Testing and importing enhancements from GrapheneOS
GrapheneOS is a security focused project.
We already use and contribute to some GrapeheneOS code, such as the Updater.
This issue is to track investigation of further import of their code.
- Auditor #57
- Hardened malloc
- Deny new USB (verify interaction with Seedvault)
- Wrong password retry limit / timeout / device wipe - change from default 20 to 5
- Scrambled PIN - CM Feature originally
- Max password length - changed from 16 to 64
- Require unlocking to use QS tiles - hardcoded, chould be configurable
- max users - changed from 4 to 16 - should test on the a2 before global bump