DEV Community: Samir Chatwiti The latest articles on DEV Community by Samir Chatwiti (@sanadidari). https://dev.to/sanadidari https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3870633%2F105e4c05-e9b1-40ce-a406-ffb222d77c21.jpeg DEV Community: Samir Chatwiti https://dev.to/sanadidari en Building a Zero-Trust Proof-of-Presence Protocol with Flutter & Supabase Samir Chatwiti Thu, 09 Apr 2026 23:02:59 +0000 https://dev.to/sanadidari/building-a-zero-trust-proof-of-presence-protocol-with-flutter-supabase-1hd5 https://dev.to/sanadidari/building-a-zero-trust-proof-of-presence-protocol-with-flutter-supabase-1hd5 <h1> Building a Zero-Trust Proof-of-Presence Protocol with Flutter &amp; Supabase </h1> <blockquote> <p>How I designed a cryptographic certification system for judicial officers — GPS, AES-GCM, SHA-256, and Mocktail tests.</p> </blockquote> <h2> The Problem </h2> <p>Imagine you are a judicial officer (huissier de justice) in Morocco. Your job requires you to physically appear at a location — a home, a court, a business — and serve a legal document. That act of presence is legally binding.</p> <p>The question: <strong>how do you prove, with cryptographic certainty, that you were physically present at a specific location, at a specific time, and that the evidence you captured was not tampered with afterward?</strong></p> <p>This is the problem I solved building <strong>QRPruf</strong> — a zero-trust proof-of-presence protocol embedded in a Flutter mobile app.</p> <h2> What "Zero-Trust" Means in This Context </h2> <p>Zero-trust doesn't mean "trust nothing from the network." Here it means:</p> <ul> <li> <strong>No server is trusted to compute the proof</strong> — all hashing and encryption happens on-device, in an Isolate</li> <li> <strong>No timestamp can be faked</strong> — GPS coordinates and device time are cryptographically bound to the file hash at capture time</li> <li> <strong>No file can be silently replaced</strong> — AES-GCM authentication tags detect any tampering</li> <li> <strong>No identity can be assumed</strong> — every proof payload is signed with a canonical SHA-256 that includes the user's subject ID</li> </ul> <h2> Architecture Overview </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>[Camera / Mic / GPS] │ ▼ [ProofCryptoService] ← On-device, runs in Dart Isolate • SHA-256 hash of raw file • AES-GCM encryption (256-bit key) • IV prepended to ciphertext │ ▼ [Proof Payload] • proof_id, subject_id, timestamp • GPS coordinates • item hashes + sizes • canonical_hash (SHA-256 of sorted JSON) │ ▼ [Supabase Edge Function] ← Server-side verification only • Verifies canonical hash • Issues signed proof certificate • Stores encrypted blobs in Storage │ ▼ [QR Code] ← Shareable proof certificate </code></pre> </div> <p>The critical design decision: <strong>the server never sees the original files, only the encrypted blobs and their hashes.</strong></p> <h2> The Crypto Layer: ProofCryptoService </h2> <p>This service runs entirely inside a Dart <code>Isolate</code> via <code>compute()</code> — no UI thread blocking, no memory spikes on large video files.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="kn">import</span> <span class="s">'dart:io'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter/foundation.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:crypto/crypto.dart'</span> <span class="k">as</span> <span class="n">crypto</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:encrypt/encrypt.dart'</span> <span class="k">as</span> <span class="n">encrypt</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:path_provider/path_provider.dart'</span><span class="o">;</span> <span class="kd">class</span> <span class="nc">ProofCryptoService</span> <span class="p">{</span> <span class="kd">static</span> <span class="kd">final</span> <span class="n">ProofCryptoService</span> <span class="n">_instance</span> <span class="o">=</span> <span class="n">ProofCryptoService</span><span class="o">.</span><span class="na">_internal</span><span class="p">();</span> <span class="kd">factory</span> <span class="n">ProofCryptoService</span><span class="p">()</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">_instance</span><span class="p">;</span> <span class="n">ProofCryptoService</span><span class="o">.</span><span class="na">_internal</span><span class="p">();</span> <span class="c1">/// Runs in a background Isolate — safe for large files</span> <span class="kd">static</span> <span class="kt">Map</span><span class="p">&lt;</span><span class="kt">String</span><span class="p">,</span> <span class="kd">dynamic</span><span class="p">&gt;</span> <span class="n">_encryptIsolate</span><span class="p">(</span><span class="kt">Map</span><span class="p">&lt;</span><span class="kt">String</span><span class="p">,</span> <span class="kd">dynamic</span><span class="p">&gt;</span> <span class="n">args</span><span class="p">)</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">bytes</span> <span class="o">=</span> <span class="n">File</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="s">'inputPath'</span><span class="p">])</span><span class="o">.