GmsCore
GmsCore copied to clipboard
Published
20 hours ago •
microg
microg
[de.tk.apps.android.tkident] TK Ident app crashes on startup (due to SafetyNet error)
Affected app
Name: TK Ident app
Package id: de.tk.apps.android.tkident
Version: Version 2.0.1
Describe the bug When you start the app, it shortly builds an UI (with loading icon) and then crashes without any visible error message.
Before that, the static introduction screens can be swiped through, but these do not matter.
To Reproduce Steps to reproduce the behavior:
- Install app.
- Start it.
Expected behavior Not crash.
Screenshots
System
Android Version: Android 15
Custom ROM: CalyxOS 6.6.23
Device: Fairphone 4 (FP4)
Build-ID: BP1A.250405.007.25606230
Note: Reported downstream to my CustomROM in https://gitlab.com/CalyxOS/calyxos/-/issues/3226
microG microG Core version: Version 0.3.7.250932-18 (b12b324) com.google.android.gms microG Self-Check results: All ticked except "account permission", which cannot be granted, already reported as/to https://gitlab.com/CalyxOS/calyxos/-/issues/3218
Additional context Logcat: https://gist.github.com/rugk/6ef6287a316fcd3953dabb1a5647cca7
Suspicious entries:
05-07 14:40:01.458 29289 29289 I Zygote : Process 29369 exited due to signal 9 (Killed)
05-07 14:40:01.458 3566 3593 D ForegroundUtils: UID: 90001 deleted.
05-07 14:40:01.459 1674 1839 I libprocessgroup: Removed cgroup /sys/fs/cgroup/uid_90001/pid_29369
05-07 14:40:01.487 624 624 E KeymasterUtils: rsp_header->status: -10003
05-07 14:40:01.492 641 28563 E keystore2: system/security/keystore2/src/error.rs:183 - system/security/keystore2/src/security_level.rs:680
05-07 14:40:01.492 641 28563 E keystore2:
05-07 14:40:01.492 641 28563 E keystore2: Caused by:
05-07 14:40:01.492 641 28563 E keystore2: 0: system/security/keystore2/src/security_level.rs:674: While generating without a provided attestation key and params: [KeyParameter { tag: r#KEY_SIZE, value: Integer(256) }, KeyParameter { tag: r#ALGORITHM, value: Algorithm(r#EC) }, KeyParameter { tag: r#EC_CURVE, value: EcCurve(r#P_256) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#DECRYPT) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#SIGN) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_256) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_512) }, KeyParameter { tag: r#NO_AUTH_REQUIRED, value: BoolValue(true) }, KeyParameter { tag: r#CERTIFICATE_NOT_AFTER, value: DateTime(2461449600000) }, KeyParameter { tag: r#CERTIFICATE_NOT_BEFORE, value: DateTime(0) }, KeyParameter { tag: r#CERTIFICATE_SERIAL, value: Blob([1]) }, KeyParameter { tag: r#CERTIFICATE_SUBJECT, value: Blob([48, 31, 49, 29, 48, 27, 6, 3, 85, 4, 3, 19, 20, 65, 110, 100, 114, 111, 105, 100, 32, 75, 101, 121, 115, 116, 111, 114, 101, 32, 75, 101, 121]) }, KeyParameter { tag: r#ATTESTATION_CHALLENGE, value: Blob([52, 55, 56, 102, 48, 51, 53, 52, 45, 100, 98, 99, 101, 45, 52, 101, 97, 53, 45, 98, 53, 54, 48, 45, 99, 56, 98, 102, 57, 102, 51, 101, 52, 101, 52, 101]) }, KeyParameter { tag: r#ATTESTATION_APPLICATION_ID, value: Blob([48, 72, 49, 34, 48, 32, 4, 26, 100, 101, 46, 116, 107, 46, 97, 112, 112, 115, 46, 97, 110, 100, 114, 111, 105, 100, 46, 116, 107, 105, 100, 101, 110, 116, 2, 2, 39, 36, 49, 34, 4, 32, 213, 69, 119, 243, 211, 93, 146, 96, 61, 100, 82, 74, 182, 31, 163, 240, 9, 23, 15, 3, 197, 189, 115, 111, 64, 69, 247, 200, 28, 103, 196, 18]) }].
05-07 14:40:01.492 641 28563 E keystore2: 1: Error::Km(-10003)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: FATAL EXCEPTION: mobile-client-initializer-thread-1
05-07 14:40:01.497 29327 29364 E AndroidRuntime: Process: de.tk.apps.android.tkident, PID: 29327
05-07 14:40:01.497 29327 29364 E AndroidRuntime: java.security.ProviderException: Failed to generate key pair.
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:711)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:750)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.Mc.j(Unknown Source:160)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.Mc.d(Unknown Source:7)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.He.i(Unknown Source:656)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.He.j(Unknown Source:7)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.He.i(Unknown Source:1721)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.He.b(Unknown Source:7)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.f3.e(Unknown Source:401)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.f3.a(Unknown Source:5)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.Xj.c(Unknown Source:146)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.Xj.f(Unknown Source:6)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.H7.q(Unknown Source:105)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.H7.u(Unknown Source:7)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.H7.f(Unknown Source:79)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.H7.g(Unknown Source:7)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.Pd.a(Unknown Source:19)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at yz.Pd.run(Unknown Source:6)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1156)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:651)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at java.lang.Thread.run(Thread.java:1119)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: Caused by: android.security.KeyStoreException: -10003 (internal Keystore code: -10003 message: system/security/keystore2/src/security_level.rs:680
05-07 14:40:01.497 29327 29364 E AndroidRuntime:
05-07 14:40:01.497 29327 29364 E AndroidRuntime: Caused by:
05-07 14:40:01.497 29327 29364 E AndroidRuntime: 0: system/security/keystore2/src/security_level.rs:674: While generating without a provided attestation key and params: [KeyParameter { tag: r#KEY_SIZE, value: Integer(256) }, KeyParameter { tag: r#ALGORITHM, value: Algorithm(r#EC) }, KeyParameter { tag: r#EC_CURVE, value: EcCurve(r#P_256) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#DECRYPT) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#SIGN) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_256) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_512) }, KeyParameter { tag: r#NO_AUTH_REQUIRED, value: BoolValue(true) }, KeyParameter { tag: r#CERTIFICATE_NOT_AFTER, value: DateTime(2461449600000) }, KeyParameter { tag: r#CERTIFICATE_NOT_BEFORE, value: DateTime(0) }, KeyParameter { tag: r#CERTIFICATE_SERIAL, value: Blob([1]) }, KeyParameter { tag: r#CERTIFICATE_SUBJECT, value: Blob([48, 31, 49, 29, 48, 27, 6, 3, 85, 4, 3, 19, 20, 65, 110, 100, 114, 111, 105, 100, 32, 75, 101, 121, 115, 116, 111, 114, 101, 32, 75, 101, 121]) }, KeyParameter { tag: r#ATTESTATION_CHALLENGE, value: Blob([52, 55, 56, 102, 48, 51, 53, 52, 45, 100, 98, 99, 101, 45, 52, 101, 97, 53, 45, 98, 53, 54, 48, 45, 99, 56, 98, 102, 57, 102, 51, 101, 52, 101, 52, 101]) }, KeyParameter { tag: r#ATTESTATION_APPLICATION_ID, value: Blob([48, 72, 49, 34, 48, 32, 4, 26, 100, 101, 46, 116, 107, 46, 97, 112, 112, 115, 46, 97, 110, 100, 114, 111, 105, 100, 46, 116, 107, 105, 100, 101, 110, 116, 2, 2, 39, 36, 49, 34, 4, 32, 213, 69, 119, 243, 211, 93, 146, 96, 61, 100, 82, 74, 182, 31, 163, 240, 9, 23, 15, 3, 197, 189, 115, 111, 64, 69, 247, 200, 28, 103, 196, 18]) }].
