Grant Gilliam
3629dbdaaa
The app shipped with certificate validation bypassed globally and on by default — InsecureTrustDelegate trusted any cert from any host. That was the evaluation's P1: anyone on the LAN could MITM call audio, transcripts, and voiceprints. The backend's Start9 cert already validates under normal system trust when the StartOS Root CA is installed in the keychain (confirmed: URLSession default validation returns 200 against the backend and its fallback), so the bypass is unnecessary: - skip-TLS now defaults to off - when explicitly enabled, the bypass is scoped to the configured host via InsecureTrustDelegate.allowsTrustOverride, never "trust any server" - the host gate is pure and unit-tested (InsecureTrustDelegateTests) Docs reconciled: AGENTS.md backend/TLS line and Current state.
Ten31 Transcripts
Native macOS menu-bar app that auto-detects conference calls, records local audio,
builds a visual-derived speaker timeline, and hands audio + timeline to the
SparkControl backend for naming/transcription. See docs/ for the full spec.
This repo is at Phase 0 (scaffold, permissions, backend health check).
One-time setup
- Install Xcode from the Mac App Store (free; ~40 GB). Open it once and accept the license prompt.
- Install XcodeGen (generates the Xcode project from
project.yml):brew install xcodegen - Set your signing team. The Apple Team ID is kept out of source in a
gitignored
Config/Signing.xcconfig. Copy the template and set your team:cp Config/Signing.xcconfig.example Config/Signing.xcconfig # then set DEVELOPMENT_TEAMxcodegenwires it in viaconfigFiles, so Signing & Capabilities shows the team automatically — no manual selection. Keep the value stable so macOS preserves the app's permission (TCC) grants across rebuilds. Edit the xcconfig, not Xcode —xcodegen generateoverwrites Xcode-side changes. - Generate the project:
This creates
xcodegen generateTen31Transcripts.xcodeproj(git-ignored — regenerate any time). - Open it:
open Ten31Transcripts.xcodeproj - Press Run (⌘R).
Note: after adding files in a new phase, re-run
xcodegen generateand let Xcode reload the project. The signing team persists because it lives inConfig/Signing.xcconfig(gitignored), so macOS permissions stay granted across rebuilds.
What Phase 0 does
- Launches as a menu-bar-only app (no Dock icon).
- Menu panel shows live status for the three permissions it needs — Microphone, Screen Recording, Accessibility — with Grant / Open Settings buttons.
- Shows a backend health check (
GET /api/status) against the configured host. - Settings: backend base URL, skip-TLS toggle (on by default for the self-signed cert), output folder, and adapter toggles (inert this phase).
No audio capture, call detection, screen reading, or backend hand-off yet — those
arrive in Phases 1–6 (docs/04_BUILD_PLAN.md).
Project layout
project.yml # XcodeGen recipe → generates the .xcodeproj
Ten31Transcripts/
App/ Ten31TranscriptsApp.swift, AppDelegate.swift
UI/ MenuBarView, SettingsView, PermissionRow
Permissions/PermissionsManager.swift
Backend/ SparkControlHealth.swift, InsecureTrustDelegate.swift
Settings/ AppSettings.swift
Support/ Info.plist, Ten31Transcripts.entitlements
Ten31TranscriptsTests/ # placeholder; real tests land in Phase 3
Notes
- App Sandbox is off and Hardened Runtime is off — this is a personal, LAN-only tool that must observe other apps. Revisit only if distributing.
- The backend host is a private LAN address — set it in Settings, or seed it
from the
SPARK_BACKEND_URLenv var; the committed default is only a neutral placeholder (https://your-spark-backend.local).