</span><span class="na">readAsBytesSync</span><span class="p">();</span> <span class="c1">// 1. Hash the original (before encryption)</span> <span class="kd">final</span> <span class="n">sha256</span> <span class="o">=</span> <span class="n">crypto</span><span class="o">.</span><span class="na">sha256</span><span class="o">.</span><span class="na">convert</span><span class="p">(</span><span class="n">bytes</span><span class="p">)</span><span class="o">.</span><span class="na">toString</span><span class="p">();</span> <span class="c1">// 2. AES-GCM encryption — 256-bit key, 96-bit IV</span> <span class="kd">final</span> <span class="n">key</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Key</span><span class="o">.</span><span class="na">fromBase64</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="s">'keyBase64'</span><span class="p">]);</span> <span class="kd">final</span> <span class="n">iv</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">IV</span><span class="o">.</span><span class="na">fromSecureRandom</span><span class="p">(</span><span class="mi">12</span><span class="p">);</span> <span class="kd">final</span> <span class="n">enc</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Encrypter</span><span class="p">(</span><span class="n">encrypt</span><span class="o">.</span><span class="na">AES</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="nl">mode:</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">AESMode</span><span class="o">.</span><span class="na">gcm</span><span class="p">));</span> <span class="kd">final</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">enc</span><span class="o">.</span><span class="na">encryptBytes</span><span class="p">(</span><span class="n">bytes</span><span class="p">,</span> <span class="nl">iv:</span> <span class="n">iv</span><span class="p">);</span> <span class="c1">// 3. Write [IV (12 bytes) | ciphertext] to disk — avoids RAM duplication</span> <span class="kd">final</span> <span class="n">out</span> <span class="o">=</span> <span class="n">File</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="s">'outputPath'</span><span class="p">])</span><span class="o">.</span><span class="na">openSync</span><span class="p">(</span><span class="nl">mode:</span> <span class="n">FileMode</span><span class="o">.</span><span class="na">write</span><span class="p">);</span> <span class="n">out</span><span class="o">.</span><span class="na">writeFromSync</span><span class="p">(</span><span class="n">iv</span><span class="o">.</span><span class="na">bytes</span><span class="p">);</span> <span class="n">out</span><span class="o">.</span><span class="na">writeFromSync</span><span class="p">(</span><span class="n">encrypted</span><span class="o">.</span><span class="na">bytes</span><span class="p">);</span> <span class="n">out</span><span class="o">.</span><span class="na">closeSync</span><span class="p">();</span> <span class="k">return</span> <span class="p">{</span><span class="s">'sha256'</span><span class="o">:</span> <span class="n">sha256</span><span class="p">,</span> <span class="s">'size'</span><span class="o">:</span> <span class="n">bytes</span><span class="o">.</span><span class="na">length</span><span class="p">};</span> <span class="p">}</span> <span class="n">Future</span><span class="p">&lt;</span><span class="kt">Map</span><span class="p">&lt;</span><span class="kt">String</span><span class="p">,</span> <span class="kd">dynamic</span><span class="p">&gt;</span><span class="o">?</span><span class="p">&gt;</span> <span class="n">encryptFile</span><span class="p">(</span> <span class="kt">String</span> <span class="n">inputPath</span><span class="p">,</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Key</span> <span class="n">key</span><span class="p">,</span> <span class="p">{</span> <span class="kt">bool</span> <span class="n">skipEncryption</span> <span class="o">=</span> <span class="kc">false</span><span class="p">,</span> <span class="c1">// Videos: hash-only to avoid OOM</span> <span class="p">})</span> <span class="kd">async</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">skipEncryption</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="n">compute</span><span class="p">(</span><span class="n">_hashOnlyIsolate</span><span class="p">,</span> <span class="p">{</span><span