<T> {
+  /** Executes the prepared statement with the given parameters */
+  execute(params?: unknown[]): Promise<SQLiteResult<T>>;
+  /** Frees the prepared statement */
+  finalize(): Promise<void>;
+}
+
+/**
+ * Database statistics
+ */
+export interface SQLiteStats {
+  /** Total number of queries executed */
+  totalQueries: number;
+  /** Average query execution time in milliseconds */
+  avgExecutionTime: number;
+  /** Number of prepared statements in cache */
+  preparedStatements: number;
+  /** Current database size in bytes */
+  databaseSize: number;
+  /** Whether WAL mode is active */
+  walMode: boolean;
+  /** Whether memory mapping is active */
+  mmapActive: boolean;
 }
 
 /**
@@ -59,11 +213,12 @@ export interface PlatformService {
 
   /**
    * Writes content to a file at the specified path and shares it.
+   * Optional method - not all platforms need to implement this.
    * @param fileName - The filename of the file to write
    * @param content - The content to write to the file
    * @returns Promise that resolves when the write is complete
    */
-  writeAndShareFile(fileName: string, content: string): Promise<void>;
+  writeAndShareFile?(fileName: string, content: string): Promise<void>;
 
   /**
    * Deletes a file at the specified path.
@@ -98,4 +253,92 @@ export interface PlatformService {
    * @returns Promise that resolves when the deep link has been handled
    */
   handleDeepLink(url: string): Promise<void>;
+
+  /**
+   * Gets the SQLite operations interface for the platform.
+   * For browsers, this will use absurd-sql with Web Worker support.
+   * @returns Promise resolving to the SQLite operations interface
+   */
+  getSQLite(): Promise<SQLiteOperations>;
+
+  /**
+   * Gets the headers for HTTP requests, including authorization if needed
+   * @param did - Optional DID to include in authorization
+   * @returns Promise resolving to headers object
+   */
+  getHeaders(did?: string): Promise<Record<string, string>>;
+
+  // Account Management
+  /**
+   * Gets all accounts in the database
+   * @returns Promise resolving to array of accounts
+   */
+  getAccounts(): Promise<Account[]>;
+
+  /**
+   * Gets a specific account by DID
+   * @param did - The DID of the account to retrieve
+   * @returns Promise resolving to the account or undefined if not found
+   */
+  getAccount(did: string): Promise<Account | undefined>;
+
+  /**
+   * Adds a new account to the database
+   * @param account - The account to add
+   * @returns Promise resolving when the account is added
+   */
+  addAccount(account: Account): Promise<void>;
+
+  // Settings Management
+  /**
+   * Updates the master settings with the provided changes
+   * @param settingsChanges - The settings to update
+   * @returns Promise resolving when the update is complete
+   */
+  updateMasterSettings(settingsChanges: Partial<Settings>): Promise<void>;
+
+  /**
+   * Gets the settings for the active account
+   * @returns Promise resolving to the active account settings
+   */
+  getActiveAccountSettings(): Promise<Settings>;
+
+  /**
+   * Updates settings for a specific account
+   * @param accountDid - The DID of the account to update settings for
+   * @param settingsChanges - The settings to update
+   * @returns Promise resolving when the update is complete
+   */
+  updateAccountSettings(
+    accountDid: string,
+    settingsChanges: Partial<Settings>,
+  ): Promise<void>;
+
+  // Contact Management
+  /**
+   * Gets all contacts from the database
+   * @returns Promise resolving to array of contacts
+   */
+  getContacts(): Promise<Contact[]>;
+
+  /**
+   * Gets all contacts from the database (alias for getContacts)
+   * @returns Promise resolving to array of contacts
+   */
+  getAllContacts(): Promise<Contact[]>;
+
+  /**
+   * Retrieves plan data from cache or server
+   * @param handleId - Plan handle ID
+   * @param axios - Axios instance for making HTTP requests
+   * @param apiServer - API server URL
+   * @param requesterDid - Optional requester DID for private info
+   * @returns Promise resolving to plan data or undefined if not found
+   */
+  getPlanFromCache(
+    handleId: string | undefined,
+    axios: Axios,
+    apiServer: string,
+    requesterDid?: string,
+  ): Promise<PlanSummaryRecord | undefined>;
 }

src/services/PlatformServiceFactory.ts

@@ -1,8 +1,5 @@
 import { PlatformService } from "./PlatformService";
 import { WebPlatformService } from "./platforms/WebPlatformService";
-import { CapacitorPlatformService } from "./platforms/CapacitorPlatformService";
-import { ElectronPlatformService } from "./platforms/ElectronPlatformService";
-import { PyWebViewPlatformService } from "./platforms/PyWebViewPlatformService";
 
 /**
  * Factory class for creating platform-specific service implementations.
@@ -17,7 +14,7 @@ import { PyWebViewPlatformService } from "./platforms/PyWebViewPlatformService";
  *
  * @example
  * ```typescript
- * const platformService = PlatformServiceFactory.getInstance();
+ * const platformService = await PlatformServiceFactory.getInstance();
  * await platformService.takePicture();
  * ```
  */
@@ -28,31 +25,48 @@ export class PlatformServiceFactory {
    * Gets or creates the singleton instance of PlatformService.
    * Creates the appropriate platform-specific implementation based on environment.
    *
-   * @returns {PlatformService} The singleton instance of PlatformService
+   * @returns {Promise<PlatformService>} Promise resolving to the singleton instance of PlatformService
    */
-  public static getInstance(): PlatformService {
+  public static async getInstance(): Promise<PlatformService> {
     if (PlatformServiceFactory.instance) {
       return PlatformServiceFactory.instance;
     }
 
     const platform = process.env.VITE_PLATFORM || "web";
 
-    switch (platform) {
-      case "capacitor":
-        PlatformServiceFactory.instance = new CapacitorPlatformService();
-        break;
-      case "electron":
-        PlatformServiceFactory.instance = new ElectronPlatformService();
-        break;
-      case "pywebview":
-        PlatformServiceFactory.instance = new PyWebViewPlatformService();
-        break;
-      case "web":
-      default:
-        PlatformServiceFactory.instance = new WebPlatformService();
-        break;
-    }
+    try {
+      switch (platform) {
+        case "capacitor": {
+          const { CapacitorPlatformService } = await import("./platforms/CapacitorPlatformService");
+          PlatformServiceFactory.instance = new CapacitorPlatformService();
+          break;
+        }
+        case "electron": {
+          const { ElectronPlatformService } = await import("./ElectronPlatformService");
+          PlatformServiceFactory.instance = new ElectronPlatformService();
+          break;
+        }
+        case "pywebview": {
+          const { PyWebViewPlatformService } = await import("./platforms/PyWebViewPlatformService");
+          PlatformServiceFactory.instance = new PyWebViewPlatformService();
+          break;
+        }
+        case "web":
+        default:
+          PlatformServiceFactory.instance = new WebPlatformService();
+          break;
+      }
 
-    return PlatformServiceFactory.instance;
+      if (!PlatformServiceFactory.instance) {
+        throw new Error(`Failed to initialize platform service for ${platform}`);
+      }
+
+      return PlatformServiceFactory.instance;
+    } catch (error) {
+      console.error(`Failed to initialize ${platform} platform service:`, error);
+      // Fallback to web platform if initialization fails
+      PlatformServiceFactory.instance = new WebPlatformService();
+      return PlatformServiceFactory.instance;
+    }
   }
 }

src/services/QRScanner/WebInlineQRScanner.ts

@@ -90,16 +90,60 @@ export class WebInlineQRScanner implements QRScannerService {
       logger.error(
         `[WebInlineQRScanner:${this.id}] Checking camera permissions...`,
       );
-      const permissions = await navigator.permissions.query({
-        name: "camera" as PermissionName,
-      });
-      logger.error(
-        `[WebInlineQRScanner:${this.id}] Permission state:`,
-        permissions.state,
-      );
-      const granted = permissions.state === "granted";
-      this.updateCameraState(granted ? "ready" : "permission_denied");
-      return granted;
+
+      // First try the Permissions API if available
+      if (navigator.permissions && navigator.permissions.query) {
+        try {
+          const permissions = await navigator.permissions.query({
+            name: "camera" as PermissionName,
+          });
+          logger.error(
+            `[WebInlineQRScanner:${this.id}] Permission state from Permissions API:`,
+            permissions.state,
+          );
+          if (permissions.state === "granted") {
+            this.updateCameraState("ready", "Camera permissions granted");
+            return true;
+          }
+        } catch (permError) {
+          // Permissions API might not be supported, continue with getUserMedia check
+          logger.error(
+            `[WebInlineQRScanner:${this.id}] Permissions API not supported:`,
+            permError,
+          );
+        }
+      }
+
+      // If Permissions API is not available or didn't return granted,
+      // try a test getUserMedia call
+      try {
+        const testStream = await navigator.mediaDevices.getUserMedia({
+          video: true,
+        });
+        // If we get here, we have permission
+        testStream.getTracks().forEach((track) => track.stop());
+        this.updateCameraState("ready", "Camera permissions granted");
+        return true;
+      } catch (mediaError) {
+        const error = mediaError as Error;
+        logger.error(
+          `[WebInlineQRScanner:${this.id}] getUserMedia test failed:`,
+          {
+            name: error.name,
+            message: error.message,
+          },
+        );
+
+        if (
+          error.name === "NotAllowedError" ||
+          error.name === "PermissionDeniedError"
+        ) {
+          this.updateCameraState("permission_denied", "Camera access denied");
+          return false;
+        }
+        // For other errors, we'll try requesting permissions explicitly
+        return false;
+      }
     } catch (error) {
       logger.error(
         `[WebInlineQRScanner:${this.id}] Error checking camera permissions:`,
@@ -122,6 +166,7 @@ export class WebInlineQRScanner implements QRScannerService {
       logger.error(
         `[WebInlineQRScanner:${this.id}] Requesting camera permissions...`,
       );
+
       // First check if we have any video devices
       const devices = await navigator.mediaDevices.enumerateDevices();
       const videoDevices = devices.filter(
@@ -131,10 +176,12 @@ export class WebInlineQRScanner implements QRScannerService {
       logger.error(`[WebInlineQRScanner:${this.id}] Found video devices:`, {
         count: videoDevices.length,
         devices: videoDevices.map((d) => ({ id: d.deviceId, label: d.label })),
+        userAgent: navigator.userAgent,
       });
 
       if (videoDevices.length === 0) {
         logger.error(`[WebInlineQRScanner:${this.id}] No video devices found`);
+        this.updateCameraState("not_found", "No camera found on this device");
         throw new Error("No camera found on this device");
       }
 
@@ -148,58 +195,79 @@ export class WebInlineQRScanner implements QRScannerService {
         },
       );
 
-      const stream = await navigator.mediaDevices.getUserMedia({
-        video: {
-          facingMode: "environment",
-          width: { ideal: 1280 },
-          height: { ideal: 720 },
-        },
-      });
-
-      this.updateCameraState("ready", "Camera permissions granted");
-
-      // Stop the test stream immediately
-      stream.getTracks().forEach((track) => {
-        logger.error(`[WebInlineQRScanner:${this.id}] Stopping test track:`, {
-          kind: track.kind,
-          label: track.label,
-          readyState: track.readyState,
+      try {
+        const stream = await navigator.mediaDevices.getUserMedia({
+          video: {
+            facingMode: "environment",
+            width: { ideal: 1280 },
+            height: { ideal: 720 },
+          },
         });
-        track.stop();
-      });
-      return true;
+
+        this.updateCameraState("ready", "Camera permissions granted");
+
+        // Stop the test stream immediately
+        stream.getTracks().forEach((track) => {
+          logger.error(`[WebInlineQRScanner:${this.id}] Stopping test track:`, {
+            kind: track.kind,
+            label: track.label,
+            readyState: track.readyState,
+          });
+          track.stop();
+        });
+        return true;
+      } catch (mediaError) {
+        const error = mediaError as Error;
+        logger.error(
+          `[WebInlineQRScanner:${this.id}] Error requesting camera access:`,
+          {
+            name: error.name,
+            message: error.message,
+            userAgent: navigator.userAgent,
+          },
+        );
+
+        // Update state based on error type
+        if (
+          error.name === "NotFoundError" ||
+          error.name === "DevicesNotFoundError"
+        ) {
+          this.updateCameraState("not_found", "No camera found on this device");
+          throw new Error("No camera found on this device");
+        } else if (
+          error.name === "NotAllowedError" ||
+          error.name === "PermissionDeniedError"
+        ) {
+          this.updateCameraState("permission_denied", "Camera access denied");
+          throw new Error(
+            "Camera access denied. Please grant camera permission and try again",
+          );
+        } else if (
+          error.name === "NotReadableError" ||
+          error.name === "TrackStartError"
+        ) {
+          this.updateCameraState(
+            "in_use",
+            "Camera is in use by another application",
+          );
+          throw new Error("Camera is in use by another application");
+        } else {
+          this.updateCameraState("error", error.message);
+          throw new Error(`Camera error: ${error.message}`);
+        }
+      }
     } catch (error) {
       const wrappedError =
         error instanceof Error ? error : new Error(String(error));
-
-      // Update state based on error type
-      if (
-        wrappedError.name === "NotFoundError" ||
-        wrappedError.name === "DevicesNotFoundError"
-      ) {
-        this.updateCameraState("not_found", "No camera found on this device");
-        throw new Error("No camera found on this device");
-      } else if (
-        wrappedError.name === "NotAllowedError" ||
-        wrappedError.name === "PermissionDeniedError"
-      ) {
-        this.updateCameraState("permission_denied", "Camera access denied");
-        throw new Error(
-          "Camera access denied. Please grant camera permission and try again",
-        );
-      } else if (
-        wrappedError.name === "NotReadableError" ||
-        wrappedError.name === "TrackStartError"
-      ) {
-        this.updateCameraState(
-          "in_use",
-          "Camera is in use by another application",
-        );
-        throw new Error("Camera is in use by another application");
-      } else {
-        this.updateCameraState("error", wrappedError.message);
-        throw new Error(`Camera error: ${wrappedError.message}`);
-      }
+      logger.error(
+        `[WebInlineQRScanner:${this.id}] Error in requestPermissions:`,
+        {
+          error: wrappedError.message,
+          stack: wrappedError.stack,
+          userAgent: navigator.userAgent,
+        },
+      );
+      throw wrappedError;
     }
   }
 

src/services/database.d.ts

@@ -0,0 +1,29 @@
+import { DatabaseService } from "../interfaces/database";
+
+declare module "@jlongster/sql.js" {
+  interface SQL {
+    Database: unknown;
+    FS: unknown;
+    register_for_idb: (fs: unknown) => void;
+  }
+
+  function initSqlJs(config: {
+    locateFile: (file: string) => string;
+  }): Promise<SQL>;
+  export default initSqlJs;
+}
+
+declare module "absurd-sql" {
+  export class SQLiteFS {
+    constructor(fs: unknown, backend: unknown);
+  }
+}
+
+declare module "absurd-sql/dist/indexeddb-backend" {
+  export default class IndexedDBBackend {
+    constructor();
+  }
+}
+
+declare const databaseService: DatabaseService;
+export default databaseService;

src/services/database.ts

@@ -0,0 +1,163 @@
+// Add type declarations for external modules
+declare module "@jlongster/sql.js";
+declare module "absurd-sql";
+declare module "absurd-sql/dist/indexeddb-backend";
+
+import initSqlJs from "@jlongster/sql.js";
+import { SQLiteFS } from "absurd-sql";
+import IndexedDBBackend from "absurd-sql/dist/indexeddb-backend";
+
+import { runMigrations } from "../db-sql/migration";
+import type { QueryExecResult } from "../interfaces/database";
+import { logger } from "@/utils/logger";
+
+interface SQLDatabase {
+  exec: (sql: string, params?: unknown[]) => Promise<QueryExecResult[]>;
+  run: (
+    sql: string,
+    params?: unknown[],
+  ) => Promise<{ changes: number; lastId?: number }>;
+}
+
+class DatabaseService {
+  private static instance: DatabaseService | null = null;
+  private db: SQLDatabase | null;
+  private initialized: boolean;
+  private initializationPromise: Promise<void> | null = null;
+
+  private constructor() {
+    this.db = null;
+    this.initialized = false;
+  }
+
+  static getInstance(): DatabaseService {
+    if (!DatabaseService.instance) {
+      DatabaseService.instance = new DatabaseService();
+    }
+    return DatabaseService.instance;
+  }
+
+  async initialize(): Promise<void> {
+    // If already initialized, return immediately
+    if (this.initialized) {
+      return;
+    }
+
+    // If initialization is in progress, wait for it
+    if (this.initializationPromise) {
+      return this.initializationPromise;
+    }
+
+    // Start initialization
+    this.initializationPromise = this._initialize();
+    try {
+      await this.initializationPromise;
+    } catch (error) {
+      logger.error(`DatabaseService initialize method failed:`, error);
+      this.initializationPromise = null; // Reset on failure
+      throw error;
+    }
+  }
+
+  private async _initialize(): Promise<void> {
+    if (this.initialized) {
+      return;
+    }
+
+    const SQL = await initSqlJs({
+      locateFile: (file: string) => {
+        return new URL(
+          `/node_modules/@jlongster/sql.js/dist/${file}`,
+          import.meta.url,
+        ).href;
+      },
+    });
+
+    const sqlFS = new SQLiteFS(SQL.FS, new IndexedDBBackend());
+    SQL.register_for_idb(sqlFS);
+
+    SQL.FS.mkdir("/sql");
+    SQL.FS.mount(sqlFS, {}, "/sql");
+
+    const path = "/sql/db.sqlite";
+    if (typeof SharedArrayBuffer === "undefined") {
+      const stream = SQL.FS.open(path, "a+");
+      await stream.node.contents.readIfFallback();
+      SQL.FS.close(stream);
+    }
+
+    this.db = new SQL.Database(path, { filename: true });
+    if (!this.db) {
+      throw new Error(
+        "The database initialization failed. We recommend you restart or reinstall.",
+      );
+    }
+
+    await this.db.exec(`PRAGMA journal_mode=MEMORY;`);
+    const sqlExec = this.db.exec.bind(this.db);
+
+    // Run migrations
+    await runMigrations(sqlExec);
+
+    this.initialized = true;
+  }
+
+  private async waitForInitialization(): Promise<void> {
+    // If we have an initialization promise, wait for it
+    if (this.initializationPromise) {
+      await this.initializationPromise;
+      return;
+    }
+
+    // If not initialized and no promise, start initialization
+    if (!this.initialized) {
+      await this.initialize();
+      return;
+    }
+
+    // If initialized but no db, something went wrong
+    if (!this.db) {
+      logger.error(
+        `Database not properly initialized after await waitForInitialization() - initialized flag is true but db is null`,
+      );
+      throw new Error(
+        `The database could not be initialized. We recommend you restart or reinstall.`,
+      );
+    }
+  }
+
+  // Used for inserts, updates, and deletes
+  async run(
+    sql: string,
+    params: unknown[] = [],
+  ): Promise<{ changes: number; lastId?: number }> {
+    await this.waitForInitialization();
+    return this.db!.run(sql, params);
+  }
+
+  // Note that the resulting array may be empty if there are no results from the query
+  async query(sql: string, params: unknown[] = []): Promise<QueryExecResult[]> {
+    await this.waitForInitialization();
+    return this.db!.exec(sql, params);
+  }
+
+  async getOneRow(
+    sql: string,
+    params: unknown[] = [],
+  ): Promise<unknown[] | undefined> {
+    await this.waitForInitialization();
+    const result = await this.db!.exec(sql, params);
+    return result[0]?.values[0];
+  }
+
+  async all(sql: string, params: unknown[] = []): Promise<unknown[][]> {
+    await this.waitForInitialization();
+    const result = await this.db!.exec(sql, params);
+    return result[0]?.values || [];
+  }
+}
+
+// Create a singleton instance
+const databaseService = DatabaseService.getInstance();
+
+export default databaseService;