05-07 14:40:01.497 29327 29364 E AndroidRuntime: 1: Error::Km(-10003)) (public error code: 10 internal Keystore code: -10003)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:428)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at android.security.KeyStoreSecurityLevel.handleExceptions(KeyStoreSecurityLevel.java:58)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at android.security.KeyStoreSecurityLevel.generateKey(KeyStoreSecurityLevel.java:149)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: at android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:698)
05-07 14:40:01.497 29327 29364 E AndroidRuntime: ... 20 more
05-07 14:40:01.501 1674 29388 I DropBoxManagerService: add tag=data_app_crash isTagEnabled=true flags=0x2
05-07 14:40:01.502 1674 2987 W ActivityTaskManager: Force finishing activity de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthActivity
And before that:
05-07 14:40:03.215 1674 12795 D BiometricService/PreAuthInfo: Package: de.tk.apps.android.tkident Sensor ID: 0 Modality: 2 Status: 1
05-07 14:40:03.216 1674 12795 D BiometricService/PreAuthInfo: getCanAuthenticateInternal Modality: 2 AuthenticatorStatus: 1
05-07 14:40:03.216 1674 12795 D AuthService: canAuthenticate, userId: 0, callingUserId: 0, authenticators: 15, result: 0
05-07 14:40:03.222 1674 12795 I ActivityManager: Killing 29432:de.tk.apps.android.tkident:yghgigzgjgqgugtgxgwggyyyhyiyzycyjyeyoypydyqysyvyrylyuyayxyghyhihzhjhqhfhvh:yz.ЍЉ/u0a417i-8998 (adj 0): isolated not needed
05-07 14:40:03.237 641 28563 W keystore2: system/security/keystore2/src/remote_provisioning.rs:97 - Error occurred: system/security/keystore2/src/remote_provisioning.rs:131: Trying to get IRPC name.
05-07 14:40:03.237 641 28563 W keystore2:
05-07 14:40:03.237 641 28563 W keystore2: Caused by:
05-07 14:40:03.237 641 28563 W keystore2: 0: system/security/keystore2/src/globals.rs:454: Failed to get rpc for sec level r#TRUSTED_ENVIRONMENT
05-07 14:40:03.237 641 28563 W keystore2: 1: Error::Km(r#HARDWARE_TYPE_UNAVAILABLE)
05-07 14:40:03.239 607 617 D DrmLibTime: got the req here! ret=0
05-07 14:40:03.239 607 617 D DrmLibTime: command id, time_cmd_id = 770
05-07 14:40:03.239 607 617 D DrmLibTime: time_getutcsec starts!
05-07 14:40:03.239 607 617 D DrmLibTime: QSEE Time Listener: time_getutcsec
05-07 14:40:03.239 607 617 D DrmLibTime: QSEE Time Listener: get_utc_seconds
05-07 14:40:03.239 607 617 D DrmLibTime: QSEE Time Listener: time_get_modem_time
05-07 14:40:03.239 607 617 D DrmLibTime: QSEE Time Listener: Checking if ATS_MODEM is set or not.
05-07 14:40:03.239 607 617 D QC-time-services: Lib:time_genoff_operation: pargs->base = 13
05-07 14:40:03.239 607 617 D QC-time-services: Lib:time_genoff_operation: pargs->operation = 2
05-07 14:40:03.239 607 617 D QC-time-services: Lib:time_genoff_operation: pargs->ts_val = 0
05-07 14:40:03.239 607 617 D QC-time-services: Lib:time_genoff_operation: Send to server passed!!
05-07 14:40:03.239 825 1185 D QC-time-services: Daemon: Connection accepted:time_genoff
05-07 14:40:03.240 825 29448 D QC-time-services: Daemon:Received base = 13, unit = 1, operation = 2,value = 0
05-07 14:40:03.240 825 29448 D QC-time-services: Daemon:genoff_opr: Base = 13, val = 0, operation = 2
05-07 14:40:03.240 825 29448 D QC-time-services: offset is: 1 for base: 13
05-07 14:40:03.240 607 617 E QC-time-services: Receive Passed == base = 13, unit = 1, operation = 2, result = 0
05-07 14:40:03.240 607 617 D DrmLibTime: QSEE Time Listener: ATS_MODEM is set. Try to retrieve it.
05-07 14:40:03.240 825 1185 E QC-time-services: Daemon: Time-services: Waiting to acceptconnection
05-07 14:40:03.240 825 1185 D QC-time-services: Daemon: Connection accepted:time_genoff
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon:Received base = 13, unit = 1, operation = 1,value = 0
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon:genoff_opr: Base = 13, val = 0, operation = 1
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon: genoff get for 13
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon:Value read from QTimer mseconds = 413204006
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon:Value read from RTC mseconds on boot = 38442410000
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon:Value read from QTimer mseconds = 413204006
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon:Value read from generic offset = 1707766007344
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon:Delta read on boot mseconds = 38442393012
05-07 14:40:03.241 825 29450 D QC-time-services: Daemon:Final Time = 1746621604362
05-07 14:40:03.241 607 617 D DrmLibTime: QSEE Time Listener: Time GenOff - seconds: 1746621604
05-07 14:40:03.241 607 617 D DrmLibTime: time_getutcsec returns 0, sec = 1746621604; nsec = 0
05-07 14:40:03.241 607 617 D DrmLibTime: time_getutcsec finished!