class="s">'inputPath'</span><span class="o">:</span> <span class="n">inputPath</span><span class="p">});</span> <span class="p">}</span> <span class="kd">final</span> <span class="n">dir</span> <span class="o">=</span> <span class="k">await</span> <span class="n">getApplicationDocumentsDirectory</span><span class="p">();</span> <span class="kd">final</span> <span class="n">tempPath</span> <span class="o">=</span> <span class="s">'</span><span class="si">${dir.path}</span><span class="s">/enc_</span><span class="si">${DateTime.now().microsecondsSinceEpoch}</span><span class="s">.bin'</span><span class="p">;</span> <span class="kd">final</span> <span class="n">result</span> <span class="o">=</span> <span class="k">await</span> <span class="n">compute</span><span class="p">(</span><span class="n">_encryptIsolate</span><span class="p">,</span> <span class="p">{</span> <span class="s">'inputPath'</span><span class="o">:</span> <span class="n">inputPath</span><span class="p">,</span> <span class="s">'outputPath'</span><span class="o">:</span> <span class="n">tempPath</span><span class="p">,</span> <span class="s">'keyBase64'</span><span class="o">:</span> <span class="n">key</span><span class="o">.</span><span class="na">base64</span><span class="p">,</span> <span class="p">});</span> <span class="k">return</span> <span class="p">{</span><span class="s">'path'</span><span class="o">:</span> <span class="n">tempPath</span><span class="p">,</span> <span class="p">..</span><span class="o">.</span><span class="na">result</span><span class="p">};</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Why AES-GCM specifically?</strong></p> <p>GCM (Galois/Counter Mode) provides both confidentiality <em>and</em> authentication. If a single byte of the encrypted file is changed after encryption, decryption throws an exception — the authentication tag fails. This is what makes the proof tamper-evident.</p> <p><strong>Why <code>compute()</code> for the Isolate?</strong></p> <p>Flutter's <code>compute()</code> runs a top-level function in a separate Isolate. For a 50MB video file, this means:</p> <ul> <li>The main thread stays responsive</li> <li>Memory is not duplicated between threads (Dart Isolates don't share heap)</li> <li>AES operation on large files won't trigger OOM kills</li> </ul> <h2> The Verification Layer: ProofVerifier </h2> <p>A proof is only useful if anyone can verify it independently. The verification logic is intentionally pure — no network, no platform dependencies.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="kn">import</span> <span class="s">'dart:convert'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:crypto/crypto.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:qrpruf/models/proof.dart'</span><span class="o">;</span> <span class="kd">class</span> <span class="nc">ProofVerifier</span> <span class="p">{</span> <span class="kd">static</span> <span class="kt">bool</span> <span class="n">verify</span><span class="p">(</span><span class="n">Proof</span> <span class="n">proof</span><span class="p">)</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">canonical</span> <span class="o">=</span> <span class="n">_canonicalize</span><span class="p">({</span> <span class="s">'proof_id'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">proofId</span><span class="p">,</span> <span class="s">'proof_version'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">proofVersion</span><span class="p">,</span> <span class="s">'status'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">status</span><span class="p">,</span> <span class="s">'created_at'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">createdAt</span><span class="o">.</span><span class="na">toIso8601String</span><span class="p">(),</span> <span class="s">'timestamp_primary'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">timestampPrimary</span><span class="o">.</span><span class="na">toIso8601String</span><span class="p">(),</span> <span class="s">'timezone'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">timezone</span><span class="p">,</span> <span class="s">'subject_id'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">subjectId</span><span class="p">,</span> <span class="s">'items_count'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">itemsCount</span><span class="p">,</span> <span class="s">'hash_algorithm'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">hashAlgorithm</span><span class="p">,</span> <span class="s">'signature_algorithm'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">signatureAlgorithm</span><span class="p">,</span> <span class="s">'public_key_id'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">publicKeyId</span><span class="p">,</span> <span class="s">'auth_method'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">authMethod</span><span class="p">,</span> <span class="s">'confidence_level'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">confidenceLevel</span><span class="p">,</span> <span class="s">'purpose_type'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">purposeType</span><span class="p">,</span> <span class="s">'purposes'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">purposes</span><span class="p">,</span> <span class="p">});</span> <span class="kd">final</span> <span class="n">computed</span> <span class="o">=</span> <span class="n">sha256</span><span class="o">.