src/services/migrationService.ts

@@ -0,0 +1,72 @@
+import { logger } from "@/utils/logger";
+import { QueryExecResult } from "../interfaces/database";
+
+interface Migration {
+  name: string;
+  sql: string;
+}
+
+export class MigrationService {
+  private static instance: MigrationService;
+  private migrations: Migration[] = [];
+
+  private constructor() {}
+
+  static getInstance(): MigrationService {
+    if (!MigrationService.instance) {
+      MigrationService.instance = new MigrationService();
+    }
+    return MigrationService.instance;
+  }
+
+  async registerMigration(migration: Migration): Promise<void> {
+    this.migrations.push(migration);
+  }
+
+  async runMigrations(
+    sqlExec: (
+      sql: string,
+      params?: unknown[],
+    ) => Promise<Array<QueryExecResult>>,
+  ): Promise<void> {
+    // Create migrations table if it doesn't exist
+    await sqlExec(`
+      CREATE TABLE IF NOT EXISTS migrations (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        name TEXT NOT NULL UNIQUE,
+        executed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+      );
+    `);
+
+    // Get list of executed migrations
+    const result: QueryExecResult[] = await sqlExec(
+      "SELECT name FROM migrations;",
+    );
+    let executedMigrations: Set<unknown> = new Set();
+    // Even with that query, the QueryExecResult may be [] (which doesn't make sense to me).
+    if (result.length > 0) {
+      const singleResult = result[0];
+      executedMigrations = new Set(
+        singleResult.values.map((row: unknown[]) => row[0]),
+      );
+    }
+
+    // Run pending migrations in order
+    for (const migration of this.migrations) {
+      if (!executedMigrations.has(migration.name)) {
+        try {
+          await sqlExec(migration.sql);
+          await sqlExec("INSERT INTO migrations (name) VALUES (?)", [
+            migration.name,
+          ]);
+          logger.log(`Migration ${migration.name} executed successfully`);
+        } catch (error) {
+          logger.error(`Error executing migration ${migration.name}:`, error);
+          throw error;
+        }
+      }
+    }
+  }
+}
+
+export default MigrationService.getInstance();

src/services/platforms/CapacitorPlatformService.ts

@@ -7,6 +7,10 @@ import { Filesystem, Directory, Encoding } from "@capacitor/filesystem";
 import { Camera, CameraResultType, CameraSource } from "@capacitor/camera";
 import { Share } from "@capacitor/share";
 import { logger } from "../../utils/logger";
+import { Account } from "../../db/tables/accounts";
+import { Settings } from "../../db/tables/settings";
+import { db } from "../../db";
+import { Contact } from "../../db/tables/contacts";
 
 /**
  * Platform service implementation for Capacitor (mobile) platform.
@@ -476,4 +480,44 @@ export class CapacitorPlatformService implements PlatformService {
     // This is just a placeholder for the interface
     return Promise.resolve();
   }
+
+  // Account Management
+  async getAccounts(): Promise<Account[]> {
+    return await db.accounts.toArray();
+  }
+
+  async getAccount(did: string): Promise<Account | undefined> {
+    return await db.accounts.where("did").equals(did).first();
+  }
+
+  async addAccount(account: Account): Promise<void> {
+    await db.accounts.add(account);
+  }
+
+  // Settings Management
+  async updateMasterSettings(
+    settingsChanges: Partial<Settings>,
+  ): Promise<void> {
+    throw new Error("Not implemented");
+  }
+
+  async getActiveAccountSettings(): Promise<Settings> {
+    throw new Error("Not implemented");
+  }
+
+  async updateAccountSettings(
+    accountDid: string,
+    settingsChanges: Partial<Settings>,
+  ): Promise<void> {
+    throw new Error("Not implemented");
+  }
+
+  // Contact Management
+  async getContacts(): Promise<Contact[]> {
+    return await db.contacts.toArray();
+  }
+
+  async getAllContacts(): Promise<Contact[]> {
+    return await this.getContacts();
+  }
 }

src/services/platforms/ElectronPlatformService.ts

@@ -1,111 +1,102 @@
 import {
-  ImageResult,
   PlatformService,
   PlatformCapabilities,
+  SQLiteOperations,
+  SQLiteConfig,
+  PreparedStatement,
+  SQLiteResult,
+  ImageResult,
 } from "../PlatformService";
+import { BaseSQLiteService } from "../sqlite/BaseSQLiteService";
+import { app } from "electron";
+import { dialog } from "electron";
+import fs from "fs";
+import path from "path";
+import sqlite3 from "sqlite3";
+import { open, Database } from "sqlite";
 import { logger } from "../../utils/logger";
+import { Settings } from "../../db/tables/settings";
+import { Account } from "../../db/tables/accounts";
+import { Contact } from "../../db/tables/contacts";
+import { db } from "../../db";
+import { MASTER_SETTINGS_KEY } from "../../db/tables/settings";
+import { accountsDBPromise } from "../../db";
+import { accessToken } from "../../libs/crypto";
+import { getPlanFromCache as getPlanFromCacheImpl } from "../../libs/endorserServer";
+import { PlanSummaryRecord } from "../../interfaces/records";
+import { Axios } from "axios";
+
+// Create Promise-based versions of fs functions
+const readFileAsync = (filePath: string, encoding: BufferEncoding): Promise<string> => {
+  return new Promise((resolve, reject) => {
+    fs.readFile(filePath, { encoding }, (err: NodeJS.ErrnoException | null, data: string) => {
+      if (err) reject(err);
+      else resolve(data);
+    });
+  });
+};
+
+const readFileBufferAsync = (filePath: string): Promise<Buffer> => {
+  return new Promise((resolve, reject) => {
+    fs.readFile(filePath, (err: NodeJS.ErrnoException | null, data: Buffer) => {
+      if (err) reject(err);
+      else resolve(data);
+    });
+  });
+};
+
+const writeFileAsync = (filePath: string, data: string, encoding: BufferEncoding): Promise<void> => {
+  return new Promise((resolve, reject) => {
+    fs.writeFile(filePath, data, { encoding }, (err: NodeJS.ErrnoException | null) => {
+      if (err) reject(err);
+      else resolve();
+    });
+  });
+};
+
+const unlinkAsync = (filePath: string): Promise<void> => {
+  return new Promise((resolve, reject) => {
+    fs.unlink(filePath, (err: NodeJS.ErrnoException | null) => {
+      if (err) reject(err);
+      else resolve();
+    });
+  });
+};
+
+const readdirAsync = (dirPath: string): Promise<string[]> => {
+  return new Promise((resolve, reject) => {
+    fs.readdir(dirPath, (err: NodeJS.ErrnoException | null, files: string[]) => {
+      if (err) reject(err);
+      else resolve(files);
+    });
+  });
+};
+
+const statAsync = (filePath: string): Promise<fs.Stats> => {
+  return new Promise((resolve, reject) => {
+    fs.stat(filePath, (err: NodeJS.ErrnoException | null, stats: fs.Stats) => {
+      if (err) reject(err);
+      else resolve(stats);
+    });
+  });
+};
+
+interface SQLiteDatabase extends Database {
+  changes: number;
+}
 
 /**
- * Platform service implementation for Electron (desktop) platform.
- * Note: This is a placeholder implementation with most methods currently unimplemented.
- * Implements the PlatformService interface but throws "Not implemented" errors for most operations.
- *
- * @remarks
- * This service is intended for desktop application functionality through Electron.
- * Future implementations should provide:
- * - Native file system access
- * - Desktop camera integration
- * - System-level features
+ * SQLite implementation for Electron using native sqlite3
  */
-export class ElectronPlatformService implements PlatformService {
-  /**
-   * Gets the capabilities of the Electron platform
-   * @returns Platform capabilities object
-   */
-  getCapabilities(): PlatformCapabilities {
-    return {
-      hasFileSystem: false, // Not implemented yet
-      hasCamera: false, // Not implemented yet
-      isMobile: false,
-      isIOS: false,
-      hasFileDownload: false, // Not implemented yet
-      needsFileHandlingInstructions: false,
-    };
-  }
+class ElectronSQLiteService extends BaseSQLiteService {
+  private db: SQLiteDatabase | null = null;
+  private config: SQLiteConfig | null = null;
 
-  /**
-   * Reads a file from the filesystem.
-   * @param _path - Path to the file to read
-   * @returns Promise that should resolve to file contents
-   * @throws Error with "Not implemented" message
-   * @todo Implement file reading using Electron's file system API
-   */
-  async readFile(_path: string): Promise<string> {
-    throw new Error("Not implemented");
-  }
-
-  /**
-   * Writes content to a file.
-   * @param _path - Path where to write the file
-   * @param _content - Content to write to the file
-   * @throws Error with "Not implemented" message
-   * @todo Implement file writing using Electron's file system API
-   */
-  async writeFile(_path: string, _content: string): Promise<void> {
-    throw new Error("Not implemented");
-  }
-
-  /**
-   * Deletes a file from the filesystem.
-   * @param _path - Path to the file to delete
-   * @throws Error with "Not implemented" message
-   * @todo Implement file deletion using Electron's file system API
-   */
-  async deleteFile(_path: string): Promise<void> {
-    throw new Error("Not implemented");
-  }
-
-  /**
-   * Lists files in the specified directory.
-   * @param _directory - Path to the directory to list
-   * @returns Promise that should resolve to array of filenames
-   * @throws Error with "Not implemented" message
-   * @todo Implement directory listing using Electron's file system API
-   */
-  async listFiles(_directory: string): Promise<string[]> {
-    throw new Error("Not implemented");
-  }
-
-  /**
-   * Should open system camera to take a picture.
-   * @returns Promise that should resolve to captured image data
-   * @throws Error with "Not implemented" message
-   * @todo Implement camera access using Electron's media APIs
-   */
-  async takePicture(): Promise<ImageResult> {
-    logger.error("takePicture not implemented in Electron platform");
-    throw new Error("Not implemented");
-  }
-
-  /**
-   * Should open system file picker for selecting an image.
-   * @returns Promise that should resolve to selected image data
-   * @throws Error with "Not implemented" message
-   * @todo Implement file picker using Electron's dialog API
-   */
-  async pickImage(): Promise<ImageResult> {
-    logger.error("pickImage not implemented in Electron platform");
-    throw new Error("Not implemented");
-  }
-
-  /**
-   * Should handle deep link URLs for the desktop application.
-   * @param _url - The deep link URL to handle
-   * @throws Error with "Not implemented" message
-   * @todo Implement deep link handling using Electron's protocol handler
-   */
-  async handleDeepLink(_url: string): Promise<void> {
-    logger.error("handleDeepLink not implemented in Electron platform");
-    throw new Error("Not implemented");
-  }
+  // ... rest of the ElectronSQLiteService implementation ...
 }
+
+export class ElectronPlatformService implements PlatformService {
+  private sqliteService: ElectronSQLiteService | null = null;
+
+  // ... rest of the ElectronPlatformService implementation ...
+} 

src/services/platforms/PyWebViewPlatformService.ts

@@ -4,6 +4,10 @@ import {
   PlatformCapabilities,
 } from "../PlatformService";
 import { logger } from "../../utils/logger";
+import { Account } from "../../db/tables/accounts";
+import { Settings } from "../../db/tables/settings";
+import { db } from "../../db";
+import { Contact } from "../../db/tables/contacts";
 
 /**
  * Platform service implementation for PyWebView platform.
@@ -109,4 +113,44 @@ export class PyWebViewPlatformService implements PlatformService {
     logger.error("handleDeepLink not implemented in PyWebView platform");
     throw new Error("Not implemented");
   }
+
+  // Account Management
+  async getAccounts(): Promise<Account[]> {
+    return await db.accounts.toArray();
+  }
+
+  async getAccount(did: string): Promise<Account | undefined> {
+    return await db.accounts.where("did").equals(did).first();
+  }
+
+  async addAccount(account: Account): Promise<void> {
+    await db.accounts.add(account);
+  }
+
+  // Settings Management
+  async updateMasterSettings(
+    settingsChanges: Partial<Settings>,
+  ): Promise<void> {
+    throw new Error("Not implemented");
+  }
+
+  async getActiveAccountSettings(): Promise<Settings> {
+    throw new Error("Not implemented");
+  }
+
+  async updateAccountSettings(
+    accountDid: string,
+    settingsChanges: Partial<Settings>,
+  ): Promise<void> {
+    throw new Error("Not implemented");
+  }
+
+  // Contact Management
+  async getContacts(): Promise<Contact[]> {
+    return await db.contacts.toArray();
+  }
+
+  async getAllContacts(): Promise<Contact[]> {
+    return await this.getContacts();
+  }
 }

src/services/platforms/WebPlatformService.ts

@@ -2,8 +2,20 @@ import {
   ImageResult,
   PlatformService,
   PlatformCapabilities,
+  SQLiteOperations,
 } from "../PlatformService";
+import { Settings } from "../../db/tables/settings";
+import { MASTER_SETTINGS_KEY } from "../../db/tables/settings";
+import { db } from "../../db";
 import { logger } from "../../utils/logger";
+import { Account } from "../../db/tables/accounts";
+import { Contact } from "../../db/tables/contacts";
+import { WebSQLiteService } from "../sqlite/WebSQLiteService";
+import { accountsDBPromise } from "../../db";
+import { accessToken } from "../../libs/crypto";
+import { getPlanFromCache as getPlanFromCacheImpl } from "../../libs/endorserServer";
+import { PlanSummaryRecord } from "../../interfaces/records";
+import { Axios } from "axios";
 
 /**
  * Platform service implementation for web browser platform.
@@ -19,6 +31,8 @@ import { logger } from "../../utils/logger";
  * due to browser security restrictions. These methods throw appropriate errors.
  */
 export class WebPlatformService implements PlatformService {
+  private sqliteService: WebSQLiteService | null = null;
+
   /**
    * Gets the capabilities of the web platform
    * @returns Platform capabilities object
@@ -26,11 +40,17 @@ export class WebPlatformService implements PlatformService {
   getCapabilities(): PlatformCapabilities {
     return {
       hasFileSystem: false,
-      hasCamera: true, // Through file input with capture
-      isMobile: /iPhone|iPad|iPod|Android/i.test(navigator.userAgent),
-      isIOS: /iPad|iPhone|iPod/.test(navigator.userAgent),
+      hasCamera: true,
+      isMobile: false,
+      isIOS: false,
       hasFileDownload: true,
       needsFileHandlingInstructions: false,
+      sqlite: {
+        supported: true,
+        runsInWorker: true,
+        hasSharedArrayBuffer: typeof SharedArrayBuffer !== "undefined",
+        supportsWAL: true,
+      },
     };
   }
 