05-07 14:40:03.241 607 617 D DrmLibTime: iotcl_continue_command finished! and return 0
05-07 14:40:03.241 607 617 D DrmLibTime: before calling ioctl to read the next time_cmd
05-07 14:40:03.243 29393 29445 W android.tkident: Opening an oat file without a class loader. Are you using the deprecated DexFile APIs?
05-07 14:40:03.244 825 1185 E QC-time-services: Daemon: Time-services: Waiting to acceptconnection
05-07 14:40:03.247 1674 1759 D DisplayManagerService: Drop pending events for gone uid 90002
05-07 14:40:03.247 3566 3593 D ForegroundUtils: UID: 90002 deleted.
05-07 14:40:03.249 29289 29289 I Zygote : Process 29432 exited due to signal 9 (Killed)
05-07 14:40:03.249 1674 1839 I libprocessgroup: Removed cgroup /sys/fs/cgroup/uid_90002/pid_29432
05-07 14:40:03.282 624 624 E KeymasterUtils: rsp_header->status: -10003
05-07 14:40:03.288 641 28563 E keystore2: system/security/keystore2/src/error.rs:183 - system/security/keystore2/src/security_level.rs:680
05-07 14:40:03.288 641 28563 E keystore2:
05-07 14:40:03.288 641 28563 E keystore2: Caused by:
05-07 14:40:03.288 641 28563 E keystore2: 0: system/security/keystore2/src/security_level.rs:674: While generating without a provided attestation key and params: [KeyParameter { tag: r#KEY_SIZE, value: Integer(256) }, KeyParameter { tag: r#ALGORITHM, value: Algorithm(r#EC) }, KeyParameter { tag: r#EC_CURVE, value: EcCurve(r#P_256) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#DECRYPT) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#SIGN) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_256) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_512) }, KeyParameter { tag: r#NO_AUTH_REQUIRED, value: BoolValue(true) }, KeyParameter { tag: r#CERTIFICATE_NOT_AFTER, value: DateTime(2461449600000) }, KeyParameter { tag: r#CERTIFICATE_NOT_BEFORE, value: DateTime(0) }, KeyParameter { tag: r#CERTIFICATE_SERIAL, value: Blob([1]) }, KeyParameter { tag: r#CERTIFICATE_SUBJECT, value: Blob([48, 31, 49, 29, 48, 27, 6, 3, 85, 4, 3, 19, 20, 65, 110, 100, 114, 111, 105, 100, 32, 75, 101, 121, 115, 116, 111, 114, 101, 32, 75, 101, 121]) }, KeyParameter { tag: r#ATTESTATION_CHALLENGE, value: Blob([102, 98, 52, 53, 54, 53, 48, 51, 45, 102, 51, 53, 48, 45, 52, 48, 56, 97, 45, 57, 57, 51, 50, 45, 50, 51, 49, 48, 51, 54, 57, 97, 55, 51, 98, 52]) }, KeyParameter { tag: r#ATTESTATION_APPLICATION_ID, value: Blob([48, 72, 49, 34, 48, 32, 4, 26, 100, 101, 46, 116, 107, 46, 97, 112, 112, 115, 46, 97, 110, 100, 114, 111, 105, 100, 46, 116, 107, 105, 100, 101, 110, 116, 2, 2, 39, 36, 49, 34, 4, 32, 213, 69, 119, 243, 211, 93, 146, 96, 61, 100, 82, 74, 182, 31, 163, 240, 9, 23, 15, 3, 197, 189, 115, 111, 64, 69, 247, 200, 28, 103, 196, 18]) }].
05-07 14:40:03.288 641 28563 E keystore2: 1: Error::Km(-10003)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: FATAL EXCEPTION: mobile-client-initializer-thread-1
05-07 14:40:03.288 641 28563 E keystore2: system/security/keystore2/src/error.rs:183 - system/security/keystore2/src/security_level.rs:680
05-07 14:40:03.288 641 28563 E keystore2:
05-07 14:40:03.288 641 28563 E keystore2: Caused by:
05-07 14:40:03.288 641 28563 E keystore2: 0: system/security/keystore2/src/security_level.rs:674: While generating without a provided attestation key and params: [KeyParameter { tag: r#KEY_SIZE, value: Integer(256) }, KeyParameter { tag: r#ALGORITHM, value: Algorithm(r#EC) }, KeyParameter { tag: r#EC_CURVE, value: EcCurve(r#P_256) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#DECRYPT) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#SIGN) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_256) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_512) }, KeyParameter { tag: r#NO_AUTH_REQUIRED, value: BoolValue(true) }, KeyParameter { tag: r#CERTIFICATE_NOT_AFTER, value: DateTime(2461449600000) }, KeyParameter { tag: r#CERTIFICATE_NOT_BEFORE, value: DateTime(0) }, KeyParameter { tag: r#CERTIFICATE_SERIAL, value: Blob([1]) }, KeyParameter { tag: r#CERTIFICATE_SUBJECT, value: Blob([48, 31, 49, 29, 48, 27, 6, 3, 85, 4, 3, 19, 20, 65, 110, 100, 114, 111, 105, 100, 32, 75, 101, 121, 115, 116, 111, 114, 101, 32, 75, 101, 121]) }, KeyParameter { tag: r#ATTESTATION_CHALLENGE, value: Blob([102, 98, 52, 53, 54, 53, 48, 51, 45, 102, 51, 53, 48, 45, 52, 48, 56, 97, 45, 57, 57, 51, 50, 45, 50, 51, 49, 48, 51, 54, 57, 97, 55, 51, 98, 52]) }, KeyParameter { tag: r#ATTESTATION_APPLICATION_ID, value: Blob([48, 72, 49, 34, 48, 32, 4, 26, 100, 101, 46, 116, 107, 46, 97, 112, 112, 115, 46, 97, 110, 100, 114, 111, 105, 100, 46, 116, 107, 105, 100, 101, 110, 116, 2, 2, 39, 36, 49, 34, 4, 32, 213, 69, 119, 243, 211, 93, 146, 96, 61, 100, 82, 74, 182, 31, 163, 240, 9, 23, 15, 3, 197, 189, 115, 111, 64, 69, 247, 200, 28, 103, 196, 18]) }].
