AttestationConfig class

Enterprise — Device integrity attestation configuration.

When enabled, the plugin generates a signed attestation token from the device's hardware-backed security module. The token proves the location data came from a genuine, non-rooted/jailbroken device and can be sent alongside HTTP sync payloads for server-side verification.

Trust Layers (Cumulative)

  1. Mock detection (existing) — Rejects spoofed GPS coordinates.
  2. Device attestation (this feature) — Proves the device hardware/software is genuine.
  3. Audit trail (existing) — Proves the location chain hasn't been tampered with.

Platform Support

  • Android: Google Play Integrity API (replaces deprecated SafetyNet).
  • iOS: App Attest (iOS 14+) with DeviceCheck (iOS 11+) fallback.
  • Web: Not supported — getAttestationToken() returns null.

Rate Limits

Google Play Integrity allows ~10,000 requests/day (free tier). The default 1-hour refresh yields 24 requests/day per device.

Config(
  attestation: AttestationConfig(
    enabled: true,
    refreshInterval: 3600,
  ),
)
Annotations

Constructors

AttestationConfig({bool enabled = false, int refreshInterval = 3600, String? verificationUrl})
Creates a new AttestationConfig.
const
AttestationConfig.fromMap(Map<String, Object?> map)
Creates an AttestationConfig from a map.
factory

Properties

enabled bool
Enable device attestation.
final
hashCode int
The hash code for this object.
no setteroverride
refreshInterval int
How often to refresh the attestation token (seconds).
final
runtimeType Type
A representation of the runtime type of the object.
no setterinherited
verificationUrl String?
Server URL to verify the attestation token (optional).
final

Methods

noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
toMap() Map<String, Object?>
Serializes to a map.
toString() String
A string representation of this object.
override

Operators

operator ==(Object other) bool
The equality operator.
override