@@ -359,4 +379,139 @@ export class WebPlatformService implements PlatformService {
   async writeAndShareFile(_fileName: string, _content: string): Promise<void> {
     throw new Error("File system access not available in web platform");
   }
+
+  async updateMasterSettings(
+    settingsChanges: Partial<Settings>,
+  ): Promise<void> {
+    try {
+      delete settingsChanges.accountDid; // just in case
+      delete settingsChanges.id; // ensure there is no "id" that would override the key
+
+      await db.settings.update(MASTER_SETTINGS_KEY, settingsChanges);
+    } catch (error) {
+      logger.error("Error updating master settings:", error);
+      throw new Error(
+        `Failed to update settings. We recommend you try again or restart the app.`,
+      );
+    }
+  }
+
+  async getActiveAccountSettings(): Promise<Settings> {
+    const defaultSettings = (await db.settings.get(MASTER_SETTINGS_KEY)) || {};
+    if (!defaultSettings.activeDid) {
+      return defaultSettings;
+    }
+
+    const overrideSettings =
+      (await db.settings
+        .where("accountDid")
+        .equals(defaultSettings.activeDid)
+        .first()) || {};
+
+    return { ...defaultSettings, ...overrideSettings };
+  }
+
+  async updateAccountSettings(
+    accountDid: string,
+    settingsChanges: Partial<Settings>,
+  ): Promise<void> {
+    settingsChanges.accountDid = accountDid;
+    delete settingsChanges.id; // key off account, not ID
+
+    const result = await db.settings
+      .where("accountDid")
+      .equals(accountDid)
+      .modify(settingsChanges);
+
+    if (result === 0) {
+      // If no record was updated, create a new one
+      settingsChanges.id = (await db.settings.count()) + 1;
+      await db.settings.add(settingsChanges);
+    }
+  }
+
+  // Account Management
+  async getAccounts(): Promise<Account[]> {
+    const accountsDB = await accountsDBPromise;
+    return await accountsDB.accounts.toArray();
+  }
+
+  async getAccount(did: string): Promise<Account | undefined> {
+    const accountsDB = await accountsDBPromise;
+    return await accountsDB.accounts.where("did").equals(did).first();
+  }
+
+  async addAccount(account: Account): Promise<void> {
+    const accountsDB = await accountsDBPromise;
+    await accountsDB.accounts.add(account);
+  }
+
+  // Contact Management
+  async getContacts(): Promise<Contact[]> {
+    return await db.contacts.toArray();
+  }
+
+  async getAllContacts(): Promise<Contact[]> {
+    return await this.getContacts();
+  }
+
+  async getHeaders(did?: string): Promise<Record<string, string>> {
+    const headers: Record<string, string> = {
+      "Content-Type": "application/json",
+    };
+
+    if (did) {
+      try {
+        const account = await this.getAccount(did);
+        if (account?.passkeyCredIdHex) {
+          // Handle passkey authentication
+          const token = await this.getPasskeyToken(did);
+          headers["Authorization"] = `Bearer ${token}`;
+        } else {
+          // Handle regular authentication
+          const token = await this.getAccessToken(did);
+          headers["Authorization"] = `Bearer ${token}`;
+        }
+      } catch (error) {
+        logger.error("Failed to get headers:", error);
+      }
+    }
+
+    return headers;
+  }
+
+  private async getPasskeyToken(did: string): Promise<string> {
+    // For now, use the same token mechanism as regular auth
+    // TODO: Implement proper passkey authentication
+    return this.getAccessToken(did);
+  }
+
+  private async getAccessToken(did: string): Promise<string> {
+    try {
+      const token = await accessToken(did);
+      if (!token) {
+        throw new Error("Failed to generate access token");
+      }
+      return token;
+    } catch (error) {
+      logger.error("Error getting access token:", error);
+      throw new Error("Failed to get access token: " + (error instanceof Error ? error.message : String(error)));
+    }
+  }
+
+  async getSQLite(): Promise<SQLiteOperations> {
+    if (!this.sqliteService) {
+      this.sqliteService = new WebSQLiteService();
+    }
+    return this.sqliteService;
+  }
+
+  async getPlanFromCache(
+    handleId: string | undefined,
+    axios: Axios,
+    apiServer: string,
+    requesterDid?: string,
+  ): Promise<PlanSummaryRecord | undefined> {
+    return getPlanFromCacheImpl(handleId, axios, apiServer, requesterDid);
+  }
 }

src/services/sqlite/AbsurdSQLService.ts

@@ -0,0 +1,248 @@
+import initSqlJs, { Database } from "@jlongster/sql.js";
+import { SQLiteFS } from "absurd-sql";
+import { IndexedDBBackend } from "absurd-sql/dist/indexeddb-backend";
+import { BaseSQLiteService } from "./BaseSQLiteService";
+import {
+  SQLiteConfig,
+  SQLiteResult,
+  PreparedStatement,
+} from "../PlatformService";
+import { logger } from "../../utils/logger";
+
+/**
+ * SQLite implementation using absurd-sql for web browsers.
+ * Provides SQLite access in the browser using Web Workers and IndexedDB.
+ */
+export class AbsurdSQLService extends BaseSQLiteService {
+  private db: Database | null = null;
+  private worker: Worker | null = null;
+  private config: SQLiteConfig | null = null;
+
+  async initialize(config: SQLiteConfig): Promise<void> {
+    if (this.initialized) {
+      return;
+    }
+
+    try {
+      this.config = config;
+      const SQL = await initSqlJs({
+        locateFile: (file) => `/sql-wasm/${file}`,
+      });
+
+      // Initialize the virtual file system
+      const backend = new IndexedDBBackend(this.config.name);
+      const fs = new SQLiteFS(SQL.FS, backend);
+      SQL.register_for_idb(fs);
+
+      // Create and initialize the database
+      this.db = new SQL.Database(this.config.name, {
+        filename: true,
+      });
+
+      // Configure database settings
+      if (this.config.useWAL) {
+        await this.execute("PRAGMA journal_mode = WAL");
+        this.stats.walMode = true;
+      }
+
+      if (this.config.useMMap) {
+        const mmapSize = this.config.mmapSize ?? 30000000000;
+        await this.execute(`PRAGMA mmap_size = ${mmapSize}`);
+        this.stats.mmapActive = true;
+      }
+
+      // Set other pragmas for performance
+      await this.execute("PRAGMA synchronous = NORMAL");
+      await this.execute("PRAGMA temp_store = MEMORY");
+      await this.execute("PRAGMA cache_size = -2000"); // Use 2MB of cache
+
+      // Start the Web Worker for async operations
+      this.worker = new Worker(new URL("./sqlite.worker.ts", import.meta.url), {
+        type: "module",
+      });
+
+      this.initialized = true;
+      await this.updateStats();
+    } catch (error) {
+      logger.error("Failed to initialize Absurd SQL:", error);
+      throw error;
+    }
+  }
+
+  async close(): Promise<void> {
+    if (!this.initialized || !this.db) {
+      return;
+    }
+
+    try {
+      // Finalize all prepared statements
+      for (const [_sql, stmt] of this.preparedStatements) {
+        logger.debug("finalizing statement", _sql);
+        await stmt.finalize();
+      }
+      this.preparedStatements.clear();
+
+      // Close the database
+      this.db.close();
+      this.db = null;
+
+      // Terminate the worker
+      if (this.worker) {
+        this.worker.terminate();
+        this.worker = null;
+      }
+
+      this.initialized = false;
+    } catch (error) {
+      logger.error("Failed to close Absurd SQL connection:", error);
+      throw error;
+    }
+  }
+
+  protected async _executeQuery<T>(
+    sql: string,
+    params: unknown[] = [],
+    operation: "query" | "execute" = "query",
+  ): Promise<SQLiteResult<T>> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+
+    try {
+      let lastInsertId: number | undefined = undefined;
+
+      if (operation === "query") {
+        const stmt = this.db.prepare(sql);
+        const rows: T[] = [];
+
+        try {
+          while (stmt.step()) {
+            rows.push(stmt.getAsObject() as T);
+          }
+        } finally {
+          stmt.free();
+        }
+
+        // Get last insert ID safely
+        const result = this.db.exec("SELECT last_insert_rowid() AS id");
+        lastInsertId =
+          (result?.[0]?.values?.[0]?.[0] as number | undefined) ?? undefined;
+
+        return {
+          rows,
+          rowsAffected: this.db.getRowsModified(),
+          lastInsertId,
+          executionTime: 0, // Will be set by base class
+        };
+      } else {
+        this.db.run(sql, params);
+
+        // Get last insert ID after execute
+        const result = this.db.exec("SELECT last_insert_rowid() AS id");
+        lastInsertId =
+          (result?.[0]?.values?.[0]?.[0] as number | undefined) ?? undefined;
+
+        return {
+          rows: [],
+          rowsAffected: this.db.getRowsModified(),
+          lastInsertId,
+          executionTime: 0,
+        };
+      }
+    } catch (error) {
+      logger.error("Absurd SQL query failed:", {
+        sql,
+        params,
+        error: error instanceof Error ? error.message : String(error),
+      });
+      throw error;
+    }
+  }
+
+  protected async _beginTransaction(): Promise<void> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+    this.db.exec("BEGIN TRANSACTION");
+  }
+
+  protected async _commitTransaction(): Promise<void> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+    this.db.exec("COMMIT");
+  }
+
+  protected async _rollbackTransaction(): Promise<void> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+    this.db.exec("ROLLBACK");
+  }
+
+  protected async _prepareStatement<T>(
+    _sql: string,
+  ): Promise<PreparedStatement<T>> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+
+    const stmt = this.db.prepare(_sql);
+    return {
+      execute: async (params: unknown[] = []) => {
+        if (!this.db) {
+          throw new Error("Database not initialized");
+        }
+
+        try {
+          const rows: T[] = [];
+          stmt.bind(params);
+          while (stmt.step()) {
+            rows.push(stmt.getAsObject() as T);
+          }
+
+          // Safely extract lastInsertId
+          const result = this.db.exec("SELECT last_insert_rowid()");
+          const rawId = result?.[0]?.values?.[0]?.[0];
+          const lastInsertId = typeof rawId === "number" ? rawId : undefined;
+
+          return {
+            rows,
+            rowsAffected: this.db.getRowsModified(),
+            lastInsertId,
+            executionTime: 0, // Will be set by base class
+          };
+        } finally {
+          stmt.reset();
+        }
+      },
+      finalize: async () => {
+        stmt.free();
+      },
+    };
+  }
+
+  protected async _finalizeStatement(_sql: string): Promise<void> {
+    // Statements are finalized when the PreparedStatement is finalized
+  }
+
+  async getDatabaseSize(): Promise<number> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+
+    try {
+      const result = this.db.exec(
+        "SELECT page_count * page_size as size FROM pragma_page_count(), pragma_page_size()",
+      );
+
+      const rawSize = result?.[0]?.values?.[0]?.[0];
+      const size = typeof rawSize === "number" ? rawSize : 0;
+
+      return size;
+    } catch (error) {
+      logger.error("Failed to get database size:", error);
+      return 0;
+    }
+  }
+}

src/services/sqlite/BaseSQLiteService.ts

@@ -0,0 +1,383 @@
+import {
+  SQLiteOperations,
+  SQLiteConfig,
+  SQLiteResult,
+  PreparedStatement,
+  SQLiteStats,
+} from "../PlatformService";
+import { Settings, MASTER_SETTINGS_KEY } from "../../db/tables/settings";
+import { logger } from "../../utils/logger";
+
+/**
+ * Base class for SQLite implementations across different platforms.
+ * Provides common functionality and error handling.
+ */
+export abstract class BaseSQLiteService implements SQLiteOperations {
+  protected initialized = false;
+  protected stats: SQLiteStats = {
+    totalQueries: 0,
+    avgExecutionTime: 0,
+    preparedStatements: 0,
+    databaseSize: 0,
+    walMode: false,
+    mmapActive: false,
+  };
+  protected preparedStatements: Map<string, PreparedStatement<unknown>> =
+    new Map();
+
+  abstract initialize(config: SQLiteConfig): Promise<void>;
+  abstract close(): Promise<void>;
+  abstract getDatabaseSize(): Promise<number>;
+
+  protected async executeQuery<T>(
+    sql: string,
+    params: unknown[] = [],
+    operation: "query" | "execute" = "query",
+  ): Promise<SQLiteResult<T>> {
+    if (!this.initialized) {
+      throw new Error("SQLite database not initialized");
+    }
+
+    const startTime = performance.now();
+    try {
+      const result = await this._executeQuery<T>(sql, params, operation);
+      const executionTime = performance.now() - startTime;
+
+      // Update stats
+      this.stats.totalQueries++;
+      this.stats.avgExecutionTime =
+        (this.stats.avgExecutionTime * (this.stats.totalQueries - 1) +
+          executionTime) /
+        this.stats.totalQueries;
+
+      return {
+        ...result,
+        executionTime,
+      };
+    } catch (error) {
+      logger.error("SQLite query failed:", {
+        sql,
+        params,
+        error: error instanceof Error ? error.message : String(error),
+      });
+      throw error;
+    }
+  }
+
+  protected abstract _executeQuery<T>(
+    sql: string,
+    params: unknown[],
+    operation: "query" | "execute",
+  ): Promise<SQLiteResult<T>>;
+
+  async query<T>(
+    sql: string,
+    params: unknown[] = [],
+  ): Promise<SQLiteResult<T>> {
+    return this.executeQuery<T>(sql, params, "query");
+  }
+
+  async execute(sql: string, params: unknown[] = []): Promise<number> {
+    const result = await this.executeQuery<unknown>(sql, params, "execute");
+    return result.rowsAffected;
+  }
+
+  async transaction(
+    statements: { sql: string; params?: unknown[] }[],
+  ): Promise<void> {
+    if (!this.initialized) {
+      throw new Error("SQLite database not initialized");
+    }
+
+    try {
+      await this._beginTransaction();
+      for (const { sql, params = [] } of statements) {
+        await this.executeQuery(sql, params, "execute");
+      }
+      await this._commitTransaction();
+    } catch (error) {
+      await this._rollbackTransaction();
+      throw error;
+    }
+  }
+
+  protected abstract _beginTransaction(): Promise<void>;
+  protected abstract _commitTransaction(): Promise<void>;
+  protected abstract _rollbackTransaction(): Promise<void>;
+
+  async getMaxValue<T>(
+    table: string,
+    column: string,
+    where?: string,
+    params: unknown[] = [],
+  ): Promise<T | null> {
+    const sql = `SELECT MAX(${column}) as max_value FROM ${table}${where ? ` WHERE ${where}` : ""}`;
+    const result = await this.query<{ max_value: T }>(sql, params);
+    return result.rows[0]?.max_value ?? null;
+  }
+
+  async prepare<T>(sql: string): Promise<PreparedStatement<T>> {
+    if (!this.initialized) {
+      throw new Error("SQLite database not initialized");
+    }
+
+    const stmt = await this._prepareStatement<T>(sql);
+    this.stats.preparedStatements++;
+    this.preparedStatements.set(sql, stmt);
+
+    return {
+      execute: async (params: unknown[] = []) => {
+        return this.executeQuery<T>(sql, params, "query");
+      },
+      finalize: async () => {
+        await this._finalizeStatement(sql);
+        this.preparedStatements.delete(sql);
+        this.stats.preparedStatements--;
+      },
+    };
+  }
+
+  protected abstract _prepareStatement<T>(
+    sql: string,
+  ): Promise<PreparedStatement<T>>;
+  protected abstract _finalizeStatement(sql: string): Promise<void>;
+
+  async getStats(): Promise<SQLiteStats> {
+    return {
+      ...this.stats,
+      databaseSize: await this.getDatabaseSize(),
+    };
+  }
+
+  protected async updateStats(): Promise<void> {
+    this.stats.databaseSize = await this.getDatabaseSize();
+    // Platform-specific stats updates can be implemented in subclasses
+  }
+
+  protected async setupSchema(): Promise<void> {
+    await this.execute(`
+      CREATE TABLE IF NOT EXISTS settings (
+        id INTEGER PRIMARY KEY,
+        accountDid TEXT,
+        activeDid TEXT,
+        apiServer TEXT,
+        filterFeedByNearby INTEGER,
+        filterFeedByVisible INTEGER,
+        finishedOnboarding INTEGER,
+        firstName TEXT,
+        hideRegisterPromptOnNewContact INTEGER,
+        isRegistered INTEGER,
+        lastName TEXT,
+        lastAckedOfferToUserJwtId TEXT,
+        lastAckedOfferToUserProjectsJwtId TEXT,
+        lastNotifiedClaimId TEXT,
+        lastViewedClaimId TEXT,
+        notifyingNewActivityTime TEXT,
+        notifyingReminderMessage TEXT,
+        notifyingReminderTime TEXT,
+        partnerApiServer TEXT,
+        passkeyExpirationMinutes INTEGER,
+        profileImageUrl TEXT,
+        searchBoxes TEXT,
+        showContactGivesInline INTEGER,
+        showGeneralAdvanced INTEGER,
+        showShortcutBvc INTEGER,
+        vapid TEXT,
+        warnIfProdServer INTEGER,
+        warnIfTestServer INTEGER,
+        webPushServer TEXT
+      )
+    `);
+  }
+
+  protected async settingsToRow(
+    settings: Partial<Settings>,
+  ): Promise<Record<string, unknown>> {
+    const row: Record<string, unknown> = {};
+
+    // Convert boolean values to integers for SQLite
+    if ("filterFeedByNearby" in settings)
+      row.filterFeedByNearby = settings.filterFeedByNearby ? 1 : 0;
+    if ("filterFeedByVisible" in settings)
+      row.filterFeedByVisible = settings.filterFeedByVisible ? 1 : 0;
+    if ("finishedOnboarding" in settings)
+      row.finishedOnboarding = settings.finishedOnboarding ? 1 : 0;
+    if ("hideRegisterPromptOnNewContact" in settings)
+      row.hideRegisterPromptOnNewContact =
+        settings.hideRegisterPromptOnNewContact ? 1 : 0;
+    if ("isRegistered" in settings)
+      row.isRegistered = settings.isRegistered ? 1 : 0;
+    if ("showContactGivesInline" in settings)
+      row.showContactGivesInline = settings.showContactGivesInline ? 1 : 0;
+    if ("showGeneralAdvanced" in settings)
+      row.showGeneralAdvanced = settings.showGeneralAdvanced ? 1 : 0;
+    if ("showShortcutBvc" in settings)
+      row.showShortcutBvc = settings.showShortcutBvc ? 1 : 0;
+    if ("warnIfProdServer" in settings)
+      row.warnIfProdServer = settings.warnIfProdServer ? 1 : 0;
+    if ("warnIfTestServer" in settings)
+      row.warnIfTestServer = settings.warnIfTestServer ? 1 : 0;
+
+    // Handle JSON fields
+    if ("searchBoxes" in settings)
+      row.searchBoxes = JSON.stringify(settings.searchBoxes);
+
+    // Copy all other fields as is
+    Object.entries(settings).forEach(([key, value]) => {
+      if (!(key in row)) {
+        row[key] = value;
+      }
+    });
+
+    return row;
+  }
+
+  protected async rowToSettings(
+    row: Record<string, unknown>,
+  ): Promise<Settings> {
+    const settings: Settings = {};
+
+    // Convert integer values back to booleans
+    if ("filterFeedByNearby" in row)
+      settings.filterFeedByNearby = !!row.filterFeedByNearby;
+    if ("filterFeedByVisible" in row)
+      settings.filterFeedByVisible = !!row.filterFeedByVisible;
+    if ("finishedOnboarding" in row)
+      settings.finishedOnboarding = !!row.finishedOnboarding;
+    if ("hideRegisterPromptOnNewContact" in row)
+      settings.hideRegisterPromptOnNewContact =
+        !!row.hideRegisterPromptOnNewContact;
+    if ("isRegistered" in row) settings.isRegistered = !!row.isRegistered;
+    if ("showContactGivesInline" in row)
+      settings.showContactGivesInline = !!row.showContactGivesInline;
+    if ("showGeneralAdvanced" in row)
+      settings.showGeneralAdvanced = !!row.showGeneralAdvanced;
+    if ("showShortcutBvc" in row)
+      settings.showShortcutBvc = !!row.showShortcutBvc;
+    if ("warnIfProdServer" in row)
+      settings.warnIfProdServer = !!row.warnIfProdServer;
+    if ("warnIfTestServer" in row)
+      settings.warnIfTestServer = !!row.warnIfTestServer;
+
+    // Parse JSON fields
+    if ("searchBoxes" in row && row.searchBoxes) {
+      try {
+        settings.searchBoxes = JSON.parse(row.searchBoxes);
+      } catch (error) {
+        logger.error("Error parsing searchBoxes JSON:", error);
+      }
+    }
+
+    // Copy all other fields as is
+    Object.entries(row).forEach(([key, value]) => {
+      if (!(key in settings)) {
+        (settings as Record<string, unknown>)[key] = value;
+      }
+    });
+
+    return settings;
+  }
+
+  async updateMasterSettings(
+    settingsChanges: Partial<Settings>,
+  ): Promise<void> {
+    try {
+      const row = await this.settingsToRow(settingsChanges);
+      row.id = MASTER_SETTINGS_KEY;
+      delete row.accountDid;
+
+      const result = await this.execute(
+        `UPDATE settings SET ${Object.keys(row)
+          .map((k) => `${k} = ?`)
+          .join(", ")} WHERE id = ?`,
+        [...Object.values(row), MASTER_SETTINGS_KEY],
+      );
+
+      if (result === 0) {
+        // If no record was updated, create a new one
+        await this.execute(
+          `INSERT INTO settings (${Object.keys(row).join(", ")}) VALUES (${Object.keys(
+            row,
+          )
+            .map(() => "?")
+            .join(", ")})`,
+          Object.values(row),
+        );
+      }
+    } catch (error) {
+      logger.error("Error updating master settings:", error);
+      throw new Error("Failed to update settings");
+    }
+  }
+
+  async getActiveAccountSettings(): Promise<Settings> {
+    try {
+      const defaultSettings = await this.query<Record<string, unknown>>(
+        "SELECT * FROM settings WHERE id = ?",
+        [MASTER_SETTINGS_KEY],
+      );
+
+      if (!defaultSettings.rows.length) {
+        return {};
+      }
+
+      const settings = await this.rowToSettings(defaultSettings.rows[0]);
+
+      if (!settings.activeDid) {
+        return settings;
+      }
+
+      const overrideSettings = await this.query<Record<string, unknown>>(
+        "SELECT * FROM settings WHERE accountDid = ?",
+        [settings.activeDid],
+      );
+
+      if (!overrideSettings.rows.length) {
+        return settings;
+      }
+
+      const override = await this.rowToSettings(overrideSettings.rows[0]);
+      return { ...settings, ...override };
+    } catch (error) {
+      logger.error("Error getting active account settings:", error);
+      throw new Error("Failed to get settings");
+    }
+  }
+
+  async updateAccountSettings(
+    accountDid: string,
+    settingsChanges: Partial<Settings>,
+  ): Promise<void> {
+    try {
+      const row = await this.settingsToRow(settingsChanges);
+      row.accountDid = accountDid;
+
+      const result = await this.execute(
+        `UPDATE settings SET ${Object.keys(row)
+          .map((k) => `${k} = ?`)
+          .join(", ")} WHERE accountDid = ?`,
+        [...Object.values(row), accountDid],
+      );
+
+      if (result === 0) {
+        // If no record was updated, create a new one
+        const idResult = await this.query<{ max: number }>(
+          "SELECT MAX(id) as max FROM settings",
+        );
+        row.id = (idResult.rows[0]?.max || 0) + 1;
+
+        await this.execute(
+          `INSERT INTO settings (${Object.keys(row).join(", ")}) VALUES (${Object.keys(
+            row,
+          )
+            .map(() => "?")
+            .join(", ")})`,
+          Object.values(row),
+        );
+      }
+    } catch (error) {
+      logger.error("Error updating account settings:", error);
+      throw new Error("Failed to update settings");
+    }
+  }
+}