05-07 14:40:03.288 641 28563 E keystore2: 1: Error::Km(-10003)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: FATAL EXCEPTION: mobile-client-initializer-thread-1
05-07 14:40:03.291 29393 29427 E AndroidRuntime: Process: de.tk.apps.android.tkident, PID: 29393
05-07 14:40:03.291 29393 29427 E AndroidRuntime: java.security.ProviderException: Failed to generate key pair.
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:711)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:750)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.Mc.j(Unknown Source:160)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.Mc.d(Unknown Source:7)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.He.i(Unknown Source:656)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.He.j(Unknown Source:7)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.He.i(Unknown Source:1721)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.He.b(Unknown Source:7)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.f3.e(Unknown Source:401)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.f3.a(Unknown Source:5)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.Xj.c(Unknown Source:146)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.Xj.f(Unknown Source:6)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.H7.q(Unknown Source:105)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.H7.u(Unknown Source:7)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.H7.f(Unknown Source:79)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.H7.g(Unknown Source:7)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.Pd.a(Unknown Source:19)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at yz.Pd.run(Unknown Source:6)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1156)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:651)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at java.lang.Thread.run(Thread.java:1119)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: Caused by: android.security.KeyStoreException: -10003 (internal Keystore code: -10003 message: system/security/keystore2/src/security_level.rs:680
05-07 14:40:03.291 29393 29427 E AndroidRuntime:
05-07 14:40:03.291 29393 29427 E AndroidRuntime: Caused by:
05-07 14:40:03.291 29393 29427 E AndroidRuntime: 0: system/security/keystore2/src/security_level.rs:674: While generating without a provided attestation key and params: [KeyParameter { tag: r#KEY_SIZE, value: Integer(256) }, KeyParameter { tag: r#ALGORITHM, value: Algorithm(r#EC) }, KeyParameter { tag: r#EC_CURVE, value: EcCurve(r#P_256) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#DECRYPT) }, KeyParameter { tag: r#PURPOSE, value: KeyPurpose(r#SIGN) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_256) }, KeyParameter { tag: r#DIGEST, value: Digest(r#SHA_2_512) }, KeyParameter { tag: r#NO_AUTH_REQUIRED, value: BoolValue(true) }, KeyParameter { tag: r#CERTIFICATE_NOT_AFTER, value: DateTime(2461449600000) }, KeyParameter { tag: r#CERTIFICATE_NOT_BEFORE, value: DateTime(0) }, KeyParameter { tag: r#CERTIFICATE_SERIAL, value: Blob([1]) }, KeyParameter { tag: r#CERTIFICATE_SUBJECT, value: Blob([48, 31, 49, 29, 48, 27, 6, 3, 85, 4, 3, 19, 20, 65, 110, 100, 114, 111, 105, 100, 32, 75, 101, 121, 115, 116, 111, 114, 101, 32, 75, 101, 121]) }, KeyParameter { tag: r#ATTESTATION_CHALLENGE, value: Blob([102, 98, 52, 53, 54, 53, 48, 51, 45, 102, 51, 53, 48, 45, 52, 48, 56, 97, 45, 57, 57, 51, 50, 45, 50, 51, 49, 48, 51, 54, 57, 97, 55, 51, 98, 52]) }, KeyParameter { tag: r#ATTESTATION_APPLICATION_ID, value: Blob([48, 72, 49, 34, 48, 32, 4, 26, 100, 101, 46, 116, 107, 46, 97, 112, 112, 115, 46, 97, 110, 100, 114, 111, 105, 100, 46, 116, 107, 105, 100, 101, 110, 116, 2, 2, 39, 36, 49, 34, 4, 32, 213, 69, 119, 243, 211, 93, 146, 96, 61, 100, 82, 74, 182, 31, 163, 240, 9, 23, 15, 3, 197, 189, 115, 111, 64, 69, 247, 200, 28, 103, 196, 18]) }].
05-07 14:40:03.291 29393 29427 E AndroidRuntime: 1: Error::Km(-10003)) (public error code: 10 internal Keystore code: -10003)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:428)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at android.security.KeyStoreSecurityLevel.handleExceptions(KeyStoreSecurityLevel.java:58)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at android.security.KeyStoreSecurityLevel.generateKey(KeyStoreSecurityLevel.java:149)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: at android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:698)
05-07 14:40:03.291 29393 29427 E AndroidRuntime: ... 20 more
05-07 14:40:03.296 1674 12163 W ActivityTaskManager: Force finishing activity de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthActivity
05-07 14:40:03.296 1674 29452 I DropBoxManagerService: add tag=data_app_crash isTagEnabled=true flags=0x2
05-07 14:40:03.296 2363 2394 V WindowManagerShell: Transition requested (#4348): android.os.BinderProxy@84437c TransitionRequestInfo { type = CLOSE, triggerTask = null, pipChange = null, remoteTransition = null, displayChange = null, flags = 16, debugId = 4348 }
05-07 14:40:03.300 1165 2654 I BpBinder: onLastStrongRef automatically unlinking death recipients:
05-07 14:40:03.391 14197 14197 I ImeTracker: com.android.launcher3:5463357c: onCancelled at PHASE_CLIENT_ALREADY_HIDDEN
05-07 14:40:03.424 22032 22032 W x : onStartInput event aborted