</span><span class="na">convert</span><span class="p">(</span><span class="n">utf8</span><span class="o">.</span><span class="na">encode</span><span class="p">(</span><span class="n">canonical</span><span class="p">))</span><span class="o">.</span><span class="na">toString</span><span class="p">();</span> <span class="k">return</span> <span class="n">computed</span> <span class="o">==</span> <span class="n">proof</span><span class="o">.</span><span class="na">proofHash</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// Sort all keys recursively before JSON encoding.</span> <span class="c1">/// This makes the hash key-order independent.</span> <span class="kd">static</span> <span class="kt">String</span> <span class="n">_canonicalize</span><span class="p">(</span><span class="kt">Map</span><span class="p">&lt;</span><span class="kt">String</span><span class="p">,</span> <span class="kd">dynamic</span><span class="p">&gt;</span> <span class="n">data</span><span class="p">)</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">jsonEncode</span><span class="p">(</span><span class="n">_sortValue</span><span class="p">(</span><span class="n">data</span><span class="p">));</span> <span class="kd">static</span> <span class="kd">dynamic</span> <span class="n">_sortValue</span><span class="p">(</span><span class="kd">dynamic</span> <span class="n">value</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">value</span> <span class="k">is</span> <span class="kt">List</span><span class="p">)</span> <span class="k">return</span> <span class="n">value</span><span class="o">.</span><span class="na">map</span><span class="p">(</span><span class="n">_sortValue</span><span class="p">)</span><span class="o">.</span><span class="na">toList</span><span class="p">();</span> <span class="k">if</span> <span class="p">(</span><span class="n">value</span> <span class="k">is</span> <span class="kt">Map</span><span class="p">)</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">keys</span> <span class="o">=</span> <span class="n">value</span><span class="o">.</span><span class="na">keys</span><span class="o">.</span><span class="na">toList</span><span class="p">().</span><span class="o">.</span><span class="na">sort</span><span class="p">();</span> <span class="k">return</span> <span class="p">{</span><span class="k">for</span> <span class="p">(</span><span class="kd">final</span> <span class="n">k</span> <span class="k">in</span> <span class="n">keys</span><span class="p">)</span> <span class="nl">k:</span> <span class="n">_sortValue</span><span class="p">(</span><span class="n">value</span><span class="p">[</span><span class="n">k</span><span class="p">])};</span> <span class="p">}</span> <span class="k">return</span> <span class="n">value</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>The canonical hash is key-order independent.</strong> This matters because JSON serializers across platforms (Dart, JavaScript, Python) don't guarantee key ordering. By sorting keys before hashing, the same proof verifies correctly regardless of which platform serialized it.</p> <h2> Testing with Mocktail </h2> <p>Testing cryptographic code requires determinism. Mocktail (the Dart mocking library — no code generation) lets us test the full stack without hitting real Supabase endpoints.</p> <h3> Testing ProofVerifier — pure logic, no mocks needed </h3> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="kn">import</span> <span class="s">'dart:convert'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:crypto/crypto.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_test/flutter_test.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:qrpruf/models/proof.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:qrpruf/utils/proof_verifier.dart'</span><span class="o">;</span> <span class="c1">// Replicate the canonicalization in the test — independently</span> <span class="kt">String</span> <span class="nf">_computeExpectedHash</span><span class="p">(</span><span class="n">Proof</span> <span class="n">proof</span><span class="p">)</span> <span class="p">{</span> <span class="kd">dynamic</span> <span class="n">sort</span><span class="p">(</span><span class="kd">dynamic</span> <span class="n">v</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">v</span> <span class="k">is</span> <span class="kt">List</span><span class="p">)</span> <span class="k">return</span> <span class="n">v</span><span class="o">.