Michael Freno
a8a5930ced
CRITICAL: - SEC-001: Auth tokens now stored in SecureStore (Keychain/Keystore) - SEC-002: Biometric bypass removed - alerts user and disables when unavailable HIGH: - SEC-003: Push projectId moved to EXPO_PUBLIC_EAS_PROJECT_ID env var - SEC-004: Token refresh mechanism added with refreshSession/hydrateTokens - SEC-005: debug already gated on __DEV__ (confirmed) MEDIUM: - SEC-006: All PII stores (darkwatch, voiceprint, spamshield, settings, auth) now use encrypted AsyncStorage - SEC-007: Certificate pinning documented with TODO for production - SEC-008: Login brute force protection: 5 attempts then 5-minute lockout LOW: - SEC-009: Watch list input validation with format checks per entity type - SEC-010: Upgrade Plan button shows billing coming soon alert