05-07 14:40:03.424 22032 22032 W x : Vm.t: could not obtain extracted text
05-07 14:40:03.424 22032 22032 W x : at Vm.J.H(SourceFile:325)
05-07 14:40:03.424 22032 22032 W x : at bk.z.p(SourceFile:306)
05-07 14:40:03.424 22032 22032 W x : at bk.L0.p(SourceFile:3)
05-07 14:40:03.424 22032 22032 W x : at com.touchtype.KeyboardService.onStartInput(SourceFile:12)
05-07 14:40:03.424 22032 22032 W x : at android.inputmethodservice.InputMethodService.doStartInput(InputMethodService.java:3504)
05-07 14:40:03.424 22032 22032 W x : at android.inputmethodservice.InputMethodService$InputMethodImpl.startInput(InputMethodService.java:883)
05-07 14:40:03.424 22032 22032 W x : at android.inputmethodservice.InputMethodService$InputMethodImpl.dispatchStartInput(InputMethodService.java:912)
05-07 14:40:03.424 22032 22032 W x : at android.inputmethodservice.IInputMethodWrapper.executeMessage(IInputMethodWrapper.java:201)
05-07 14:40:03.424 22032 22032 W x : at com.android.internal.os.HandlerCaller$MyHandler.handleMessage(HandlerCaller.java:44)
05-07 14:40:03.424 22032 22032 W x : at android.os.Handler.dispatchMessage(Handler.java:109)
05-07 14:40:03.424 22032 22032 W x : at android.os.Looper.loopOnce(Looper.java:232)
05-07 14:40:03.424 22032 22032 W x : at android.os.Looper.loop(Looper.java:317)
05-07 14:40:03.424 22032 22032 W x : at android.app.ActivityThread.main(ActivityThread.java:8934)
05-07 14:40:03.424 22032 22032 W x : at java.lang.reflect.Method.invoke(Native Method)
05-07 14:40:03.424 22032 22032 W x : at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:591)
05-07 14:40:03.424 22032 22032 W x : at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:911)
05-07 14:40:03.704 2363 2394 V WindowManagerShell: Transition animation finished (aborted=false), notifying core (#4348) android.os.BinderProxy@84437c@0
05-07 14:40:03.708 1674 1758 V WindowManager: Finish Transition (#4348): created at 05-07 14:40:03.296 collect-started=0.05ms request-sent=0.12ms started=7.074ms ready=40.528ms sent=43.247ms finished=410.81ms
05-07 14:40:03.711 1674 12795 W ActivityManager: pid 1674 system sent binder code 7 with flags 1 to frozen apps and got error -32
05-07 14:40:03.713 1674 12795 W WindowManager: Exception thrown during dispatchAppVisibility Window{75c067b u0 de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthActivity EXITING}
05-07 14:40:03.713 1674 12795 W WindowManager: android.os.DeadObjectException
05-07 14:40:03.713 1674 12795 W WindowManager: at android.os.BinderProxy.transactNative(Native Method)
05-07 14:40:03.713 1674 12795 W WindowManager: at android.os.BinderProxy.transact(BinderProxy.java:592)
05-07 14:40:03.713 1674 12795 W WindowManager: at android.view.IWindow$Stub$Proxy.dispatchAppVisibility(IWindow.java:557)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.WindowState.sendAppVisibilityToClients(WindowState.java:3298)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.WindowContainer.sendAppVisibilityToClients(WindowContainer.java:1343)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.WindowToken.setClientVisible(WindowToken.java:437)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.ActivityRecord.setClientVisible(ActivityRecord.java:7147)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.ActivityRecord.postApplyAnimation(ActivityRecord.java:5841)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.ActivityRecord.commitVisibility(ActivityRecord.java:5784)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.Transition.finishTransition(Transition.java:1373)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.TransitionController.finishTransition(TransitionController.java:986)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.WindowOrganizerController.finishTransition(WindowOrganizerController.java:526)
05-07 14:40:03.713 1674 12795 W WindowManager: at android.window.IWindowOrganizerController$Stub.onTransact(IWindowOrganizerController.java:293)
05-07 14:40:03.713 1674 12795 W WindowManager: at com.android.server.wm.WindowOrganizerController.onTransact(WindowOrganizerController.java:215)
05-07 14:40:03.713 1674 12795 W WindowManager: at android.os.Binder.execTransactInternal(Binder.java:1411)
05-07 14:40:03.713 1674 12795 W WindowManager: at android.os.Binder.execTransact(Binder.java:1350)
05-07 14:40:03.713 1674 12795 W Process : Unable to open /proc/29393/status
I am also using TK-Ident version 2.0.1, I got it working with the following software:
- Phone: Samsung S10+
- OS: LineageOS 20-20240616-microG-beyond2lte
- microG: 0.3.7.250932
- microG reports SafetyNet as passing
- Google account logged in
- Root using Magisk
Magisk and modules:
- Magisk: 27.0 with Zygisk
- MagiskHide Props Config v6.1.2-v137 with the props applied for the stock S10+
- Shamiko v1.0.1, which uses the DenyList of Magisk where the TK Apps are enabled to hide root from these apps
- Universal SafetyNet Fix v2.0.4
LSPosed:
- Zygisk - LSPosed v1.9.2
- NfcNci Patience 0.2.0 to increase the NFC timeout and make reading the eGK card possible on LOS
Well thanks, but that is no real solution as most people won't use Magisk and one likely wants a locked bootloader/standard CustomROM solution that works.
Ah now it shows an error screenshot with the well too much known fallacy of an "insecure device" because of custom Rom (no it is not rooted or "jailbreaked"!)