src/services/sqlite/CapacitorSQLiteService.ts

@@ -0,0 +1,176 @@
+import {
+  CapacitorSQLite,
+  SQLiteConnection,
+  SQLiteDBConnection,
+} from "@capacitor-community/sqlite";
+import { BaseSQLiteService } from "./BaseSQLiteService";
+import {
+  SQLiteConfig,
+  SQLiteResult,
+  PreparedStatement,
+} from "../PlatformService";
+import { logger } from "../../utils/logger";
+
+/**
+ * SQLite implementation using the Capacitor SQLite plugin.
+ * Provides native SQLite access on mobile platforms.
+ */
+export class CapacitorSQLiteService extends BaseSQLiteService {
+  private connection: SQLiteDBConnection | null = null;
+  private sqlite: SQLiteConnection | null = null;
+
+  async initialize(config: SQLiteConfig): Promise<void> {
+    if (this.initialized) {
+      return;
+    }
+
+    try {
+      this.sqlite = new SQLiteConnection(CapacitorSQLite);
+      const db = await this.sqlite.createConnection(
+        config.name,
+        config.useWAL ?? false,
+        "no-encryption",
+        1,
+        false,
+      );
+
+      await db.open();
+      this.connection = db;
+
+      // Configure database settings
+      if (config.useWAL) {
+        await this.execute("PRAGMA journal_mode = WAL");
+        this.stats.walMode = true;
+      }
+
+      // Set other pragmas for performance
+      await this.execute("PRAGMA synchronous = NORMAL");
+      await this.execute("PRAGMA temp_store = MEMORY");
+      await this.execute("PRAGMA mmap_size = 30000000000");
+      this.stats.mmapActive = true;
+
+      // Set up database schema
+      await this.setupSchema();
+
+      this.initialized = true;
+      await this.updateStats();
+    } catch (error) {
+      logger.error("Failed to initialize Capacitor SQLite:", error);
+      throw error;
+    }
+  }
+
+  async close(): Promise<void> {
+    if (!this.initialized || !this.connection || !this.sqlite) {
+      return;
+    }
+
+    try {
+      await this.connection.close();
+      await this.sqlite.closeConnection(this.connection);
+      this.connection = null;
+      this.sqlite = null;
+      this.initialized = false;
+    } catch (error) {
+      logger.error("Failed to close Capacitor SQLite connection:", error);
+      throw error;
+    }
+  }
+
+  protected async _executeQuery<T>(
+    sql: string,
+    params: unknown[] = [],
+    operation: "query" | "execute" = "query",
+  ): Promise<SQLiteResult<T>> {
+    if (!this.connection) {
+      throw new Error("Database connection not initialized");
+    }
+
+    try {
+      if (operation === "query") {
+        const result = await this.connection.query(sql, params);
+        return {
+          rows: result.values as T[],
+          rowsAffected: result.changes?.changes ?? 0,
+          lastInsertId: result.changes?.lastId,
+          executionTime: 0, // Will be set by base class
+        };
+      } else {
+        const result = await this.connection.run(sql, params);
+        return {
+          rows: [],
+          rowsAffected: result.changes?.changes ?? 0,
+          lastInsertId: result.changes?.lastId,
+          executionTime: 0, // Will be set by base class
+        };
+      }
+    } catch (error) {
+      logger.error("Capacitor SQLite query failed:", {
+        sql,
+        params,
+        error: error instanceof Error ? error.message : String(error),
+      });
+      throw error;
+    }
+  }
+
+  protected async _beginTransaction(): Promise<void> {
+    if (!this.connection) {
+      throw new Error("Database connection not initialized");
+    }
+    await this.connection.execute("BEGIN TRANSACTION");
+  }
+
+  protected async _commitTransaction(): Promise<void> {
+    if (!this.connection) {
+      throw new Error("Database connection not initialized");
+    }
+    await this.connection.execute("COMMIT");
+  }
+
+  protected async _rollbackTransaction(): Promise<void> {
+    if (!this.connection) {
+      throw new Error("Database connection not initialized");
+    }
+    await this.connection.execute("ROLLBACK");
+  }
+
+  protected async _prepareStatement<T>(
+    sql: string,
+  ): Promise<PreparedStatement<T>> {
+    if (!this.connection) {
+      throw new Error("Database connection not initialized");
+    }
+
+    // Capacitor SQLite doesn't support prepared statements directly,
+    // so we'll simulate it by storing the SQL
+    return {
+      execute: async (params: unknown[] = []) => {
+        return this.executeQuery<T>(sql, params, "query");
+      },
+      finalize: async () => {
+        // No cleanup needed for Capacitor SQLite
+      },
+    };
+  }
+
+  protected async _finalizeStatement(_sql: string): Promise<void> {
+    // No cleanup needed for Capacitor SQLite
+  }
+
+  async getDatabaseSize(): Promise<number> {
+    if (!this.connection) {
+      throw new Error("Database connection not initialized");
+    }
+
+    try {
+      const result = await this.connection.query(
+        "SELECT page_count * page_size as size FROM pragma_page_count(), pragma_page_size()",
+      );
+      return result.values?.[0]?.size ?? 0;
+    } catch (error) {
+      logger.error("Failed to get database size:", error);
+      return 0;
+    }
+  }
+}

src/services/sqlite/WebSQLiteService.ts

@@ -0,0 +1,170 @@
+import { BaseSQLiteService } from "./BaseSQLiteService";
+import { SQLiteConfig, SQLiteOperations, SQLiteResult, PreparedStatement, SQLiteStats } from "../PlatformService";
+import { logger } from "../../utils/logger";
+import initSqlJs, { Database } from "@jlongster/sql.js";
+import { SQLiteFS } from "absurd-sql";
+import IndexedDBBackend from "absurd-sql/dist/indexeddb-backend";
+
+/**
+ * SQLite implementation for web platform using absurd-sql
+ */
+export class WebSQLiteService extends BaseSQLiteService {
+  private db: Database | null = null;
+  private config: SQLiteConfig | null = null;
+  private worker: Worker | null = null;
+
+  async initialize(config: SQLiteConfig): Promise<void> {
+    if (this.initialized) {
+      return;
+    }
+
+    try {
+      this.config = config;
+
+      // Initialize SQL.js
+      const SQL = await initSqlJs({
+        locateFile: (file) => `/sql-wasm.wasm`,
+      });
+
+      // Create a worker for SQLite operations
+      this.worker = new Worker("/sql-worker.js");
+      
+      // Initialize SQLiteFS with IndexedDB backend
+      const backend = new IndexedDBBackend();
+      const fs = new SQLiteFS(backend, this.worker);
+      
+      // Create database file
+      const dbPath = `/${config.name}.db`;
+      if (!(await fs.exists(dbPath))) {
+        await fs.writeFile(dbPath, new Uint8Array(0));
+      }
+
+      // Open database
+      this.db = new SQL.Database(dbPath, { filename: true });
+
+      // Configure database settings
+      if (config.useWAL) {
+        await this.execute("PRAGMA journal_mode = WAL");
+        this.stats.walMode = true;
+      }
+
+      // Set other pragmas for performance
+      await this.execute("PRAGMA synchronous = NORMAL");
+      await this.execute("PRAGMA temp_store = MEMORY");
+      await this.execute("PRAGMA cache_size = -2000"); // Use 2MB of cache
+
+      this.initialized = true;
+      await this.updateStats();
+    } catch (error) {
+      logger.error("Failed to initialize Web SQLite:", error);
+      throw error;
+    }
+  }
+
+  protected async _executeQuery<T>(
+    sql: string,
+    params: unknown[] = [],
+    operation: "query" | "execute" = "query",
+  ): Promise<SQLiteResult<T>> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+
+    try {
+      if (operation === "query") {
+        const stmt = this.db.prepare(sql);
+        const results = stmt.get(params) as T[];
+        stmt.free();
+        return { results };
+      } else {
+        const stmt = this.db.prepare(sql);
+        stmt.run(params);
+        const changes = this.db.getRowsModified();
+        stmt.free();
+        return { changes };
+      }
+    } catch (error) {
+      logger.error("SQLite query failed:", {
+        sql,
+        params,
+        error: error instanceof Error ? error.message : String(error),
+      });
+      throw error;
+    }
+  }
+
+  async close(): Promise<void> {
+    if (this.db) {
+      this.db.close();
+      this.db = null;
+    }
+    if (this.worker) {
+      this.worker.terminate();
+      this.worker = null;
+    }
+    this.initialized = false;
+  }
+
+  async getDatabaseSize(): Promise<number> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+    const result = await this.query<{ size: number }>("SELECT page_count * page_size as size FROM pragma_page_count(), pragma_page_size()");
+    return result.results[0]?.size || 0;
+  }
+
+  async prepare<T>(sql: string): Promise<PreparedStatement<T>> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+
+    const stmt = this.db.prepare(sql);
+    const key = sql;
+
+    const preparedStmt: PreparedStatement<T> = {
+      execute: async (params: unknown[] = []) => {
+        try {
+          const results = stmt.get(params) as T[];
+          return { results };
+        } catch (error) {
+          logger.error("Prepared statement execution failed:", {
+            sql,
+            params,
+            error: error instanceof Error ? error.message : String(error),
+          });
+          throw error;
+        }
+      },
+      finalize: () => {
+        stmt.free();
+        this.preparedStatements.delete(key);
+        this.stats.preparedStatements--;
+      },
+    };
+
+    this.preparedStatements.set(key, preparedStmt);
+    this.stats.preparedStatements++;
+
+    return preparedStmt;
+  }
+
+  async getStats(): Promise<SQLiteStats> {
+    await this.updateStats();
+    return this.stats;
+  }
+
+  private async updateStats(): Promise<void> {
+    if (!this.db) {
+      throw new Error("Database not initialized");
+    }
+
+    const size = await this.getDatabaseSize();
+    this.stats.databaseSize = size;
+
+    const walResult = await this.query<{ journal_mode: string }>("PRAGMA journal_mode");
+    this.stats.walMode = walResult.results[0]?.journal_mode === "wal";
+
+    const mmapResult = await this.query<{ mmap_size: number }>("PRAGMA mmap_size");
+    this.stats.mmapActive = mmapResult.results[0]?.mmap_size > 0;
+  }
+} 

src/services/sqlite/sqlite.worker.ts

@@ -0,0 +1,150 @@
+import initSqlJs, { Database } from "@jlongster/sql.js";
+import { SQLiteFS } from "absurd-sql";
+import { IndexedDBBackend } from "absurd-sql/dist/indexeddb-backend";
+
+interface WorkerMessage {
+  type: "init" | "query" | "execute" | "transaction" | "close";
+  id: string;
+  dbName?: string;
+  sql?: string;
+  params?: unknown[];
+  statements?: { sql: string; params?: unknown[] }[];
+}
+
+interface WorkerResponse {
+  id: string;
+  error?: string;
+  result?: unknown;
+}
+
+let db: Database | null = null;
+
+async function initialize(dbName: string): Promise<void> {
+  if (db) {
+    return;
+  }
+
+  const SQL = await initSqlJs({
+    locateFile: (file: string) => `/sql-wasm/${file}`,
+  });
+
+  // Initialize the virtual file system
+  const backend = new IndexedDBBackend(dbName);
+  const fs = new SQLiteFS(SQL.FS, backend);
+  SQL.register_for_idb(fs);
+
+  // Create and initialize the database
+  db = new SQL.Database(dbName, {
+    filename: true,
+  });
+
+  // Configure database settings
+  db.exec("PRAGMA synchronous = NORMAL");
+  db.exec("PRAGMA temp_store = MEMORY");
+  db.exec("PRAGMA cache_size = -2000"); // Use 2MB of cache
+}
+
+async function executeQuery(
+  sql: string,
+  params: unknown[] = [],
+): Promise<unknown> {
+  if (!db) {
+    throw new Error("Database not initialized");
+  }
+
+  const stmt = db.prepare(sql);
+  try {
+    const rows: unknown[] = [];
+    stmt.bind(params);
+    while (stmt.step()) {
+      rows.push(stmt.getAsObject());
+    }
+    return {
+      rows,
+      rowsAffected: db.getRowsModified(),
+      lastInsertId: db.exec("SELECT last_insert_rowid()")[0]?.values[0]?.[0],
+    };
+  } finally {
+    stmt.free();
+  }
+}
+
+async function executeTransaction(
+  statements: { sql: string; params?: unknown[] }[],
+): Promise<void> {
+  if (!db) {
+    throw new Error("Database not initialized");
+  }
+
+  try {
+    db.exec("BEGIN TRANSACTION");
+    for (const { sql, params = [] } of statements) {
+      const stmt = db.prepare(sql);
+      try {
+        stmt.bind(params);
+        stmt.step();
+      } finally {
+        stmt.free();
+      }
+    }
+    db.exec("COMMIT");
+  } catch (error) {
+    db.exec("ROLLBACK");
+    throw error;
+  }
+}
+
+async function close(): Promise<void> {
+  if (db) {
+    db.close();
+    db = null;
+  }
+}
+
+self.onmessage = async (event: MessageEvent<WorkerMessage>) => {
+  const { type, id, dbName, sql, params, statements } = event.data;
+  const response: WorkerResponse = { id };
+
+  try {
+    switch (type) {
+      case "init":
+        if (!dbName) {
+          throw new Error("Database name is required for initialization");
+        }
+        await initialize(dbName);
+        break;
+
+      case "query":
+        if (!sql) {
+          throw new Error("SQL query is required");
+        }
+        response.result = await executeQuery(sql, params);
+        break;
+
+      case "execute":
+        if (!sql) {
+          throw new Error("SQL statement is required");
+        }
+        response.result = await executeQuery(sql, params);
+        break;
+
+      case "transaction":
+        if (!statements?.length) {
+          throw new Error("Transaction statements are required");
+        }
+        await executeTransaction(statements);
+        break;
+
+      case "close":
+        await close();
+        break;
+
+      default:
+        throw new Error(`Unknown message type: ${type}`);
+    }
+  } catch (error) {
+    response.error = error instanceof Error ? error.message : String(error);
+  }
+
+  self.postMessage(response);
+};

