fix: keychain access persistence

[jvsena42]

Fix #293

Description

This PR prevents sensitive keychain data (mnemonics, passphrases, PINs) from being recovered after app uninstall by:

1. Using a Documents marker file to reliably detect app reinstallation.
2. Detecting native and RN orphaned keychain data on fresh install and wiping it automatically.
3. Wiping RN Keychain data after successfull migration

Breaking Change ⚠️
Users upgrading from master to this branch will have their wallet wiped and will need to restore from their recovery phrase.

This only affects the upgrade path. Normal usage after installation and migration from RN works correctly.

Why Documents Marker?

The Keychain data is stored in App Group storage, which persists after uninstall on iOS. The Documents directory is reliably deleted on uninstall, so the marker file serves as the reliable detection mechanism.

Testing Scenarios

1. Fresh install → Creates wallet normally with encrypted keychain.
2. Uninstall + reinstall → Detects orphaned data, wipes, shows onboarding.
3. App wipe (Settings) → Cleans everything including encryption key.
4. RN migration → Migrates data correctly, then encrypts.
5. Upgrade from master → Wipes wallet (expected, see Breaking Change above).
6. Install from master → delete it (will persist keychain data) → Install RN → install this branch → Migration Flow
7. Install RN → delete it (will persist keychain data) → install this branch → Migration Flow

Screenshot / Video

unninstall-master-install-rn-migrate.mp4

install-over-master.mp4

reset-and-restore.mp4

delete-and-restore.mp4

recover-from.RN.mp4

[Copilot]

Pull request overview

This PR fixes a security issue where sensitive keychain data (mnemonics, passphrases, PINs) persisted after app uninstall on iOS. The solution implements a Documents directory marker file to reliably detect app reinstallation and automatically wipes orphaned keychain data.

Changes:

• Implemented installation marker mechanism using Documents directory for reliable reinstall detection
• Added automatic detection and cleanup of orphaned native and React Native keychain data
• Enhanced keychain security attributes to prevent iCloud sync and restrict to device-only access

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
Bitkit/Utilities/InstallationMarker.swift	New utility for managing installation marker file in Documents directory
Bitkit/Utilities/Keychain.swift	Updated security attributes to use device-only access and disable synchronization
Bitkit/Services/MigrationsService.swift	Added orphaned RN keychain detection and comprehensive cleanup methods
Bitkit/AppScene.swift	Integrated orphaned keychain handling at app startup
Bitkit/Utilities/AppReset.swift	Added marker deletion during app reset
BitkitTests/InstallationMarkerTests.swift	Comprehensive tests for installation marker functionality
BitkitTests/OrphanedKeychainTests.swift	Tests for orphaned keychain detection and cleanup
BitkitTests/RNMigrationCleanupTests.swift	Tests for RN migration cleanup functionality
BitkitTests/KeychainTests.swift	Enhanced tests to verify security attributes and device-only access