Version 2.0.3 de.tk.apps.android.tkident
2025-09-05 09:16:30.084 1843-11616 SplashScre...eptionList system_server V SplashScreen checking exception for package de.tk.apps.android.tkident (target sdk:35) -> false
2025-09-05 09:16:30.087 1843-11616 ActivityTaskManager system_server I START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity bnds=[1,310][217,650]} with LAUNCH_SINGLE_TOP from uid 10167 (sr=162204784) (BAL_ALLOW_VISIBLE_WINDOW) result code=0
2025-09-05 09:16:30.098 2893-2940 WindowManagerShell com.android.systemui V Transition requested (#18769): android.os.BinderProxy@41841c7 TransitionRequestInfo { type = OPEN, triggerTask = TaskInfo{userId=0 taskId=7753 effectiveUid=10232 displayId=0 isRunning=true baseIntent=Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity } baseActivity=ComponentInfo{de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity} topActivity=ComponentInfo{de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity} origActivity=null realActivity=ComponentInfo{de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity} numActivities=1 lastActiveTime=1800887833 supportsMultiWindow=true resizeMode=1 isResizeable=true minWidth=-1 minHeight=-1 defaultMinSize=220 token=WCT{android.window.IWindowContainerToken$Stub$Proxy@948d3f4} topActivityType=1 pictureInPictureParams=null shouldDockBigOverlays=false launchIntoPipHostTaskId=-1 lastParentTaskIdBeforePip=-1 displayCutoutSafeInsets=Rect(0, 114 - 0, 0) topActivityInfo=ActivityInfo{74ec71d com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity} launchCookies=[android.os.BinderProxy@aa3cd92] positionInParent=Point(0, 0) parentTaskId=-1 isFocused=false isVisible=false isVisibleRequested=false isTopActivityNoDisplay=false isSleeping=false locusId=null displayAreaFeatureId=1 isTopActivityTransparent=false isActivityStackTransparent=false lastNonFullscreenBounds=Rect(287, 723 - 794, 1803) capturedLink=null capturedLinkTimestamp=0 requestedVisibleTypes=-9 topActivityRequestOpenInBrowserEducationTimestamp=0 appCompatTaskInfo=AppCompatTaskInfo { topActivityInSizeCompat=false eligibleForLetterboxEducation= false isLetterboxEducationEnabled= false isLetterboxDoubleTapEnabled= false eligibleForUserAspectRatioButton= false topActivityBoundsLetterboxed= false isFromLetterboxDoubleTap= false topActivityLetterboxVerticalPosition= -1 topActivityLetterboxHorizontalPosition= -1 topActivityLetterboxWidth=-1 topActivityLetterboxHeight=-1 topActivityLetterboxAppWidth=-1 topActivityLetterboxAppHeight=-1 isUserFullscreenOverrideEnabled=false isSystemFullscreenOverrideEnabled=false hasMinAspectRatioOverride=false topActivityLetterboxBounds=null cameraCompatTaskInfo=CameraCompatTaskInfo { freeformCameraCompatMode=inactive}} topActivityMainWindowFrame=null}, pipChange = null, remoteTransition = RemoteTransition { remoteTransition = android.window.IRemoteTransition$Stub$Proxy@14d3363, appThread = android.app.IApplicationThread$Stub$Proxy@5193b60, debugName = QuickstepLaunch }, displayChange = null, flags = 0, debugId = 18769 }
2025-09-05 09:16:30.110 14898-14898 android.tkident de.tk.apps.android.tkident I AssetManager2(0xb400007d7938a658) locale list changing from [] to [de-DE]
2025-09-05 09:16:30.121 1843-3468 CoreBackPreview system_server D Window{df8e82a u0 Splash Screen de.tk.apps.android.tkident}: Setting back callback OnBackInvokedCallbackInfo{mCallback=android.window.IOnBackInvokedCallback$Stub$Proxy@f012591, mPriority=0, mIsAnimationCallback=false, mOverrideBehavior=0}
2025-09-05 09:16:30.124 1843-3445 ActivityTaskManager system_server E Activity start ONLY allowed by BAL_ALLOW_GRACE_PERIOD within 10000ms grace period (4ms): [callingPackage: de.tk.apps.android.tkident; callingPackageTargetSdk: 35; callingUid: 10232; callingPid: 14898; appSwitchState: 2; callingUidHasVisibleActivity: false; callingUidHasNonAppVisibleWindow: false; callingUidProcState: TOP; isCallingUidPersistentSystemProcess: false; allowBalExemptionForSystemProcess: false; intent: Intent { flg=0x10000 cmp=de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthActivity }; callerApp: ProcessRecord{2520ec6 14898:de.tk.apps.android.tkident/u0a232}; inVisibleTask: false; balAllowedByPiCreator: BSP.ALLOW_BAL; balAllowedByPiCreatorWithHardening: BSP.ALLOW_BAL; resultIfPiCreatorAllowsBal: BAL_ALLOW_GRACE_PERIOD; callerStartMode: MODE_BACKGROUND_ACTIVITY_START_SYSTEM_DEFINED; hasRealCaller: true; isCallForResult: false; isPendingIntent: false; autoOptInReason: notPendingIntent; realCallingPackage: de.tk.apps.android.tkident; realCallingPackageTargetSdk: 35; realCallingUid: 10232; realCallingPid: 14898; realCallingUidHasVisibleActivity: false; realCallingUidHasNonAppVisibleWindow: false; realCallingUidProcState: TOP; isRealCallingUidPersistentSystemProcess: false; originatingPendingIntent: null; realCallerApp: ProcessRecord{2520ec6 14898:de.tk.apps.android.tkident/u0a232}; realInVisibleTask: false; balAllowedByPiSender: BSP.ALLOW_BAL; resultIfPiSenderAllowsBal: BAL_ALLOW_GRACE_PERIOD; realCallerStartMode: MODE_BACKGROUND_ACTIVITY_START_SYSTEM_DEFINED; balRequireOptInByPendingIntentCreator: true; balDontBringExistingBackgroundTaskStackToFg: true]
2025-09-05 09:16:30.131 1843-3445 SplashScre...eptionList system_server V SplashScreen checking exception for package de.tk.apps.android.tkident (target sdk:35) -> false
2025-09-05 09:16:30.132 1843-3445 ActivityTaskManager system_server I START u0 {flg=0x10000 cmp=de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthActivity} with LAUNCH_SINGLE_TOP from uid 10232 (sr=184304729) (BAL_ALLOW_GRACE_PERIOD) result code=0
2025-09-05 09:16:30.132 14898-14898 WindowOnBackDispatcher de.tk.apps.android.tkident W OnBackInvokedCallback is not enabled for the application.
Set 'android:enableOnBackInvokedCallback="true"' in the application manifest.
2025-09-05 09:16:30.159 14898-14898 WindowOnBackDispatcher de.tk.apps.android.tkident W OnBackInvokedCallback is not enabled for the application.
Set 'android:enableOnBackInvokedCallback="true"' in the application manifest.