</span><span class="na">map</span><span class="p">(</span><span class="n">sort</span><span class="p">)</span><span class="o">.</span><span class="na">toList</span><span class="p">();</span> <span class="k">if</span> <span class="p">(</span><span class="n">v</span> <span class="k">is</span> <span class="kt">Map</span><span class="p">)</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">keys</span> <span class="o">=</span> <span class="n">v</span><span class="o">.</span><span class="na">keys</span><span class="o">.</span><span class="na">toList</span><span class="p">().</span><span class="o">.</span><span class="na">sort</span><span class="p">();</span> <span class="k">return</span> <span class="p">{</span><span class="k">for</span> <span class="p">(</span><span class="kd">final</span> <span class="n">k</span> <span class="k">in</span> <span class="n">keys</span><span class="p">)</span> <span class="nl">k:</span> <span class="n">sort</span><span class="p">(</span><span class="n">v</span><span class="p">[</span><span class="n">k</span><span class="p">])};</span> <span class="p">}</span> <span class="k">return</span> <span class="n">v</span><span class="p">;</span> <span class="p">}</span> <span class="kd">final</span> <span class="n">data</span> <span class="o">=</span> <span class="p">{</span> <span class="s">'proof_id'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">proofId</span><span class="p">,</span> <span class="s">'auth_method'</span><span class="o">:</span> <span class="n">proof</span><span class="o">.</span><span class="na">authMethod</span><span class="p">,</span> <span class="c1">// ... all fields</span> <span class="p">};</span> <span class="k">return</span> <span class="n">sha256</span><span class="o">.</span><span class="na">convert</span><span class="p">(</span><span class="n">utf8</span><span class="o">.</span><span class="na">encode</span><span class="p">(</span><span class="n">jsonEncode</span><span class="p">(</span><span class="n">sort</span><span class="p">(</span><span class="n">data</span><span class="p">))))</span><span class="o">.</span><span class="na">toString</span><span class="p">();</span> <span class="p">}</span> <span class="kt">void</span> <span class="nf">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">group</span><span class="p">(</span><span class="s">'ProofVerifier'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="n">test</span><span class="p">(</span><span class="s">'returns true for correct hash'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">proof</span> <span class="o">=</span> <span class="n">buildTestProof</span><span class="p">(</span><span class="nl">hash:</span> <span class="n">_computeExpectedHash</span><span class="p">(</span><span class="n">baseProof</span><span class="p">));</span> <span class="n">expect</span><span class="p">(</span><span class="n">ProofVerifier</span><span class="o">.</span><span class="na">verify</span><span class="p">(</span><span class="n">proof</span><span class="p">),</span> <span class="n">isTrue</span><span class="p">);</span> <span class="p">});</span> <span class="n">test</span><span class="p">(</span><span class="s">'returns false for tampered hash'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">proof</span> <span class="o">=</span> <span class="n">buildTestProof</span><span class="p">(</span><span class="nl">hash:</span> <span class="s">'a'</span> <span class="o">*</span> <span class="mi">64</span><span class="p">);</span> <span class="n">expect</span><span class="p">(</span><span class="n">ProofVerifier</span><span class="o">.</span><span class="na">verify</span><span class="p">(</span><span class="n">proof</span><span class="p">),</span> <span class="n">isFalse</span><span class="p">);</span> <span class="p">});</span> <span class="n">test</span><span class="p">(</span><span class="s">'is deterministic — same proof verifies twice'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">proof</span> <span class="o">=</span> <span class="n">buildTestProof</span><span class="p">(</span><span class="nl">hash:</span> <span class="n">_computeExpectedHash</span><span class="p">(</span><span class="n">baseProof</span><span class="p">));</span> <span class="n">expect</span><span class="p">(</span><span class="n">ProofVerifier</span><span class="o">.