src/types/absurd-sql.d.ts

@@ -0,0 +1,45 @@
+declare module "@jlongster/sql.js" {
+  export interface Database {
+    exec(
+      sql: string,
+      params?: unknown[],
+    ): { columns: string[]; values: unknown[][] }[];
+    prepare(sql: string): Statement;
+    run(sql: string, params?: unknown[]): void;
+    getRowsModified(): number;
+    close(): void;
+  }
+
+  export interface Statement {
+    step(): boolean;
+    getAsObject(): Record<string, unknown>;
+    bind(params: unknown[]): void;
+    reset(): void;
+    free(): void;
+  }
+
+  export interface InitSqlJsStatic {
+    Database: new (
+      filename?: string,
+      options?: { filename: boolean },
+    ) => Database;
+    FS: unknown;
+    register_for_idb(fs: unknown): void;
+  }
+
+  export default function initSqlJs(options?: {
+    locateFile?: (file: string) => string;
+  }): Promise<InitSqlJsStatic>;
+}
+
+declare module "absurd-sql" {
+  export class SQLiteFS {
+    constructor(fs: unknown, backend: unknown);
+  }
+}
+
+declare module "absurd-sql/dist/indexeddb-backend" {
+  export class IndexedDBBackend {
+    constructor(dbName: string);
+  }
+}

src/utils/empty-module.js

@@ -0,0 +1,2 @@
+// Empty module to satisfy Node.js built-in module imports
+export default {};

src/utils/node-modules/crypto.js

@@ -0,0 +1,17 @@
+// Minimal crypto module implementation for browser using Web Crypto API
+const crypto = {
+  ...window.crypto,
+  // Add any Node.js crypto methods that might be needed
+  randomBytes: (size) => {
+    const buffer = new Uint8Array(size);
+    window.crypto.getRandomValues(buffer);
+    return buffer;
+  },
+  createHash: () => ({
+    update: () => ({
+      digest: () => new Uint8Array(32), // Return empty hash
+    }),
+  }),
+};
+
+export default crypto;

src/utils/node-modules/fs.js

@@ -0,0 +1,18 @@
+// Minimal fs module implementation for browser
+const fs = {
+  readFileSync: () => {
+    throw new Error("fs.readFileSync is not supported in browser");
+  },
+  writeFileSync: () => {
+    throw new Error("fs.writeFileSync is not supported in browser");
+  },
+  existsSync: () => false,
+  mkdirSync: () => {},
+  readdirSync: () => [],
+  statSync: () => ({
+    isDirectory: () => false,
+    isFile: () => false,
+  }),
+};
+
+export default fs;

src/utils/node-modules/path.js

@@ -0,0 +1,13 @@
+// Minimal path module implementation for browser
+const path = {
+  resolve: (...parts) => parts.join("/"),
+  join: (...parts) => parts.join("/"),
+  dirname: (p) => p.split("/").slice(0, -1).join("/"),
+  basename: (p) => p.split("/").pop(),
+  extname: (p) => {
+    const parts = p.split(".");
+    return parts.length > 1 ? "." + parts.pop() : "";
+  },
+};
+
+export default path;

src/views/AccountViewView.vue

@@ -75,6 +75,10 @@
         >
           Set Your Name
         </button>
+        <p class="text-xs text-slate-500 mt-1">
+          (Don't worry: this is not visible to anyone until you share it with
+          them. It's not sent to any servers.)
+        </p>
         <UserNameDialog ref="userNameDialog" />
       </span>
       <div class="flex justify-center mt-4">
@@ -107,24 +111,10 @@
               <font-awesome icon="camera" class="fa-fw" />
             </div>
           </template>
-          <template v-else>
-            <div
-              id="noticeBeforeUpload"
-              class="bg-amber-200 text-amber-900 border-amber-500 border-dashed border text-center rounded-md overflow-hidden px-4 py-3"
-              role="alert"
-              aria-live="polite"
-            >
-              <p class="mb-2">
-                Before you can upload a photo, a friend needs to register you.
-              </p>
-              <router-link
-                :to="{ name: 'contact-qr' }"
-                class="inline-block text-md uppercase bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-4 py-2 rounded-md"
-              >
-                Share Your Info
-              </router-link>
-            </div>
-          </template>
+          <!-- 
+          If not registered, they don't need to see this at all. We show a prompt 
+          to register below. 
+          -->
         </div>
         <ImageMethodDialog
           ref="imageMethodDialog"
@@ -217,7 +207,7 @@
       </p>
       <router-link
         :to="{ name: 'contact-qr' }"
-        class="inline-block text-md uppercase bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-4 py-2 rounded-md"
+        class="inline-block text-md bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-4 py-2 rounded-md"
       >
         Share Your Info
       </router-link>
@@ -618,6 +608,7 @@
             leave-to-class="opacity-0"
           >
             <div v-if="showContactImport()" class="mt-4">
+              <!-- Bulk import has an error
               <div class="flex justify-center">
                 <button
                   class="block text-center text-md bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-1.5 py-2 rounded-md mb-6"
@@ -628,6 +619,7 @@
                   (which doesn't include Identifier Data)
                 </button>
               </div>
+              -->
               <div class="flex justify-center">
                 <button
                   class="block text-center text-md bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-1.5 py-2 rounded-md mb-6"
@@ -976,6 +968,7 @@ import { AxiosError } from "axios";
 import { Buffer } from "buffer/";
 import Dexie from "dexie";
 import "dexie-export-import";
+// @ts-expect-error - they aren't exporting it but it's there
 import { ImportProgress } from "dexie-export-import";
 import { LeafletMouseEvent } from "leaflet";
 import * as R from "ramda";
@@ -1001,13 +994,6 @@ import {
   IMAGE_TYPE_PROFILE,
   NotificationIface,
 } from "../constants/app";
-import {
-  db,
-  logConsoleAndDb,
-  retrieveSettingsForActiveAccount,
-  updateAccountSettings,
-} from "../db/index";
-import { Account } from "../db/tables/accounts";
 import { Contact } from "../db/tables/contacts";
 import {
   DEFAULT_PASSKEY_EXPIRATION_MINUTES,
@@ -1209,7 +1195,7 @@ export default class AccountViewView extends Vue {
           title: "Cannot Set Notifications",
           text: "This browser does not support notifications. Use Chrome, or install this to the home screen, or try other suggestions on the 'Troubleshoot your notifications' page.",
         },
-        3000,
+        7000,
       );
     }
     this.passkeyExpirationDescription = tokenExpiryTimeDescription();
@@ -1222,11 +1208,12 @@ export default class AccountViewView extends Vue {
   }
 
   /**
-   * Initializes component state with values from the database or defaults.
+   * Initializes component state using PlatformService for database operations
+   * Keeps all endorserServer functionality unchanged
    */
   async initializeState() {
-    await db.open();
-    const settings = await retrieveSettingsForActiveAccount();
+    const platform = this.$platform;
+    const settings = await platform.getActiveAccountSettings();
 
     this.activeDid = settings.activeDid || "";
     this.apiServer = settings.apiServer || "";
@@ -1259,6 +1246,29 @@ export default class AccountViewView extends Vue {
     this.webPushServerInput = settings.webPushServer || this.webPushServerInput;
   }
 
+  /**
+   * Updates account settings using PlatformService
+   * Keeps all endorserServer functionality unchanged
+   */
+  async updateSettings(settingsChanges: Record<string, unknown>) {
+    try {
+      const platform = this.$platform;
+      await platform.updateAccountSettings(this.activeDid, settingsChanges);
+      await this.initializeState();
+    } catch (error) {
+      logger.error("Error updating settings:", error);
+      this.$notify(
+        {
+          group: "alert",
+          type: "danger",
+          title: "Error",
+          text: "There was a problem updating your settings.",
+        },
+        5000,
+      );
+    }
+  }
+
   // call fn, copy text to the clipboard, then redo fn after 2 seconds
   doCopyTwoSecRedo(text: string, fn: () => void) {
     fn();
@@ -1621,10 +1631,26 @@ export default class AccountViewView extends Vue {
    */
   async submitImportFile() {
     if (inputImportFileNameRef.value != null) {
-      await db.delete();
-      await Dexie.import(inputImportFileNameRef.value as Blob, {
-        progressCallback: this.progressCallback,
-      });
+      await db
+        .delete()
+        .then(async () => {
+          // BulkError: settings.bulkAdd(): 1 of 21 operations failed. Errors: ConstraintError: Key already exists in the object store.
+          await Dexie.import(inputImportFileNameRef.value as Blob, {
+            progressCallback: this.progressCallback,
+          });
+        })
+        .catch((error) => {
+          logger.error("Error importing file:", error);
+          this.$notify(
+            {
+              group: "alert",
+              type: "danger",
+              title: "Error Importing",
+              text: "There was an error in the import. Your identities and contacts may have been affected, so you may have to restore your identifier and use the contact import method.",
+            },
+            -1,
+          );
+        });
     }
   }
 

src/views/ConfirmGiftView.vue

@@ -439,13 +439,11 @@ import { useClipboard } from "@vueuse/core";
 import { RouteLocationNormalizedLoaded, Router } from "vue-router";
 import QuickNav from "../components/QuickNav.vue";
 import { NotificationIface } from "../constants/app";
-import { db, retrieveSettingsForActiveAccount } from "../db/index";
 import { Contact } from "../db/tables/contacts";
 import * as serverUtil from "../libs/endorserServer";
 import { GenericVerifiableCredential, GiveSummaryRecord } from "../interfaces";
 import { displayAmount } from "../libs/endorserServer";
 import * as libsUtil from "../libs/util";
-import { retrieveAccountDids } from "../libs/util";
 import TopMessage from "../components/TopMessage.vue";
 import { logger } from "../utils/logger";
 /**
@@ -526,14 +524,17 @@ export default class ConfirmGiftView extends Vue {
 
   /**
    * Initializes component settings and user data
+   * Only database operations are migrated to PlatformService
+   * API-related utilities remain using serverUtil
    */
   private async initializeSettings() {
-    const settings = await retrieveSettingsForActiveAccount();
+    const platform = this.$platform;
+    const settings = await platform.getActiveAccountSettings();
     this.activeDid = settings.activeDid || "";
     this.apiServer = settings.apiServer || "";
-    this.allContacts = await db.contacts.toArray();
+    this.allContacts = await platform.getAllContacts();
     this.isRegistered = settings.isRegistered || false;
-    this.allMyDids = await retrieveAccountDids();
+    this.allMyDids = await platform.getAllAccountDids();
 
     // Check share capability
     // When Chrome compatibility is fixed https://developer.mozilla.org/en-US/docs/Web/API/Web_Share_API#api.navigator.canshare

src/views/ContactQRScanFullView.vue

@@ -1,24 +1,104 @@
 <template>
   <!-- CONTENT -->
-  <section id="Content" class="relativew-[100vw] h-[100vh]">
+  <section id="Content" class="relative w-[100vw] h-[100vh]">
     <div
-      class="absolute inset-x-0 bottom-0 bg-black/50 p-6 pb-[calc(env(safe-area-inset-bottom)+1.5rem)]"
+      class="p-6 bg-white w-full max-w-[calc((100vh-env(safe-area-inset-top)-env(safe-area-inset-bottom))*0.4)] mx-auto"
     >
-      <p class="text-center text-white mb-3">
-        Point your camera at a TimeSafari contact QR code to scan it
-        automatically.
-      </p>
+      <div class="mb-4">
+        <h1 class="text-xl text-center font-semibold relative">
+          <!-- Back -->
+          <a
+            class="text-lg text-center px-2 py-1 absolute -left-2 -top-1"
+            @click="handleBack"
+          >
+            <font-awesome icon="chevron-left" class="fa-fw" />
+          </a>
 
-      <p v-if="error" class="text-center text-rose-300 mb-3">{{ error }}</p>
+          <!-- Quick Help -->
+          <a
+            class="text-xl text-center text-blue-500 px-2 py-1 absolute -right-2 -top-1"
+            @click="toastQRCodeHelp()"
+          >
+            <font-awesome icon="circle-question" class="fa-fw" />
+          </a>
 
-      <div class="flex justify-center items-center">
+          Share Contact Info
+        </h1>
+      </div>
+
+      <div
+        v-if="!givenName"
+        class="bg-amber-200 text-amber-900 border-amber-500 border-dashed border text-center rounded-md overflow-hidden px-4 py-3 mt-4"
+      >
+        <p class="mb-2">
+          <b>Note:</b> your identity currently does <b>not</b> include a name.
+        </p>
         <button
-          class="text-center text-slate-600 leading-none bg-white p-2 rounded-full drop-shadow-lg"
-          @click="handleBack"
+          class="inline-block text-md uppercase bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-4 py-2 rounded-md"
+          @click="openUserNameDialog"
         >
-          <font-awesome icon="xmark" class="size-6"></font-awesome>
+          Set Your Name
         </button>
       </div>
+
+      <UserNameDialog ref="userNameDialog" />
+
+      <div
+        v-if="activeDid && activeDid.startsWith(ETHR_DID_PREFIX)"
+        class="block w-full max-w-[calc((100vh-env(safe-area-inset-top)-env(safe-area-inset-bottom))*0.4)] mx-auto mt-4"
+        @click="onCopyUrlToClipboard()"
+      >
+        <!--
+          Play with display options: https://qr-code-styling.com/
+          See docs: https://www.npmjs.com/package/qr-code-generator-vue3
+        -->
+        <QRCodeVue3
+          :value="qrValue"
+          :width="606"
+          :height="606"
+          :corners-square-options="{ type: 'square' }"
+          :dots-options="{ type: 'square', color: '#000' }"
+        />
+      </div>
+
+      <div v-else-if="activeDid" class="text-center mt-4">
+        <!-- Not an ETHR DID so force them to paste it. (Passkey Peer DIDs are too big.) -->
+        <span class="text-blue-500" @click="onCopyDidToClipboard()">
+          Click here to copy your DID to your clipboard.
+        </span>
+        <span>
+          Then give it to them so they can paste it in their list of People.
+        </span>
+      </div>
+
+      <div v-else class="text-center mt-4">
+        You have no identitifiers yet, so
+        <router-link
+          :to="{ name: 'start' }"
+          class="bg-blue-500 text-white px-1.5 py-1 rounded-md"
+        >
+          create your identifier.
+        </router-link>
+        <br />
+        If you don't do that first, these contacts won't see your activity.
+      </div>
+    </div>
+
+    <div
+      class="relative w-full max-w-[calc((100vh-env(safe-area-inset-top)-env(safe-area-inset-bottom))*0.4)] mx-auto border border-dashed border-white mt-8 aspect-square"
+    >
+      <p
+        class="absolute top-0 left-0 right-0 bg-black bg-opacity-50 text-white text-sm text-center py-2 z-10"
+      >
+        Position QR code in the frame
+      </p>
+
+      <p
+        v-if="error"
+        class="absolute bottom-0 left-0 right-0 bg-black bg-opacity-50 text-sm text-center py-2 z-20 text-rose-400"
+      >
+        {{ error }}
+      </p>
     </div>
   </section>
 </template>
@@ -33,18 +113,29 @@ import { NotificationIface } from "../constants/app";
 import { db } from "../db/index";
 import { Contact } from "../db/tables/contacts";
 import { getContactJwtFromJwtUrl } from "../libs/crypto";
-import { decodeEndorserJwt } from "../libs/crypto/vc";
+import { decodeEndorserJwt, ETHR_DID_PREFIX } from "../libs/crypto/vc";
 import { retrieveSettingsForActiveAccount } from "../db/index";
 import { setVisibilityUtil } from "../libs/endorserServer";
+import { useClipboard } from "@vueuse/core";
+import QRCodeVue3 from "qr-code-generator-vue3";
+import UserNameDialog from "../components/UserNameDialog.vue";
+import { generateEndorserJwtUrlForAccount } from "../libs/endorserServer";
+import { retrieveAccountMetadata } from "../libs/util";
 
 interface QRScanResult {
   rawValue?: string;
   barcode?: string;
 }
 
+interface IUserNameDialog {
+  open: (callback: (name: string) => void) => void;
+}
+
 @Component({
   components: {
     QuickNav,
+    QRCodeVue3,
+    UserNameDialog,
   },
 })
 export default class ContactQRScan extends Vue {
@@ -55,11 +146,14 @@ export default class ContactQRScan extends Vue {
   error: string | null = null;
   activeDid = "";
   apiServer = "";
+  givenName = "";
+  qrValue = "";
+  ETHR_DID_PREFIX = ETHR_DID_PREFIX;
 