2025-09-05 09:16:30.198 1843-3445 CoreBackPreview system_server D Window{ae621d0 u0 de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthActivity}: Setting back callback OnBackInvokedCallbackInfo{mCallback=android.window.IOnBackInvokedCallback$Stub$Proxy@23714ce, mPriority=0, mIsAnimationCallback=false, mOverrideBehavior=0}
2025-09-05 09:16:30.220 14898-14898 mobile-client-i de.tk.apps.android.tkident W type=1400 audit(0.0:510686): avc: denied { getattr } for path="/system/lib/bootstrap" dev="dm-8" ino=1756 scontext=u:r:untrusted_app:s0:c232,c256,c512,c768 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=dir permissive=0 app=de.tk.apps.android.tkident
2025-09-05 09:16:30.224 14898-14898 mobile-client-i de.tk.apps.android.tkident W type=1400 audit(0.0:510687): avc: denied { getattr } for path="/system/lib64/bootstrap" dev="dm-8" ino=2235 scontext=u:r:untrusted_app:s0:c232,c256,c512,c768 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=dir permissive=0 app=de.tk.apps.android.tkident
2025-09-05 09:16:30.243 1843-2058 ActivityTaskManager system_server I Displayed de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthActivity for user 0: +150ms
2025-09-05 09:16:30.243 1843-2058 WindowManager system_server V Sent Transition (#18769) createdAt=09-05 09:16:30.076 via request=TransitionRequestInfo { type = OPEN, triggerTask = TaskInfo{userId=0 taskId=7753 effectiveUid=10232 displayId=0 isRunning=true baseIntent=Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity } baseActivity=ComponentInfo{de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity} topActivity=ComponentInfo{de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity} origActivity=null realActivity=ComponentInfo{de.tk.apps.android.tkident/com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity} numActivities=1 lastActiveTime=1800887833 supportsMultiWindow=true resizeMode=1 isResizeable=true minWidth=-1 minHeight=-1 defaultMinSize=220 token=WCT{RemoteToken{98acde7 Task{12681e #7753 type=standard A=10232:de.tk.apps.android.tkident}}} topActivityType=1 pictureInPictureParams=null shouldDockBigOverlays=false launchIntoPipHostTaskId=-1 lastParentTaskIdBeforePip=-1 displayCutoutSafeInsets=Rect(0, 114 - 0, 0) topActivityInfo=ActivityInfo{2803d94 com.ibm.whitelabel.authenticator.auth.AuthenticatorAuthLauncherActivity} launchCookies=[android.os.BinderProxy@7d5803d] positionInParent=Point(0, 0) parentTaskId=-1 isFocused=false isVisible=false isVisibleRequested=false isTopActivityNoDisplay=false isSleeping=false locusId=null displayAreaFeatureId=1 isTopActivityTransparent=false isActivityStackTransparent=false lastNonFullscreenBounds=Rect(287, 723 - 794, 1803) capturedLink=null capturedLinkTimestamp=0 requestedVisibleTypes=-9 topActivityRequestOpenInBrowserEducationTimestamp=0 appCompatTaskInfo=AppCompatTaskInfo { topActivityInSizeCompat=false eligibleForLetterboxEducation= false isLetterboxEducationEnabled= false isLetterboxDoubleTapEnabled= false eligibleForUserAspectRatioButton= false topActivityBoundsLetterboxed= false isFromLetterboxDoubleTap= false topActivityLetterboxVerticalPosition= -1 topActivityLetterboxHorizontalPosition= -1 topActivityLetterboxWidth=-1 topActivityLetterboxHeight=-1 topActivityLetterboxAppWidth=-1 topActivityLetterboxAppHeight=-1 isUserFullscreenOverrideEnabled=false isSystemFullscreenOverrideEnabled=false hasMinAspectRatioOverride=false topActivityLetterboxBounds=null cameraCompatTaskInfo=CameraCompatTaskInfo { freeformCameraCompatMode=inactive}} topActivityMainWindowFrame=null}, pipChange = null, remoteTransition = RemoteTransition { remoteTransition = android.window.IRemoteTransition$Stub$Proxy@f286032, appThread = android.app.IApplicationThread$Stub$Proxy@a2c6183, debugName = QuickstepLaunch }, displayChange = null, flags = 0, debugId = 18769 }
2025-09-05 09:16:30.243 1843-2058 WindowManager system_server V info={id=18769 t=OPEN f=0x0 trk=0 r=[0@Point(0, 0)] c=[
{WCT{RemoteToken{98acde7 Task{12681e #7753 type=standard A=10232:de.tk.apps.android.tkident}}} m=OPEN f=NO_ANIMATION leash=Surface(name=Task=7753)/@0x3d32585 sb=Rect(0, 0 - 1080, 2412) eb=Rect(0, 0 - 1080, 2412) epz=Point(1080, 2412) d=0 taskParent=-1}
]}
2025-09-05 09:16:30.240 14898-14898 mobile-client-i de.tk.apps.android.tkident W type=1400 audit(0.0:510688): avc: denied { read } for name="sdcard" dev="tmpfs" ino=16134 scontext=u:r:untrusted_app:s0:c232,c256,c512,c768 tcontext=u:object_r:mnt_sdcard_file:s0 tclass=lnk_file permissive=0 app=de.tk.apps.android.tkident
2025-09-05 09:16:30.286 1843-2742 ImeTracker system_server I de.tk.apps.android.tkident:5725e6dc: onRequestHide at ORIGIN_SERVER reason HIDE_UNSPECIFIED_WINDOW fromUser false
2025-09-05 09:16:30.287 14898-14898 InsetsController de.tk.apps.android.tkident D hide(ime(), fromIme=false)
2025-09-05 09:16:30.287 14898-14898 ImeTracker de.tk.apps.android.tkident I de.tk.apps.android.tkident:5725e6dc: onCancelled at PHASE_CLIENT_ALREADY_HIDDEN
2025-09-05 09:16:30.332 14898-14898 mobile-client-i de.tk.apps.android.tkident W type=1400 audit(0.0:510689): avc: denied { getattr } for path="/system/etc/perfetto" dev="dm-8" ino=816 scontext=u:r:untrusted_app:s0:c232,c256,c512,c768 tcontext=u:object_r:system_perfetto_config_file:s0 tclass=dir permissive=0 app=de.tk.apps.android.tkident
2025-09-05 09:16:30.332 14898-14898 mobile-client-i de.tk.apps.android.tkident W type=1400 audit(0.0:510690): avc: denied { getattr } for path="/system/etc/font_fallback.xml" dev="dm-8" ino=715 scontext=u:r:untrusted_app:s0:c232,c256,c512,c768 tcontext=u:object_r:system_font_fallback_file:s0 tclass=file permissive=0 app=de.tk.apps.android.tkident
2025-09-05 09:16:30.332 14898-14898 mobile-client-i de.tk.apps.android.tkident W type=1400 audit(0.0:510691): avc: denied { getattr } for path="/system/lib/bootstrap" dev="dm-8" ino=1756 scontext=u:r:untrusted_app:s0:c232,c256,c512,c768 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=dir permissive=0 app=de.tk.apps.android.tkident
2025-09-05 09:16:30.358 1843-11616 BiometricS...reAuthInfo system_server D Package: de.tk.apps.android.tkident Sensor ID: 0 Modality: 2 Status: 1
2025-09-05 09:16:30.375 14898-15887 android.tkident de.tk.apps.android.tkident W Opening an oat file without a class loader. Are you using the deprecated DexFile APIs?