</span><span class="na">verify</span><span class="p">(</span><span class="n">proof</span><span class="p">),</span> <span class="n">isTrue</span><span class="p">);</span> <span class="n">expect</span><span class="p">(</span><span class="n">ProofVerifier</span><span class="o">.</span><span class="na">verify</span><span class="p">(</span><span class="n">proof</span><span class="p">),</span> <span class="n">isTrue</span><span class="p">);</span> <span class="p">});</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <h3> Testing ProofCryptoService — file system + Isolate </h3> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="kn">import</span> <span class="s">'dart:io'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'dart:convert'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_test/flutter_test.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:crypto/crypto.dart'</span> <span class="k">as</span> <span class="n">crypto</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:encrypt/encrypt.dart'</span> <span class="k">as</span> <span class="n">encrypt</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:qrpruf/features/proofs/data/proof_crypto_service.dart'</span><span class="o">;</span> <span class="kt">void</span> <span class="nf">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">group</span><span class="p">(</span><span class="s">'AES-GCM roundtrip'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="n">test</span><span class="p">(</span><span class="s">'encrypt then decrypt returns original bytes'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">key</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Key</span><span class="o">.</span><span class="na">fromSecureRandom</span><span class="p">(</span><span class="mi">32</span><span class="p">);</span> <span class="kd">final</span> <span class="n">iv</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">IV</span><span class="o">.</span><span class="na">fromSecureRandom</span><span class="p">(</span><span class="mi">12</span><span class="p">);</span> <span class="kd">final</span> <span class="n">encrypter</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Encrypter</span><span class="p">(</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">AES</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="nl">mode:</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">AESMode</span><span class="o">.</span><span class="na">gcm</span><span class="p">)</span> <span class="p">);</span> <span class="kd">final</span> <span class="n">original</span> <span class="o">=</span> <span class="n">utf8</span><span class="o">.</span><span class="na">encode</span><span class="p">(</span><span class="s">'preuve judiciaire confidentielle'</span><span class="p">);</span> <span class="kd">final</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">encrypter</span><span class="o">.</span><span class="na">encryptBytes</span><span class="p">(</span><span class="n">original</span><span class="p">,</span> <span class="nl">iv:</span> <span class="n">iv</span><span class="p">);</span> <span class="kd">final</span> <span class="n">decrypted</span> <span class="o">=</span> <span class="n">encrypter</span><span class="o">.</span><span class="na">decryptBytes</span><span class="p">(</span><span class="n">encrypted</span><span class="p">,</span> <span class="nl">iv:</span> <span class="n">iv</span><span class="p">);</span> <span class="n">expect</span><span class="p">(</span><span class="n">decrypted</span><span class="p">,</span> <span class="n">equals</span><span class="p">(</span><span class="n">original</span><span class="p">));</span> <span class="p">});</span> <span class="n">test</span><span class="p">(</span><span class="s">'wrong key throws — GCM auth tag mismatch'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">key1</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Key</span><span class="o">.</span><span class="na">fromSecureRandom</span><span class="p">(</span><span class="mi">32</span><span class="p">);</span> <span class="kd">final</span> <span class="n">key2</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Key</span><span class="o">.</span><span class="na">fromSecureRandom</span><span class="p">(</span><span class="mi">32</span><span class="p">);</span> <span class="kd">final</span> <span class="n">iv</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">IV</span><span class="o">.</span><span class="na">fromSecureRandom</span><span class="p">(</span><span class="mi">12</span><span class="p">);</span> <span class="kd">final</span> <span class="n">enc1</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Encrypter</span><span class="p">(</span><span class="n">encrypt</span><span class="o">.