feat(settings): gate debug options behind a confirmation (+ re-auth if secured)

Revealing the DEBUG OPTIONS dropdown now opens a confirmation modal with a
warning instead of expanding directly. If the wallet is secured, it also requires
re-authentication before the options appear:
- a quick-unlock PIN → verified against the vault (Argon2id derive, off-thread,
  no wallet side effects);
- otherwise an encrypted wallet → the passphrase, verified via walletpassphrase.
Unsecured wallets just confirm. Collapsing needs no gate; each expand re-gates.

App gains debugGateRequiresAuth() + verifyDebugCredential() (cb on the main
thread; secrets wiped). Adds a modal-debug-gate sweep surface. Verified 100% +
150%, dark + light.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-07-10 18:46:50 -05:00
parent aa587d1d84
commit 46fb0029b8
6 changed files with 160 additions and 1 deletions

View File

@@ -21,6 +21,7 @@
#include "ui/windows/wallets_dialog.h"
#include "ui/windows/daemon_download_dialog.h"
#include "ui/windows/xmrig_download_dialog.h"
#include "ui/pages/settings_page.h"
#include "util/platform.h"
#include "wallet/wallet_capabilities.h"
@@ -442,6 +443,11 @@ void App::buildSweepCatalog()
[](App& a) { a.console_tab_.sweepSetCommandsPopup(true); },
[](App& a) { a.console_tab_.sweepSetCommandsPopup(false); });
// Debug-options gate: confirmation + warning, with the passphrase re-auth field (encrypted).
add("modal-debug-gate", ui::NavPage::Settings,
[](App& a) { a.state_.encrypted = true; ui::SweepOpenDebugGate(true); },
[](App& a) { ui::SweepOpenDebugGate(false); a.applyHealthyDemoState(); });
// Daemon updater — the two-pane version picker (versions left, selected-version detail right).
// Seeds fake releases so the offline sweep renders it without a network fetch / live updater.
add("modal-daemon-update", ui::NavPage::Settings,