# Livre Wallet Public Release Audit

Date: 2026-05-12

This audit separates public release material from local development state. The public trust package should contain clean source, reproducible build notes, signed or packaged app binaries, and SHA256 checksums. It should not contain generated caches, local proofs, private keys, wallet files, or machine-specific build output.

## Current Release Target

- App: Livre Wallet
- Platform for first release: macOS desktop
- Network for current test build: Solana devnet
- Privacy flow: Private Relay preferred, Emergency Withdrawal available for recovery/testing
- Fee schedule target: 0.5% deposit fee, 0.05% shield relayer fee, 0.05% withdraw relayer fee

## Audit Commands

```sh
rg -n -i "[personal-name patterns]|/Users/|seed phrase|mnemonic|private key|secret key|\\.env|id\\.json|treasury\\.json|my-note|proof-package|kora-db|TemporaryItems" . \
  --glob '!build/**' \
  --glob '!.dart_tool/**' \
  --glob '!ios/Pods/**' \
  --glob '!macos/Pods/**' \
  --glob '!**/node_modules/**'

find . -maxdepth 4 \( -name build -o -name .dart_tool -o -name Pods -o -name node_modules -o -name "*.json" -o -name "*.env" -o -name "*.zip" -o -name "*.dmg" -o -name "*.ipa" \) -print
```

## Fixed

- Removed the hardcoded test mnemonic from `tool/print_umbra_addr.dart`; the tool now requires `CHANIS_TEST_MNEMONIC`.
- Added release and private-file exclusions to `.gitignore`.

## Exclude From Public Source Archives

- `.dart_tool/`
- `build/`
- `ios/Pods/`
- `macos/Pods/`
- `**/node_modules/`
- `release/`
- `website/releases/`
- `input.json`
- `nano`
- `lib/*.backup*`
- `*.env`
- `proof-package-*.json`
- `my-note*.json`
- `*.note.json`
- `data/kora-db.json`
- `data/desktop-local/`

## Allowed Findings

- `assets/umbra/bundle.js` may contain third-party author names and crypto terms from bundled dependencies. Those are dependency code references, not Livre personal metadata.
- Source files can contain words like seed, mnemonic, or secret when describing wallet functionality, as long as no real key material is present.

## Release Rule

Do not publish a full developer ZIP as the public source release. Publish a clean source archive generated from tracked source and approved public docs, then publish binary release packages separately with SHA256 checksums.