</span><span class="na">AES</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span> <span class="nl">mode:</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">AESMode</span><span class="o">.</span><span class="na">gcm</span><span class="p">));</span> <span class="kd">final</span> <span class="n">enc2</span> <span class="o">=</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Encrypter</span><span class="p">(</span><span class="n">encrypt</span><span class="o">.</span><span class="na">AES</span><span class="p">(</span><span class="n">key2</span><span class="p">,</span> <span class="nl">mode:</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">AESMode</span><span class="o">.</span><span class="na">gcm</span><span class="p">));</span> <span class="kd">final</span> <span class="n">encrypted</span> <span class="o">=</span> <span class="n">enc1</span><span class="o">.</span><span class="na">encryptBytes</span><span class="p">(</span><span class="n">utf8</span><span class="o">.</span><span class="na">encode</span><span class="p">(</span><span class="s">'secret'</span><span class="p">),</span> <span class="nl">iv:</span> <span class="n">iv</span><span class="p">);</span> <span class="n">expect</span><span class="p">(()</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">enc2</span><span class="o">.</span><span class="na">decryptBytes</span><span class="p">(</span><span class="n">encrypted</span><span class="p">,</span> <span class="nl">iv:</span> <span class="n">iv</span><span class="p">),</span> <span class="n">throwsA</span><span class="p">(</span><span class="n">anything</span><span class="p">));</span> <span class="p">});</span> <span class="p">});</span> <span class="n">group</span><span class="p">(</span><span class="s">'ProofCryptoService.encryptFile — skipEncryption'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="kd">late</span> <span class="n">Directory</span> <span class="n">tempDir</span><span class="p">;</span> <span class="n">setUp</span><span class="p">(()</span> <span class="kd">async</span> <span class="p">{</span> <span class="n">tempDir</span> <span class="o">=</span> <span class="k">await</span> <span class="n">Directory</span><span class="o">.</span><span class="na">systemTemp</span><span class="o">.</span><span class="na">createTemp</span><span class="p">(</span><span class="s">'qrpruf_test_'</span><span class="p">);</span> <span class="p">});</span> <span class="n">tearDown</span><span class="p">(()</span> <span class="kd">async</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">tempDir</span><span class="o">.</span><span class="na">delete</span><span class="p">(</span><span class="nl">recursive:</span> <span class="kc">true</span><span class="p">));</span> <span class="n">test</span><span class="p">(</span><span class="s">'returns correct SHA-256 for known content'</span><span class="p">,</span> <span class="p">()</span> <span class="kd">async</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">content</span> <span class="o">=</span> <span class="n">utf8</span><span class="o">.</span><span class="na">encode</span><span class="p">(</span><span class="s">'contenu connu'</span><span class="p">);</span> <span class="kd">final</span> <span class="n">file</span> <span class="o">=</span> <span class="n">File</span><span class="p">(</span><span class="s">'</span><span class="si">${tempDir.path}</span><span class="s">/sample.jpg'</span><span class="p">)</span> <span class="p">.</span><span class="o">.</span><span class="na">writeAsBytesSync</span><span class="p">(</span><span class="n">content</span><span class="p">);</span> <span class="kd">final</span> <span class="n">result</span> <span class="o">=</span> <span class="k">await</span> <span class="n">ProofCryptoService</span><span class="p">()</span><span class="o">.</span><span class="na">encryptFile</span><span class="p">(</span> <span class="n">file</span><span class="o">.</span><span class="na">path</span><span class="p">,</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Key</span><span class="o">.</span><span class="na">fromSecureRandom</span><span class="p">(</span><span class="mi">32</span><span class="p">),</span> <span class="nl">skipEncryption:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">);</span> <span class="n">expect</span><span class="p">(</span> <span class="n">result</span><span class="o">?</span><span class="p">[</span><span class="s">'sha256'</span><span class="p">],</span> <span class="n">equals</span><span class="p">(</span><span class="n">crypto</span><span class="o">.</span><span class="na">sha256</span><span class="o">.</span><span class="na">convert</span><span class="p">(</span><span class="n">content</span><span class="p">)</span><span class="o">.