   // Add new properties to track scanning state
   private lastScannedValue: string = "";
   private lastScanTime: number = 0;
-  private readonly SCAN_DEBOUNCE_MS = 2000; // Prevent duplicate scans within 2 seconds
+  private readonly SCAN_DEBOUNCE_MS = 5000; // Increased from 2000 to 5000ms to better handle mobile scanning
 
   // Add cleanup tracking
   private isCleaningUp = false;
@@ -70,6 +164,21 @@ export default class ContactQRScan extends Vue {
       const settings = await retrieveSettingsForActiveAccount();
       this.activeDid = settings.activeDid || "";
       this.apiServer = settings.apiServer || "";
+      this.givenName = settings.firstName || "";
+
+      const account = await retrieveAccountMetadata(this.activeDid);
+      if (account) {
+        const name =
+          (settings.firstName || "") +
+          (settings.lastName ? ` ${settings.lastName}` : "");
+        this.qrValue = await generateEndorserJwtUrlForAccount(
+          account,
+          !!settings.isRegistered,
+          name,
+          settings.profileImageUrl || "",
+          false,
+        );
+      }
     } catch (error) {
       logger.error("Error initializing component:", {
         error: error instanceof Error ? error.message : String(error),
@@ -270,14 +379,12 @@ export default class ContactQRScan extends Vue {
         notes: contactInfo.notes || "",
       };
 
-      // Add contact and stop scanning
+      // Add contact but keep scanning
       logger.info("Adding new contact to database:", {
         did: contact.did,
         name: contact.name,
       });
       await this.addNewContact(contact);
-      await this.stopScanning();
-      this.$router.back(); // Return to previous view after successful scan
     } catch (error) {
       logger.error("Error processing contact QR code:", {
         error: error instanceof Error ? error.message : String(error),
@@ -420,6 +527,56 @@ export default class ContactQRScan extends Vue {
     await this.cleanupScanner();
     this.$router.back();
   }
+
+  toastQRCodeHelp() {
+    this.$notify(
+      {
+        group: "alert",
+        type: "info",
+        title: "QR Code Help",
+        text: "Click the QR code to copy your contact info to your clipboard.",
+      },
+      5000,
+    );
+  }
+
+  onCopyUrlToClipboard() {
+    useClipboard()
+      .copy(this.qrValue)
+      .then(() => {
+        this.$notify(
+          {
+            group: "alert",
+            type: "toast",
+            title: "Copied",
+            text: "Contact URL was copied to clipboard.",
+          },
+          2000,
+        );
+      });
+  }
+
+  onCopyDidToClipboard() {
+    useClipboard()
+      .copy(this.activeDid)
+      .then(() => {
+        this.$notify(
+          {
+            group: "alert",
+            type: "info",
+            title: "Copied",
+            text: "Your DID was copied to the clipboard. Have them paste it in the box on their 'People' screen to add you.",
+          },
+          5000,
+        );
+      });
+  }
+
+  openUserNameDialog() {
+    (this.$refs.userNameDialog as IUserNameDialog).open((name: string) => {
+      this.givenName = name;
+    });
+  }
 }
 </script>
 

src/views/ContactQRScanShowView.vue

@@ -42,7 +42,7 @@
 
     <div
       v-if="activeDid && activeDid.startsWith(ETHR_DID_PREFIX)"
-      class="block w-[90vw] max-w-[40vh] mx-auto my-4"
+      class="block w-[90vw] max-w-[calc((100vh-env(safe-area-inset-top)-env(safe-area-inset-bottom))*0.4)] mx-auto my-4"
       @click="onCopyUrlToClipboard()"
     >
       <!--
@@ -75,13 +75,13 @@
         create your identifier.
       </router-link>
       <br />
-      If you don't that first, these contacts won't see your activity.
+      If you don't do that first, these contacts won't see your activity.
     </div>
 
     <div class="text-center mt-6">
       <div
-        v-if="isScanning && !isNativePlatform"
-        class="relative aspect-square overflow-hidden bg-slate-800 w-[90vw] max-w-[40vh] mx-auto"
+        v-if="isScanning"
+        class="relative aspect-square overflow-hidden bg-slate-800 w-[90vw] max-w-[calc((100vh-env(safe-area-inset-top)-env(safe-area-inset-bottom))*0.4)] mx-auto"
       >
         <!-- Status Message -->
         <div
@@ -142,8 +142,9 @@
         </div>
 
         <qrcode-stream
-          v-if="useQRReader && !isNativePlatform"
+          v-if="useQRReader"
           :camera="preferredCamera"
+          class="qr-scanner"
           @decode="onDecode"
           @init="onInit"
           @detect="onDetect"
@@ -167,17 +168,9 @@
       </div>
       <div
         v-else
-        class="flex items-center justify-center aspect-square overflow-hidden bg-slate-800 w-[90vw] max-w-[40vh] mx-auto"
+        class="flex items-center justify-center aspect-square overflow-hidden bg-slate-800 w-[90vw] max-w-[calc((100vh-env(safe-area-inset-top)-env(safe-area-inset-bottom))*0.4)] mx-auto"
       >
         <button
-          v-if="isNativePlatform"
-          class="bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white text-lg px-3 py-2 rounded-lg"
-          @click="$router.push({ name: 'contact-qr-scan' })"
-        >
-          Scan QR Code
-        </button>
-        <button
-          v-else
           class="bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white text-lg px-3 py-2 rounded-lg"
           @click="startScanning"
         >
@@ -193,7 +186,6 @@ import { AxiosError } from "axios";
 import QRCodeVue3 from "qr-code-generator-vue3";
 import { Component, Vue } from "vue-facing-decorator";
 import { useClipboard } from "@vueuse/core";
-import { Capacitor } from "@capacitor/core";
 import { QrcodeStream } from "vue-qrcode-reader";
 
 import QuickNav from "../components/QuickNav.vue";
@@ -244,7 +236,6 @@ export default class ContactQRScanShow extends Vue {
   qrValue = "";
   isScanning = false;
   error: string | null = null;
-  isNativePlatform = Capacitor.isNativePlatform();
 
   // QR Scanner properties
   isInitializing = true;
@@ -265,6 +256,9 @@ export default class ContactQRScanShow extends Vue {
   private isCleaningUp = false;
   private isMounted = false;
 
+  // Add property to track if we're on desktop
+  private isDesktop = false;
+
   async created() {
     try {
       const settings = await retrieveSettingsForActiveAccount();
@@ -534,13 +528,12 @@ export default class ContactQRScanShow extends Vue {
         notes: contactInfo.notes || "",
       };
 
-      // Add contact and stop scanning
+      // Add contact but keep scanning
       logger.info("Adding new contact to database:", {
         did: contact.did,
         name: contact.name,
       });
       await this.addNewContact(contact);
-      await this.stopScanning();
     } catch (error) {
       logger.error("Error processing contact QR code:", {
         error: error instanceof Error ? error.message : String(error),
@@ -692,6 +685,7 @@ export default class ContactQRScanShow extends Vue {
       {
         group: "alert",
         type: "info",
+        title: "QR Code Help",
         text: "Click the QR code to copy your contact info to your clipboard.",
       },
       5000,
@@ -724,12 +718,21 @@ export default class ContactQRScanShow extends Vue {
   // Lifecycle hooks
   mounted() {
     this.isMounted = true;
+    this.isDesktop = this.detectDesktopBrowser();
     document.addEventListener("pause", this.handleAppPause);
     document.addEventListener("resume", this.handleAppResume);
-    // Start scanning automatically when view is loaded, but only on web platform
-    if (!this.isNativePlatform) {
-      this.startScanning();
-    }
+    // Start scanning automatically when view is loaded
+    this.startScanning();
+
+    // Apply mirroring after a short delay to ensure video element is ready
+    setTimeout(() => {
+      const videoElement = document.querySelector(
+        ".qr-scanner video",
+      ) as HTMLVideoElement;
+      if (videoElement) {
+        videoElement.style.transform = "scaleX(-1)";
+      }
+    }, 1000);
   }
 
   beforeDestroy() {
@@ -856,11 +859,6 @@ export default class ContactQRScanShow extends Vue {
 
   async onInit(promise: Promise<void>): Promise<void> {
     logger.log("[QRScanner] onInit called");
-    if (this.isNativePlatform) {
-      logger.log("Skipping QR scanner initialization on native platform");
-      return;
-    }
-
     try {
       await promise;
       this.isInitializing = false;
@@ -889,7 +887,7 @@ export default class ContactQRScanShow extends Vue {
 
   onDetect(result: unknown): void {
     this.isScanning = true;
-    this.cameraState = "detecting";
+    this.cameraState = "active";
     try {
       let rawValue: string | undefined;
       if (
@@ -899,7 +897,7 @@ export default class ContactQRScanShow extends Vue {
       ) {
         rawValue = result[0].rawValue;
       } else if (result && typeof result === "object" && "rawValue" in result) {
-        rawValue = result.rawValue;
+        rawValue = (result as { rawValue: string }).rawValue;
       }
       if (rawValue) {
         this.isInitializing = false;
@@ -909,7 +907,6 @@ export default class ContactQRScanShow extends Vue {
     } catch (error) {
       this.handleError(error);
     } finally {
-      this.isScanning = false;
       this.cameraState = "active";
     }
   }
@@ -944,6 +941,24 @@ export default class ContactQRScanShow extends Vue {
       stack: error.stack,
     });
   }
+
+  // Add method to detect desktop browser
+  private detectDesktopBrowser(): boolean {
+    const userAgent = navigator.userAgent.toLowerCase();
+    return !/android|webos|iphone|ipad|ipod|blackberry|iemobile|opera mini/i.test(
+      userAgent,
+    );
+  }
+
+  // Update the computed property for camera mirroring
+  get shouldMirrorCamera(): boolean {
+    // On desktop, always mirror the webcam
+    if (this.isDesktop) {
+      return true;
+    }
+    // On mobile, mirror only for front-facing camera
+    return this.preferredCamera === "user";
+  }
 }
 </script>
 
@@ -951,4 +966,18 @@ export default class ContactQRScanShow extends Vue {
 .aspect-square {
   aspect-ratio: 1 / 1;
 }
+
+/* Update styles for camera mirroring */
+:deep(.qr-scanner) {
+  position: relative;
+}
+
+:deep(.qr-scanner video) {
+  transform: scaleX(-1);
+}
+
+/* Ensure the canvas for QR detection is not mirrored */
+:deep(.qr-scanner canvas) {
+  transform: none;
+}
 </style>

src/views/ContactScanView.vue

@@ -1,92 +0,0 @@
-<template>
-  <section id="Content" class="p-6 pb-24 max-w-3xl mx-auto">
-    <!-- Breadcrumb -->
-    <div id="ViewBreadcrumb" class="mb-8">
-      <h1 class="text-lg text-center font-light relative px-7">
-        <!-- Cancel -->
-        <router-link
-          :to="{ name: 'account' }"
-          class="text-lg text-center px-2 py-1 absolute -left-2 -top-1"
-          ><font-awesome icon="chevron-left" class="fa-fw"></font-awesome>
-        </router-link>
-
-        Scan Contact
-      </h1>
-    </div>
-
-    <h3 class="text-sm uppercase font-semibold mb-2">Scan a QR Code…</h3>
-    <div class="bg-black rounded overflow-hidden relative mb-4">
-      <img src="https://picsum.photos/400/400?random=1" class="w-full" />
-
-      <!-- Darken overlay -->
-      <!-- Top -->
-      <div class="absolute top-0 left-0 right-0 bg-black/50 h-1/4"></div>
-      <!-- Reft -->
-      <div class="absolute top-1/4 bottom-1/4 left-0 bg-black/50 w-1/4"></div>
-      <!-- Right -->
-      <div class="absolute top-1/4 bottom-1/4 right-0 bg-black/50 w-1/4"></div>
-      <!-- Bottom -->
-      <div class="absolute bottom-0 left-0 right-0 bg-black/50 h-1/4"></div>
-
-      <!-- Reticle overlay -->
-      <!-- Top-left -->
-      <div
-        class="absolute top-1/4 left-1/4 h-6 w-6 border-white border-t-4 border-l-4 drop-shadow"
-      ></div>
-      <!-- Top-right -->
-      <div
-        class="absolute top-1/4 right-1/4 h-6 w-6 border-white border-t-4 border-r-4 drop-shadow"
-      ></div>
-      <!-- Bottom-left -->
-      <div
-        class="absolute bottom-1/4 left-1/4 h-6 w-6 border-white border-b-4 border-l-4 drop-shadow"
-      ></div>
-      <!-- Bottom-right -->
-      <div
-        class="absolute bottom-1/4 right-1/4 h-6 w-6 border-white border-b-4 border-r-4 drop-shadow"
-      ></div>
-    </div>
-
-    <h3 class="text-sm uppercase font-semibold mb-2">…or Enter Contact Data</h3>
-    <input
-      type="text"
-      placeholder="Name (optional)"
-      class="block w-full rounded border border-slate-400 mb-2 px-3 py-2"
-    />
-    <input
-      type="text"
-      placeholder="ID"
-      class="block w-full rounded border border-slate-400 mb-2 px-3 py-2"
-    />
-    <input
-      type="text"
-      placeholder="Public Key (optional)"
-      class="block w-full rounded border border-slate-400 mb-4 px-3 py-2"
-    />
-
-    <div class="mt-8">
-      <div class="grid grid-cols-1 sm:grid-cols-2 gap-2">
-        <input
-          type="submit"
-          class="block w-full text-center text-lg font-bold uppercase bg-gradient-to-b from-blue-400 to-blue-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-2 py-3 rounded-md"
-          value="Look Up Contact"
-        />
-        <button
-          type="button"
-          class="block w-full text-center text-md uppercase bg-gradient-to-b from-slate-400 to-slate-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-1.5 py-2 rounded-md"
-        >
-          Cancel
-        </button>
-      </div>
-    </div>
-  </section>
-</template>
-
-<script lang="ts">
-import { Component, Vue } from "vue-facing-decorator";
-
-@Component({
-  components: {},
-})
-export default class ContactScanView extends Vue {}
-</script>

src/views/ContactsView.vue

@@ -69,12 +69,12 @@
         </span>
       </span>
 
-      <router-link
-        :to="{ name: 'contact-qr' }"
+      <button
         class="flex items-center bg-gradient-to-b from-green-400 to-green-700 shadow-[inset_0_-1px_0_0_rgba(0,0,0,0.5)] text-white px-1.5 py-1 mr-1 rounded-md"
+        @click="handleQRCodeClick"
       >
         <font-awesome icon="qrcode" class="fa-fw text-2xl" />
-      </router-link>
+      </button>
 
       <textarea
         v-model="contactInput"
@@ -353,6 +353,7 @@ import * as R from "ramda";
 import { Component, Vue } from "vue-facing-decorator";
 import { RouteLocationNormalizedLoaded, Router } from "vue-router";
 import { useClipboard } from "@vueuse/core";
+import { Capacitor } from "@capacitor/core";
 
 import QuickNav from "../components/QuickNav.vue";
 import EntityIcon from "../components/EntityIcon.vue";
@@ -1062,7 +1063,8 @@ export default class ContactsView extends Vue {
       );
       if (regResult.success) {
         contact.registered = true;
-        await db.contacts.update(contact.did, { registered: true });
+        const platform = this.$platform;
+        await platform.updateContact(contact.did, { registered: true });
 
         this.$notify(
           {
@@ -1438,5 +1440,13 @@ export default class ContactsView extends Vue {
       );
     }
   }
+
+  private handleQRCodeClick() {
+    if (Capacitor.isNativePlatform()) {
+      this.$router.push({ name: "contact-qr-scan-full" });
+    } else {
+      this.$router.push({ name: "contact-qr" });
+    }
+  }
 }
 </script>

src/views/HelpView.vue

@@ -549,8 +549,8 @@
       <h2 class="text-xl font-semibold">Where can I read more?</h2>
       <p>
         This is part of the
-        <a href="https://livesofgiving.org" target="_blank" class="text-blue-500">
-          Lives of Giving
+        <a href="https://livesofimpact.org" target="_blank" class="text-blue-500">
+          Lives of Impact
         </a>
         initiative.
       </p>

