- MMKV Storage: Uses cryptographic key derivation for non-sensitive data
- Secure Storage: Uses device keychain with biometric authentication for sensitive data
- Memory Management: Sensitive data is automatically cleared when app is backgrounded
- ✅ Method whitelist validation (only approved methods can be called)
- ✅ Input validation and sanitization
- ✅ Error message sanitization (prevents information leakage)
- ✅ Automatic credential cache expiration (TTL: 5 minutes, LRU eviction at 15 entries)
- ✅ Safe JSON stringification (prevents prototype pollution)
- ✅ Runtime type validation with Zod schemas
- ✅ Operation mutex with timeout protection (prevents stuck operations)
- ✅ Automatic sensitive data cleanup on app background
- Always use
WdkAppProviderat app root - Validate inputs before use (use provided validation utilities)
- Never log sensitive data
- Use error boundaries to handle errors gracefully
- Sensitive data is automatically cleared on app background