</span><span class="na">toString</span><span class="p">()),</span> <span class="p">);</span> <span class="p">});</span> <span class="n">test</span><span class="p">(</span><span class="s">'throws when file does not exist'</span><span class="p">,</span> <span class="p">()</span> <span class="p">{</span> <span class="n">expect</span><span class="p">(</span> <span class="p">()</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">ProofCryptoService</span><span class="p">()</span><span class="o">.</span><span class="na">encryptFile</span><span class="p">(</span> <span class="s">'/nonexistent/file.jpg'</span><span class="p">,</span> <span class="n">encrypt</span><span class="o">.</span><span class="na">Key</span><span class="o">.</span><span class="na">fromSecureRandom</span><span class="p">(</span><span class="mi">32</span><span class="p">),</span> <span class="nl">skipEncryption:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">),</span> <span class="n">throwsA</span><span class="p">(</span><span class="n">isA</span><span class="p">&lt;</span><span class="n">Exception</span><span class="p">&gt;()),</span> <span class="p">);</span> <span class="p">});</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <h2> The CI Pipeline </h2> <p>Every push to <code>main</code> runs this GitHub Actions workflow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">QRPruf Flutter CI</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span> <span class="nv">main</span> <span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">quality-gate</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">subosito/flutter-action@v2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">channel</span><span class="pi">:</span> <span class="s">stable</span> <span class="na">cache</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">run</span><span class="pi">:</span> <span class="s">flutter pub get</span> <span class="c1"># Generate Riverpod annotations BEFORE tests</span> <span class="pi">-</span> <span class="na">run</span><span class="pi">:</span> <span class="s">dart run build_runner build --delete-conflicting-outputs</span> <span class="pi">-</span> <span class="na">run</span><span class="pi">:</span> <span class="s">flutter analyze</span> <span class="pi">-</span> <span class="na">run</span><span class="pi">:</span> <span class="s">flutter test --coverage</span> </code></pre> </div> <p><strong>The key insight:</strong> <code>build_runner</code> runs before <code>flutter test</code>. Generated code (Riverpod annotations) must exist before tests can import it. This is a common CI mistake that makes the green badge meaningless.</p> <h2> What I Learned </h2> <p><strong>1. Isolates are not optional for crypto on mobile.</strong><br> AES-256 on a 30MB video on a mid-range Android device takes ~800ms. On the main thread, that freezes the UI. In an Isolate, the user sees a progress indicator.</p> <p><strong>2. Canonical hashing is the hardest part to get right.</strong><br> The first version of <code>ProofVerifier</code> failed intermittently because JSON key ordering differed between the app (Dart) and the verification server (Node.js). Sorting keys recursively before hashing fixed it permanently.</p> <p><strong>3. <code>skipEncryption</code> for video is a pragmatic tradeoff.</strong><br> Dart's pure AES engine runs out of RAM on files larger than ~100MB. For large videos, we hash the original and upload a non-encrypted stream with TLS. The hash still proves tamper-evidence — only confidentiality is reduced, and large video files in court contexts are less sensitive than text documents.</p> <p><strong>4. Mocktail &gt; Mockito for Flutter.</strong><br> No <code>build_runner</code>, no <code>@GenerateMocks</code>, no code generation step to maintain. Just <code>class MockX extends Mock implements X {}</code> — one line.</p> <h2> The Result </h2> <p>A judicial officer opens QRPruf, selects the act type, captures images/audio/video on-site. Within seconds, a QR code is generated that encodes a cryptographic proof — verifiable by any court system without trusting the officer's device, the network, or the server.</p> <p>The proof survives even if Supabase is compromised: the canonical hash computed on-device will not match a server-generated replacement.</p> <p>That is what zero-trust means in practice.</p> <h2> Links </h2> <ul> <li>GitHub: <a href="https://github.com/sanadidari/qrpruf" rel="noopener noreferrer">github.com/sanadidari/qrpruf</a> </li> <li>Live: <a href="https://qrpruf.com" rel="noopener noreferrer">qrpruf.com</a> </li> </ul> <p><em>Built as part of the WITI Institutional Intelligence ecosystem — a full-stack platform for Morocco's judicial corps.</em></p> <p><em>Tags: #flutter #dart #security #cryptography #supabase #testing</em></p> flutter dart security supabase