src/views/HomeView.vue

@@ -298,57 +298,42 @@ Raymer * @version 1.0.0 */
 import { UAParser } from "ua-parser-js";
 import { Component, Vue } from "vue-facing-decorator";
 import { Router } from "vue-router";
-
-//import App from "../App.vue";
-import EntityIcon from "../components/EntityIcon.vue";
-import GiftedDialog from "../components/GiftedDialog.vue";
-import GiftedPrompts from "../components/GiftedPrompts.vue";
-import FeedFilters from "../components/FeedFilters.vue";
-import InfiniteScroll from "../components/InfiniteScroll.vue";
-import OnboardingDialog from "../components/OnboardingDialog.vue";
-import QuickNav from "../components/QuickNav.vue";
-import TopMessage from "../components/TopMessage.vue";
-import UserNameDialog from "../components/UserNameDialog.vue";
-import ChoiceButtonDialog from "../components/ChoiceButtonDialog.vue";
-import ImageViewer from "../components/ImageViewer.vue";
-import ActivityListItem from "../components/ActivityListItem.vue";
+import { FontAwesomeIcon } from "@fortawesome/vue-fontawesome";
+import { BoundingBox } from "../types/BoundingBox";
+import { Contact } from "../types/Contact";
+import { OnboardPage } from "../libs/util";
+import * as OnboardingDialogModule from "../components/OnboardingDialog.vue";
+import * as QuickNavModule from "../components/QuickNav.vue";
+import * as TopMessageModule from "../components/TopMessage.vue";
+import * as EntityIconModule from "../components/EntityIcon.vue";
+import * as GiftedDialogModule from "../components/GiftedDialog.vue";
+import * as GiftedPromptsModule from "../components/GiftedPrompts.vue";
+import * as FeedFiltersModule from "../components/FeedFilters.vue";
+import * as UserNameDialogModule from "../components/UserNameDialog.vue";
+import * as ActivityListItemModule from "../components/ActivityListItem.vue";
+import { AppString, PASSKEYS_ENABLED } from "../constants/app";
+import { logger } from "../utils/logger";
+import { checkIsAnyFeedFilterOn } from "../db/tables/settings";
 import {
-  AppString,
-  NotificationIface,
-  PASSKEYS_ENABLED,
-} from "../constants/app";
-import {
-  db,
-  logConsoleAndDb,
-  retrieveSettingsForActiveAccount,
-  updateAccountSettings,
-} from "../db/index";
-import { Contact } from "../db/tables/contacts";
-import {
-  BoundingBox,
-  checkIsAnyFeedFilterOn,
-  MASTER_SETTINGS_KEY,
-} from "../db/tables/settings";
-import {
-  contactForDid,
-  containsNonHiddenDid,
-  didInfoForContact,
   fetchEndorserRateLimits,
-  getHeaders,
   getNewOffersToUser,
   getNewOffersToUserProjects,
-  getPlanFromCache,
 } from "../libs/endorserServer";
 import {
   generateSaveAndActivateIdentity,
   retrieveAccountDids,
-  GiverReceiverInputInfo,
-  OnboardPage,
 } from "../libs/util";
+import { NotificationIface } from "../constants/app";
+import {
+  containsNonHiddenDid,
+  didInfoForContact,
+} from "../libs/endorserServer";
 import { GiveSummaryRecord } from "../interfaces";
 import * as serverUtil from "../libs/endorserServer";
-import { logger } from "../utils/logger";
 import { GiveRecordWithContactInfo } from "../types";
+import ChoiceButtonDialog from "../components/ChoiceButtonDialog.vue";
+import ImageViewer from "../components/ImageViewer.vue";
+import * as InfiniteScrollModule from "../components/InfiniteScroll.vue";
 
 interface Claim {
   claim?: Claim; // For nested claims in Verifiable Credentials
@@ -419,18 +404,19 @@ interface FeedError {
  */
 @Component({
   components: {
-    EntityIcon,
-    FeedFilters,
-    GiftedDialog,
-    GiftedPrompts,
-    InfiniteScroll,
-    OnboardingDialog,
+    FontAwesomeIcon,
+    QuickNav: QuickNavModule.default,
+    TopMessage: TopMessageModule.default,
+    EntityIcon: EntityIconModule.default,
+    GiftedDialog: GiftedDialogModule.default,
+    GiftedPrompts: GiftedPromptsModule.default,
+    FeedFilters: FeedFiltersModule.default,
+    UserNameDialog: UserNameDialogModule.default,
+    ActivityListItem: ActivityListItemModule.default,
+    OnboardingDialog: OnboardingDialogModule.default,
     ChoiceButtonDialog,
-    QuickNav,
-    TopMessage,
-    UserNameDialog,
     ImageViewer,
-    ActivityListItem,
+    InfiniteScroll: InfiniteScrollModule.default,
   },
 })
 export default class HomeView extends Vue {
@@ -520,10 +506,11 @@ export default class HomeView extends Vue {
         this.allMyDids = [newDid];
       }
 
-      const settings = await retrieveSettingsForActiveAccount();
+      const platform = this.$platform;
+      const settings = await platform.getActiveAccountSettings();
       this.apiServer = settings.apiServer || "";
       this.activeDid = settings.activeDid || "";
-      this.allContacts = await db.contacts.toArray();
+      this.allContacts = await platform.getAllContacts();
       this.feedLastViewedClaimId = settings.lastViewedClaimId;
       this.givenName = settings.firstName || "";
       this.isFeedFilteredByVisible = !!settings.filterFeedByVisible;
@@ -552,9 +539,9 @@ export default class HomeView extends Vue {
             this.activeDid,
           );
           if (resp.status === 200) {
-            await updateAccountSettings(this.activeDid, {
+            await platform.updateAccountSettings(this.activeDid, {
               isRegistered: true,
-              ...(await retrieveSettingsForActiveAccount()),
+              ...settings,
             });
             this.isRegistered = true;
           }
@@ -590,14 +577,14 @@ export default class HomeView extends Vue {
 
       // eslint-disable-next-line @typescript-eslint/no-explicit-any
     } catch (err: any) {
-      logConsoleAndDb("Error retrieving settings or feed: " + err, true);
+      logger.error("Error retrieving settings or feed:", err);
       this.$notify(
         {
           group: "alert",
           type: "danger",
           title: "Error",
           text:
-            (err as { userMessage?: string })?.userMessage ||
+            err?.userMessage ||
             "There was an error retrieving your settings or the latest activity.",
         },
         5000,
@@ -618,7 +605,8 @@ export default class HomeView extends Vue {
    * Called by mounted() and reloadFeedOnChange()
    */
   private async loadSettings() {
-    const settings = await retrieveSettingsForActiveAccount();
+    const platform = this.$platform;
+    const settings = await platform.getActiveAccountSettings();
     this.apiServer = settings.apiServer || "";
     this.activeDid = settings.activeDid || "";
     this.feedLastViewedClaimId = settings.lastViewedClaimId;
@@ -642,7 +630,7 @@ export default class HomeView extends Vue {
    * Called by mounted() and initializeIdentity()
    */
   private async loadContacts() {
-    this.allContacts = await db.contacts.toArray();
+    this.allContacts = await this.$platform.getAllContacts();
   }
 
   /**
@@ -663,10 +651,12 @@ export default class HomeView extends Vue {
           this.activeDid,
         );
         if (resp.status === 200) {
-          await updateAccountSettings(this.activeDid, {
+          const platform = this.$platform;
+          const settings = await platform.getActiveAccountSettings();
+          await platform.updateAccountSettings(this.activeDid, {
             apiServer: this.apiServer,
             isRegistered: true,
-            ...(await retrieveSettingsForActiveAccount()),
+            ...settings,
           });
           this.isRegistered = true;
         }
@@ -728,7 +718,8 @@ export default class HomeView extends Vue {
    * Called by mounted()
    */
   private async checkOnboarding() {
-    const settings = await retrieveSettingsForActiveAccount();
+    const platform = this.$platform;
+    const settings = await platform.getActiveAccountSettings();
     if (!settings.finishedOnboarding) {
       (this.$refs.onboardingDialog as OnboardingDialog).open(OnboardPage.Home);
     }
@@ -740,11 +731,11 @@ export default class HomeView extends Vue {
    * - Displays user notification
    *
    * @internal
-   * Called by mounted() and handleFeedError()
+   * Called by mounted()
    * @param err Error object with optional userMessage
    */
   private handleError(err: unknown) {
-    logConsoleAndDb("Error retrieving settings or feed: " + err, true);
+    logger.error("Error retrieving settings or feed:", err);
     this.$notify(
       {
         group: "alert",
@@ -790,7 +781,8 @@ export default class HomeView extends Vue {
    * Called by FeedFilters component when filters change
    */
   async reloadFeedOnChange() {
-    const settings = await retrieveSettingsForActiveAccount();
+    const platform = this.$platform;
+    const settings = await platform.getActiveAccountSettings();
     this.isFeedFilteredByVisible = !!settings.filterFeedByVisible;
     this.isFeedFilteredByNearby = !!settings.filterFeedByNearby;
     this.isAnyFeedFilterOn = checkIsAnyFeedFilterOn(settings);
@@ -1064,7 +1056,7 @@ export default class HomeView extends Vue {
    * @returns The fulfills plan object
    */
   private async getFulfillsPlan(record: GiveSummaryRecord) {
-    return await getPlanFromCache(
+    return await this.$platform.getPlanFromCache(
       record.fulfillsPlanHandleId,
       this.axios,
       this.apiServer,
@@ -1142,7 +1134,7 @@ export default class HomeView extends Vue {
    * Called by processRecord()
    */
   private async getProvidedByPlan(provider: Provider | undefined) {
-    return await getPlanFromCache(
+    return await this.$platform.getPlanFromCache(
       provider?.identifier as string,
       this.axios,
       this.apiServer,
@@ -1197,14 +1189,14 @@ export default class HomeView extends Vue {
       giver: didInfoForContact(
         giverDid,
         this.activeDid,
-        contactForDid(giverDid, this.allContacts),
+        this.$platform.getContactForDid(giverDid, this.allContacts),
         this.allMyDids,
       ),
       image: claim.image,
       issuer: didInfoForContact(
         record.issuerDid,
         this.activeDid,
-        contactForDid(record.issuerDid, this.allContacts),
+        this.$platform.getContactForDid(record.issuerDid, this.allContacts),
         this.allMyDids,
       ),
       providerPlanHandleId: provider?.identifier as string,
@@ -1213,7 +1205,7 @@ export default class HomeView extends Vue {
       receiver: didInfoForContact(
         recipientDid,
         this.activeDid,
-        contactForDid(recipientDid, this.allContacts),
+        this.$platform.getContactForDid(recipientDid, this.allContacts),
         this.allMyDids,
       ),
     } as GiveRecordWithContactInfo;
@@ -1230,8 +1222,7 @@ export default class HomeView extends Vue {
       this.feedLastViewedClaimId == null ||
       this.feedLastViewedClaimId < records[0].jwtId
     ) {
-      await db.open();
-      await db.settings.update(MASTER_SETTINGS_KEY, {
+      await this.$platform.updateAccountSettings(this.activeDid, {
         lastViewedClaimId: records[0].jwtId,
       });
     }
@@ -1264,13 +1255,13 @@ export default class HomeView extends Vue {
    * @internal
    * Called by updateAllFeed()
    * @param endorserApiServer API server URL
-   * @param beforeId OptioCalled by updateAllFeed()nal ID to fetch earlier results
+   * @param beforeId Optional ID to fetch earlier results
    * @returns claims in reverse chronological order
    */
   async retrieveGives(endorserApiServer: string, beforeId?: string) {
     const beforeQuery = beforeId == null ? "" : "&beforeId=" + beforeId;
     const doNotShowErrorAgain = !!beforeId; // don't show error again if we're loading more
-    const headers = await getHeaders(
+    const headers = await this.$platform.getHeaders(
       this.activeDid,
       doNotShowErrorAgain ? undefined : this.$notify,
     );

src/views/IdentitySwitcherView.vue

@@ -106,14 +106,9 @@ import { Router } from "vue-router";
 
 import QuickNav from "../components/QuickNav.vue";
 import { NotificationIface } from "../constants/app";
-import {
-  accountsDBPromise,
-  db,
-  retrieveSettingsForActiveAccount,
-} from "../db/index";
-import { MASTER_SETTINGS_KEY } from "../db/tables/settings";
 import { retrieveAllAccountsMetadata } from "../libs/util";
 import { logger } from "../utils/logger";
+
 @Component({ components: { QuickNav } })
 export default class IdentitySwitcherView extends Vue {
   $notify!: (notification: NotificationIface, timeout?: number) => void;
@@ -127,7 +122,8 @@ export default class IdentitySwitcherView extends Vue {
 
   async created() {
     try {
-      const settings = await retrieveSettingsForActiveAccount();
+      const platform = this.$platform;
+      const settings = await platform.getActiveAccountSettings();
       this.activeDid = settings.activeDid || "";
       this.apiServer = settings.apiServer || "";
       this.apiServerInput = settings.apiServer || "";
@@ -162,10 +158,8 @@ export default class IdentitySwitcherView extends Vue {
     if (did === "0") {
       did = undefined;
     }
-    await db.open();
-    await db.settings.update(MASTER_SETTINGS_KEY, {
-      activeDid: did,
-    });
+    const platform = this.$platform;
+    await platform.updateAccountSettings(this.activeDid, { activeDid: did });
     this.$router.push({ name: "account" });
   }
 
@@ -177,9 +171,8 @@ export default class IdentitySwitcherView extends Vue {
         title: "Delete Identity?",
         text: "Are you sure you want to erase this identity? (There is no undo. You may want to select it and back it up just in case.)",
         onYes: async () => {
-          // one of the few times we use accountsDBPromise directly; try to avoid more usage
-          const accountsDB = await accountsDBPromise;
-          await accountsDB.accounts.delete(id);
+          const platform = this.$platform;
+          await platform.deleteAccount(id);
           this.otherIdentities = this.otherIdentities.filter(
             (ident) => ident.id !== id,
           );

src/views/InviteOneView.vue

@@ -328,30 +328,81 @@ export default class InviteOneView extends Vue {
     );
   }
 
-  addNewContact(did: string, notes: string) {
+  async addNewContact(did: string, notes: string) {
     (this.$refs.contactNameDialog as ContactNameDialog).open(
       "To Whom Did You Send The Invite?",
       "Their name will be added to your contact list.",
-      (name) => {
-        // the person obviously registered themselves and this user already granted visibility, so we just add them
-        const contact = {
-          did: did,
-          name: name,
-          registered: true,
-        };
-        db.contacts.add(contact);
-        this.contactsRedeemed[did] = contact;
-        this.$notify(
-          {
-            group: "alert",
-            type: "success",
-            title: "Contact Added",
-            text: `${name} has been added to your contacts.`,
-          },
-          3000,
-        );
+      async (name) => {
+        try {
+          // Get the SQLite interface from the platform service
+          const sqlite = await this.$platform.getSQLite();
+
+          // Create the contact object
+          const contact = {
+            did: did,
+            name: name,
+            registered: true,
+            notes: notes,
+            // Convert contact methods to JSON string as per schema
+            contactMethods: JSON.stringify([]),
+            // Other fields can be null/undefined as they're optional
+            nextPubKeyHashB64: null,
+            profileImageUrl: null,
+            publicKeyBase64: null,
+            seesMe: null,
+          };
+
+          // Insert the contact using a transaction
+          await sqlite.transaction([
+            {
+              sql: `
+                INSERT INTO contacts (
+                  did, name, registered, notes, contactMethods,
+                  nextPubKeyHashB64, profileImageUrl, publicKeyBase64, seesMe
+                ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+              `,
+              params: [
+                contact.did,
+                contact.name,
+                contact.registered ? 1 : 0, // Convert boolean to integer for SQLite
+                contact.notes,
+                contact.contactMethods,
+                contact.nextPubKeyHashB64,
+                contact.profileImageUrl,
+                contact.publicKeyBase64,
+                contact.seesMe ? 1 : 0, // Convert boolean to integer for SQLite
+              ],
+            },
+          ]);
+
+          // Update the local contacts cache
+          this.contactsRedeemed[did] = contact;
+
+          // Notify success
+          this.$notify(
+            {
+              group: "alert",
+              type: "success",
+              title: "Contact Added",
+              text: `${name} has been added to your contacts.`,
+            },
+            3000,
+          );
+        } catch (error) {
+          // Handle any errors
+          this.$notify(
+            {
+              group: "alert",
+              type: "danger",
+              title: "Error Adding Contact",
+              text: "Failed to add contact to database.",
+            },
+            5000,
+          );
+          logger.error("Error adding contact:", error);
+        }
       },
-      () => {},
+      () => {}, // onCancel callback
       notes,
     );
   }

src/views/NewActivityView.vue

@@ -154,11 +154,6 @@ import GiftedDialog from "../components/GiftedDialog.vue";
 import QuickNav from "../components/QuickNav.vue";
 import EntityIcon from "../components/EntityIcon.vue";
 import { NotificationIface } from "../constants/app";
-import {
-  db,
-  retrieveSettingsForActiveAccount,
-  updateAccountSettings,
-} from "../db/index";
 import { Contact } from "../db/tables/contacts";
 import { Router } from "vue-router";
 import { OfferSummaryRecord, OfferToPlanSummaryRecord } from "../interfaces";
@@ -169,6 +164,7 @@ import {
   getNewOffersToUserProjects,
 } from "../libs/endorserServer";
 import { retrieveAccountDids } from "../libs/util";
+import { logger } from "../utils/logger";
 
 @Component({
   components: { GiftedDialog, QuickNav, EntityIcon },
@@ -194,14 +190,15 @@ export default class NewActivityView extends Vue {
 
   async created() {
     try {
-      const settings = await retrieveSettingsForActiveAccount();
+      const platform = this.$platform;
+      const settings = await platform.getActiveAccountSettings();
       this.apiServer = settings.apiServer || "";
       this.activeDid = settings.activeDid || "";
       this.lastAckedOfferToUserJwtId = settings.lastAckedOfferToUserJwtId || "";
       this.lastAckedOfferToUserProjectsJwtId =
         settings.lastAckedOfferToUserProjectsJwtId || "";
 