2025-09-05 09:16:30.451 1843-11616 BiometricS...reAuthInfo system_server D Package: de.tk.apps.android.tkident Sensor ID: 0 Modality: 2 Status: 1
2025-09-05 09:16:30.452 1843-11616 BiometricS...reAuthInfo system_server D Package: de.tk.apps.android.tkident Sensor ID: 0 Modality: 2 Status: 1
2025-09-05 09:16:30.576 14898-14898 guards-executor de.tk.apps.android.tkident W type=1400 audit(0.0:510692): avc: denied { getattr } for path="/system/lib/bootstrap" dev="dm-8" ino=1756 scontext=u:r:untrusted_app:s0:c232,c256,c512,c768 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=dir permissive=0 app=de.tk.apps.android.tkident
2025-09-05 09:16:30.576 14898-14898 guards-executor de.tk.apps.android.tkident W type=1400 audit(0.0:510693): avc: denied { getattr } for path="/system/lib64/bootstrap" dev="dm-8" ino=2235 scontext=u:r:untrusted_app:s0:c232,c256,c512,c768 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=dir permissive=0 app=de.tk.apps.android.tkident
If this helps…
Thanks @tobiasKaminsky which custom Rom do you use? I found a very related error in https://github.com/microg/GmsCore/issues/3075 and have reports in other custom roms it may work so it may not be a microg issue after all.
I am using an older version as workaround. Of course this will not work forever but may help others that are struggling too.
TK App 8.1.1 Ident 2.0.0
Don't remember, where it stopped working but those work fine for me
@aCID-sLAM do you have a TK Ident 2.0.0 apk file lying around? That would be great ;)
Try searching at APKPure. You will find a section for older versions under the App.
I am using TK App 8.30 and TK Ident 2.0.0 now.
Thank you very much. I've now installed the TK Ident App 2.0.0 and added it to the Magisk exception list and Tricky Store add-on list. I deleted the data, but root is still recognized. So, that's it ;)
I have the same problem on my pixel. My phone is not rooted or anything. I'm just using microg for YouTube revanced. The app crashes with unexpected error. I tried removing microg, downgrading tk ident app, downgrading tk app but nothing works. Any help would be appreciated
Thank you very much. I've now installed the TK Ident App 2.0.0 and added it to the Magisk exception list and Tricky Store add-on list. I deleted the data, but root is still recognized. So, that's it ;)
Use Treat Wheel or something similar to hide root? and deny list in magisk? Something is wrong, if it detects root. It works fine for me in that version.
Thank you very much. I've now installed the TK Ident App 2.0.0 and added it to the Magisk exception list and Tricky Store add-on list. I deleted the data, but root is still recognized. So, that's it ;)
Use Treat Wheel or something similar to hide root? and deny list in magisk? Something is wrong, if it detects root. It works fine for me in that version.
Yes, I have the deny list enabled in Magisk, because otherwise the TK app, Spendit, and ING apps wouldn't start. In Magisk, I have the Pla Integrity Fork and Tricky Store modules enabled, and in the Tricky Addon, I've selected the apps that don't require root basically, all of them except TitaniumBackup, FolderSync Pro, Tasker, and Root Checker Basic.
Thank you very much. I've now installed the TK Ident App 2.0.0 and added it to the Magisk exception list and Tricky Store add-on list. I deleted the data, but root is still recognized. So, that's it ;)
Use Treat Wheel or something similar to hide root? and deny list in magisk? Something is wrong, if it detects root. It works fine for me in that version.
Yes, I have the deny list enabled in Magisk, because otherwise the TK app, Spendit, and ING apps wouldn't start. In Magisk, I have the Pla Integrity Fork and Tricky Store modules enabled, and in the Tricky Addon, I've selected the apps that don't require root basically, all of them except TitaniumBackup, FolderSync Pro, Tasker, and Root Checker Basic.
https://github.com/MhmRdd/NoHello/releases Try this or some other anti root detection solution. TK Ident and TK App doesnt detect root on my setup. I use Treat Wheel.
microg for YouTube revanced
microg for YouTube revanced is NOT microG.
I thought it was related to this issue. Thanks
Thank you very much. I've now installed the TK Ident App 2.0.0 and added it to the Magisk exception list and Tricky Store add-on list. I deleted the data, but root is still recognized. So, that's it ;)
Use Treat Wheel or something similar to hide root? and deny list in magisk? Something is wrong, if it detects root. It works fine for me in that version.
Yes, I have the deny list enabled in Magisk, because otherwise the TK app, Spendit, and ING apps wouldn't start. In Magisk, I have the Pla Integrity Fork and Tricky Store modules enabled, and in the Tricky Addon, I've selected the apps that don't require root basically, all of them except TitaniumBackup, FolderSync Pro, Tasker, and Root Checker Basic.
https://github.com/MhmRdd/NoHello/releases Try this or some other anti root detection solution. TK Ident and TK App doesnt detect root on my setup. I use Treat Wheel.
Okay, then I have another question. Does Zygisk need to be enabled or disabled? The exception list needs to be disabled. Magisk Modules that are enabled: Play Integrity Fork Tricky Store with Tricky Addon NoHello
Is this correct?
Thank you very much. I've now installed the TK Ident App 2.0.0 and added it to the Magisk exception list and Tricky Store add-on list. I deleted the data, but root is still recognized. So, that's it ;)
Use Treat Wheel or something similar to hide root? and deny list in magisk? Something is wrong, if it detects root. It works fine for me in that version.
Yes, I have the deny list enabled in Magisk, because otherwise the TK app, Spendit, and ING apps wouldn't start. In Magisk, I have the Pla Integrity Fork and Tricky Store modules enabled, and in the Tricky Addon, I've selected the apps that don't require root basically, all of them except TitaniumBackup, FolderSync Pro, Tasker, and Root Checker Basic.
https://github.com/MhmRdd/NoHello/releases Try this or some other anti root detection solution. TK Ident and TK App doesnt detect root on my setup. I use Treat Wheel.
Okay, then I have another question. Does Zygisk need to be enabled or disabled? The exception list needs to be disabled. Magisk Modules that are enabled: Play Integrity Fork Tricky Store with Tricky Addon NoHello
Is this correct?
Good start. Trying following this.
https://xdaforums.com/t/guide-strong-integrity-with-microg-2025.4752972/