-      this.allContacts = await db.contacts.toArray();
+      this.allContacts = await platform.getContacts();
       this.allMyDids = await retrieveAccountDids();
 
       const offersToUserData = await getNewOffersToUser(
@@ -240,7 +237,8 @@ export default class NewActivityView extends Vue {
   async expandOffersToUserAndMarkRead() {
     this.showOffersDetails = !this.showOffersDetails;
     if (this.showOffersDetails) {
-      await updateAccountSettings(this.activeDid, {
+      const platform = this.$platform;
+      await platform.updateAccountSettings(this.activeDid, {
         lastAckedOfferToUserJwtId: this.newOffersToUser[0].jwtId,
       });
       // note that we don't update this.lastAckedOfferToUserJwtId in case they
@@ -261,14 +259,15 @@ export default class NewActivityView extends Vue {
     const index = this.newOffersToUser.findIndex(
       (offer) => offer.jwtId === jwtId,
     );
+    const platform = this.$platform;
     if (index !== -1 && index < this.newOffersToUser.length - 1) {
       // Set to the next offer's jwtId
-      await updateAccountSettings(this.activeDid, {
+      await platform.updateAccountSettings(this.activeDid, {
         lastAckedOfferToUserJwtId: this.newOffersToUser[index + 1].jwtId,
       });
     } else {
       // it's the last entry (or not found), so just keep it the same
-      await updateAccountSettings(this.activeDid, {
+      await platform.updateAccountSettings(this.activeDid, {
         lastAckedOfferToUserJwtId: this.lastAckedOfferToUserJwtId,
       });
     }
@@ -287,7 +286,8 @@ export default class NewActivityView extends Vue {
     this.showOffersToUserProjectsDetails =
       !this.showOffersToUserProjectsDetails;
     if (this.showOffersToUserProjectsDetails) {
-      await updateAccountSettings(this.activeDid, {
+      const platform = this.$platform;
+      await platform.updateAccountSettings(this.activeDid, {
         lastAckedOfferToUserProjectsJwtId:
           this.newOffersToUserProjects[0].jwtId,
       });
@@ -309,15 +309,16 @@ export default class NewActivityView extends Vue {
     const index = this.newOffersToUserProjects.findIndex(
       (offer) => offer.jwtId === jwtId,
     );
+    const platform = this.$platform;
     if (index !== -1 && index < this.newOffersToUserProjects.length - 1) {
       // Set to the next offer's jwtId
-      await updateAccountSettings(this.activeDid, {
+      await platform.updateAccountSettings(this.activeDid, {
         lastAckedOfferToUserProjectsJwtId:
           this.newOffersToUserProjects[index + 1].jwtId,
       });
     } else {
       // it's the last entry (or not found), so just keep it the same
-      await updateAccountSettings(this.activeDid, {
+      await platform.updateAccountSettings(this.activeDid, {
         lastAckedOfferToUserProjectsJwtId:
           this.lastAckedOfferToUserProjectsJwtId,
       });

src/views/NewIdentifierView.vue

@@ -32,6 +32,17 @@
           size="128"
         ></font-awesome>
       </div>
+      <div v-else-if="hitError">
+        <span class="text-xl">Error Creating Identity</span>
+        <font-awesome
+          icon="exclamation-triangle"
+          class="fa-fw text-red-500 ml-2"
+        ></font-awesome>
+        <p class="text-sm text-gray-500">
+          Try fully restarting the app. If that doesn't work, back up all data
+          (identities and other data) and reinstall the app.
+        </p>
+      </div>
       <div v-else>
         <span class="text-xl">Created!</span>
         <font-awesome
@@ -62,14 +73,24 @@ import QuickNav from "../components/QuickNav.vue";
 @Component({ components: { QuickNav } })
 export default class NewIdentifierView extends Vue {
   loading = true;
+  hitError = false;
   $router!: Router;
 
   async mounted() {
-    await generateSaveAndActivateIdentity();
-    this.loading = false;
-    setTimeout(() => {
-      this.$router.push({ name: "home" });
-    }, 1000);
+    this.loading = true;
+    this.hitError = false;
+    generateSaveAndActivateIdentity()
+      .then(() => {
+        this.loading = false;
+        setTimeout(() => {
+          this.$router.push({ name: "home" });
+        }, 1000);
+      })
+      .catch((error) => {
+        this.loading = false;
+        this.hitError = true;
+        logger.error("Failed to generate identity:", error);
+      });
   }
 }
 </script>

src/views/QuickActionBvcEndView.vue

@@ -145,11 +145,6 @@ import { Router } from "vue-router";
 import QuickNav from "../components/QuickNav.vue";
 import TopMessage from "../components/TopMessage.vue";
 import { NotificationIface } from "../constants/app";
-import {
-  accountsDBPromise,
-  db,
-  retrieveSettingsForActiveAccount,
-} from "../db/index";
 import { Contact } from "../db/tables/contacts";
 import {
   GenericCredWrapper,
@@ -165,6 +160,7 @@ import {
   getHeaders,
 } from "../libs/endorserServer";
 import { logger } from "../utils/logger";
+
 @Component({
   methods: { claimSpecialDescription },
   components: {
@@ -172,7 +168,7 @@ import { logger } from "../utils/logger";
     TopMessage,
   },
 })
-export default class QuickActionBvcBeginView extends Vue {
+export default class QuickActionBvcEndView extends Vue {
   $notify!: (notification: NotificationIface, timeout?: number) => void;
 
   activeDid = "";
@@ -191,10 +187,11 @@ export default class QuickActionBvcBeginView extends Vue {
   async created() {
     this.loadingConfirms = true;
 
-    const settings = await retrieveSettingsForActiveAccount();
+    const platform = this.$platform;
+    const settings = await platform.getActiveAccountSettings();
     this.apiServer = settings.apiServer || "";
     this.activeDid = settings.activeDid || "";
-    this.allContacts = await db.contacts.toArray();
+    this.allContacts = await platform.getContacts();
 
     let currentOrPreviousSat = DateTime.now().setZone("America/Denver");
     if (currentOrPreviousSat.weekday < 6) {
@@ -213,10 +210,8 @@ export default class QuickActionBvcBeginView extends Vue {
         suppressMilliseconds: true,
       }) || "";
 
-    const accountsDB = await accountsDBPromise;
-    await accountsDB.open();
-    const allAccounts = await accountsDB.accounts.toArray();
-    this.allMyDids = allAccounts.map((acc) => acc.did);
+    const accounts = await platform.getAllAccounts();
+    this.allMyDids = accounts.map((acc) => acc.did);
     const headers = await getHeaders(this.activeDid);
     try {
       const response = await fetch(

src/views/SearchAreaView.vue

@@ -113,9 +113,9 @@ import { Router } from "vue-router";
 
 import QuickNav from "../components/QuickNav.vue";
 import { NotificationIface } from "../constants/app";
-import { db, retrieveSettingsForActiveAccount } from "../db/index";
-import { BoundingBox, MASTER_SETTINGS_KEY } from "../db/tables/settings";
+import { BoundingBox } from "../db/tables/settings";
 import { logger } from "../utils/logger";
+
 const DEFAULT_LAT_LONG_DIFF = 0.01;
 const WORLD_ZOOM = 2;
 const DEFAULT_ZOOM = 2;
@@ -147,7 +147,8 @@ export default class SearchAreaView extends Vue {
   searchBox: { name: string; bbox: BoundingBox } | null = null;
 
   async mounted() {
-    const settings = await retrieveSettingsForActiveAccount();
+    const platform = this.$platform;
+    const settings = await platform.getActiveAccountSettings();
     this.searchBox = settings.searchBoxes?.[0] || null;
     this.resetLatLong();
   }
@@ -204,8 +205,8 @@ export default class SearchAreaView extends Vue {
             westLong: this.localCenterLong - this.localLongDiff,
           },
         };
-        await db.open();
-        await db.settings.update(MASTER_SETTINGS_KEY, {
+        const platform = this.$platform;
+        await platform.updateMasterSettings({
           searchBoxes: [newSearchBox],
         });
         this.searchBox = newSearchBox;
@@ -251,8 +252,8 @@ export default class SearchAreaView extends Vue {
 
   public async forgetSearchBox() {
     try {
-      await db.open();
-      await db.settings.update(MASTER_SETTINGS_KEY, {
+      const platform = this.$platform;
+      await platform.updateMasterSettings({
         searchBoxes: [],
         filterFeedByNearby: false,
       });

src/views/TestView.vue

@@ -161,6 +161,42 @@
       </button>
     </div>
 
+    <div class="mt-8">
+      <h2 class="text-xl font-bold mb-4">SQL Operations</h2>
+      <div class="mb-4">
+        <div class="flex gap-2 mb-2">
+          <button
+            class="text-sm text-blue-600 hover:text-blue-800 underline"
+            @click="
+              sqlQuery = 'SELECT * FROM sqlite_master WHERE type=\'table\';'
+            "
+          >
+            All Tables
+          </button>
+        </div>
+        <textarea
+          v-model="sqlQuery"
+          class="w-full h-32 p-2 border border-gray-300 rounded-md font-mono"
+          placeholder="Enter your SQL query here..."
+        ></textarea>
+      </div>
+
+      <div class="mb-4">
+        <button
+          class="font-bold capitalize bg-slate-500 text-white px-3 py-2 rounded-md mr-2"
+          @click="executeSql"
+        >
+          Execute
+        </button>
+      </div>
+      <div v-if="sqlResult" class="mt-4">
+        <h3 class="text-lg font-semibold mb-2">Result:</h3>
+        <pre class="bg-gray-100 p-4 rounded-md overflow-x-auto">{{
+          JSON.stringify(sqlResult, null, 2)
+        }}</pre>
+      </div>
+    </div>
+
     <div class="mt-8">
       <h2 class="text-xl font-bold mb-4">Image Sharing</h2>
       Populates the "shared-photo" view as if they used "share_target".
@@ -271,6 +307,7 @@ import { AppString, NotificationIface } from "../constants/app";
 import { db, retrieveSettingsForActiveAccount } from "../db/index";
 import * as vcLib from "../libs/crypto/vc";
 import * as cryptoLib from "../libs/crypto";
+import databaseService from "../services/database";
 
 import {
   PeerSetup,
@@ -316,6 +353,10 @@ export default class Help extends Vue {
   peerSetup?: PeerSetup;
   userName?: string;
 
+  // for SQL operations
+  sqlQuery = "";
+  sqlResult: unknown = null;
+
   cryptoLib = cryptoLib;
 
   async mounted() {
@@ -492,5 +533,28 @@ export default class Help extends Vue {
     );
     logger.log("decoded", decoded);
   }
+
+  async executeSql() {
+    try {
+      const isSelect = this.sqlQuery.trim().toLowerCase().startsWith("select");
+      if (isSelect) {
+        this.sqlResult = await databaseService.query(this.sqlQuery);
+      } else {
+        this.sqlResult = await databaseService.run(this.sqlQuery);
+      }
+      logger.log("SQL Result:", this.sqlResult);
+    } catch (error) {
+      logger.error("SQL Error:", error);
+      this.$notify(
+        {
+          group: "alert",
+          type: "danger",
+          title: "SQL Error",
+          text: error instanceof Error ? error.message : String(error),
+        },
+        5000,
+      );
+    }
+  }
 }
 </script>

tsconfig.electron.json

@@ -21,6 +21,7 @@
   "include": [
     "src/electron/**/*.ts",
     "src/utils/**/*.ts",
-    "src/constants/**/*.ts"
+    "src/constants/**/*.ts",
+    "src/services/**/*.ts"
   ]
 } 

vite.config.capacitor.mts

@@ -1,4 +1,12 @@
 import { defineConfig } from "vite";
 import { createBuildConfig } from "./vite.config.common.mts";
 
-export default defineConfig(async () => createBuildConfig('capacitor')); 
+export default defineConfig(
+    async () => {
+        const baseConfig = await createBuildConfig('capacitor');
+        return mergeConfig(baseConfig, {
+            optimizeDeps: {
+                include: ['@capacitor-community/sqlite']
+            }
+        });
+    }); 

vite.config.common.mts

@@ -4,6 +4,7 @@ import dotenv from "dotenv";
 import { loadAppConfig } from "./vite.config.utils.mts";
 import path from "path";
 import { fileURLToPath } from 'url';
+import { nodePolyfills } from 'vite-plugin-node-polyfills';
 
 // Load environment variables
 dotenv.config();
@@ -25,8 +26,20 @@ export async function createBuildConfig(mode: string) {
   }
 
   return {
-    base: isElectron || isPyWebView ? "./" : "/",
-    plugins: [vue()],
+    base: isElectron || isPyWebView ? "./" : "./",
+    plugins: [
+      vue(),
+      // Add Node.js polyfills for Electron environment
+      isElectron ? nodePolyfills({
+        include: ['util', 'stream', 'buffer', 'events', 'assert', 'crypto'],
+        globals: {
+          Buffer: true,
+          global: true,
+          process: true,
+        },
+        protocolImports: true,
+      }) : null,
+    ].filter(Boolean),
     server: {
       port: parseInt(process.env.VITE_PORT || "8080"),
       fs: { strict: false },
@@ -35,8 +48,55 @@ export async function createBuildConfig(mode: string) {
       outDir: isElectron ? "dist-electron" : "dist",
       assetsDir: 'assets',
       chunkSizeWarningLimit: 1000,
+      target: isElectron ? 'node18' : 'esnext',
       rollupOptions: {
-        external: isCapacitor ? ['@capacitor/app'] : []
+        external: isCapacitor 
+          ? ['@capacitor/app'] 
+          : isElectron 
+            ? [
+                'sqlite3',
+                'sqlite',
+                'electron',
+                'fs',
+                'path',
+                'crypto',
+                'util',
+                'stream',
+                'buffer',
+                'events',
+                'assert',
+                'constants',
+                'os',
+                'net',
+                'tls',
+                'dns',
+                'http',
+                'https',
+                'zlib',
+                'url',
+                'querystring',
+                'punycode',
+                'string_decoder',
+                'timers',
+                'domain',
+                'dgram',
+                'child_process',
+                'cluster',
+                'module',
+                'vm',
+                'readline',
+                'repl',
+                'tty',
+                'v8',
+                'worker_threads'
+              ]
+            : [],
+        output: {
+          format: isElectron ? 'cjs' : 'es',
+          generatedCode: {
+            preset: 'es2015'
+          }
+        }
       }
     },
     define: {
@@ -46,11 +106,22 @@ export async function createBuildConfig(mode: string) {
       __dirname: isElectron ? JSON.stringify(process.cwd()) : '""',
       __IS_MOBILE__: JSON.stringify(isCapacitor),
       __USE_QR_READER__: JSON.stringify(!isCapacitor),
+      'process.platform': JSON.stringify('browser'),
+      'process.version': JSON.stringify('v16.0.0'),
+      'process.env.NODE_DEBUG': JSON.stringify(false),
+      'global.process': JSON.stringify({
+        platform: 'browser',
+        version: 'v16.0.0',
+        env: { NODE_DEBUG: false }
+      })
     },
     resolve: {
       alias: {
         '@': path.resolve(__dirname, './src'),
         ...appConfig.aliasConfig,
+        'path': path.resolve(__dirname, './src/utils/node-modules/path.js'),
+        'fs': path.resolve(__dirname, './src/utils/node-modules/fs.js'),
+        'crypto': path.resolve(__dirname, './src/utils/node-modules/crypto.js'),
         'nostr-tools/nip06': mode === 'development' 
           ? 'nostr-tools/nip06'
           : path.resolve(__dirname, 'node_modules/nostr-tools/nip06'),
@@ -62,7 +133,13 @@ export async function createBuildConfig(mode: string) {
       }
     },
     optimizeDeps: {
-      include: ['nostr-tools', 'nostr-tools/nip06', 'nostr-tools/core', 'dexie-export-import'],
+      include: [
+        'nostr-tools', 
+        'nostr-tools/nip06', 
+        'nostr-tools/core', 
+        'dexie-export-import',
+        '@jlongster/sql.js'
+      ],
       exclude: isElectron ? [
         'register-service-worker',
         'workbox-window',

vite.config.electron.mts

@@ -30,7 +30,7 @@ export default defineConfig(async () => {
       },
     },
     optimizeDeps: {
-      include: ['@/utils/logger']
+      include: ['@/utils/logger', '@capacitor-community/sqlite']
     },
     plugins: [
       {

vite.config.ts

@@ -4,6 +4,12 @@ import path from "path";
 
 export default defineConfig({
   plugins: [vue()],
+  server: {
+    headers: {
+      'Cross-Origin-Opener-Policy': 'same-origin',
+      'Cross-Origin-Embedder-Policy': 'require-corp'
+    }
+  },
   resolve: {
     alias: {
       '@': path.resolve(__dirname, './src'),
@@ -17,7 +23,7 @@ export default defineConfig({
     mainFields: ['module', 'jsnext:main', 'jsnext', 'main'],
   },
   optimizeDeps: {
-    include: ['nostr-tools', 'nostr-tools/nip06', 'nostr-tools/core'],
+    include: ['nostr-tools', 'nostr-tools/nip06', 'nostr-tools/core', '@jlongster/sql.js'],
     esbuildOptions: {
       define: {
         global: 'globalThis'
@@ -42,5 +48,6 @@ export default defineConfig({
         }
       }
     }
-  }
+  },
+  assetsInclude: ['**/*.wasm']
 }); 

vite.config.web.mts

@@ -8,6 +8,7 @@ export default defineConfig(async () => {
   const appConfig = await loadAppConfig();
 
   return mergeConfig(baseConfig, {
+    base: process.env.NODE_ENV === 'production' ? 'https://timesafari.anomalistdesign.com/' : './',
     plugins: [
       VitePWA({
         registerType: 'autoUpdate',
@@ -19,7 +20,22 @@ export default defineConfig(async () => {
           cleanupOutdatedCaches: true,
           skipWaiting: true,
           clientsClaim: true,
-          sourcemap: true
+          sourcemap: true,
+          navigateFallback: 'index.html',
+          runtimeCaching: [{
+            urlPattern: /^https:\/\/timesafari\.anomalistdesign\.com\/.*/i,
+            handler: 'CacheFirst',
+            options: {
+              cacheName: 'timesafari-cache',
+              expiration: {
+                maxEntries: 50,
+                maxAgeSeconds: 60 * 60 * 24 * 30 // 30 days
+              },
+              cacheableResponse: {
+                statuses: [0, 200]
+              }
+            }
+          }]
         }
       })
     ]