Mobile
The ARP mobile owner app runs on iOS and Android via Expo. It is not in the App Store or Play Store yet. Source lives in a private repo at github.com/KybernesisAI/arp-mobile with a working scaffold; public submission and TestFlight/Play Internal builds are scheduled but not shipped.
This page is a developer-facing status note. End users today manage agents through the dashboard at cloud.arp.run — fully responsive on mobile browsers.
What it does (when it ships)
The mobile app mirrors the dashboard's owner UI with two platform-native additions:
- Principal key in hardware. The browser-held
did:keyfrom the dashboard flow can be moved to iOS Secure Enclave / Android Keystore on first mobile login. Recovery still uses the 12-word phrase. - Biometric gates per risk tier. Scopes the catalog tags as
critical(key rotation, re-delegation, identity changes) require Face ID / Touch ID / Android Biometric before the signed request leaves the device. - Push notifications. Pairing requests, re-consent prompts, and audit alerts arrive as push instead of email/in-app. Cuts the consent loop from minutes to seconds.
Otherwise the feature surface matches the dashboard: pair, view connections, edit/suspend/revoke, audit log, recover.
Architecture
Same architecture as the dashboard: it talks to the same managed gateway (gateway.arp.run) over the same authenticated APIs. The mobile app is a client of the gateway just like the dashboard is. No special mobile-only protocol surface.
It imports @kybernesis/arp-sdk for envelope signing in cases where the device acts as the principal directly (e.g., pairing approvals signed on-device with the Secure Enclave key). DIDComm transport is via @kybernesis/arp-transport.
Status
| Shipped | Pending | |
|---|---|---|
| Expo SDK 52 / RN 0.76.3 scaffold | ✓ | |
| Routes for pair / consent / connections / audit / settings | ✓ | |
| Jest unit tests | ✓ (18/18) | |
| Secure Enclave / Keystore principal key | partial | hardening |
| Biometric gating | partial | full risk-tier coverage |
| Push notifications | infra | |
| TestFlight / Play Internal | submission | |
| Public App Store / Play Store | post-submission |
Public launch follows after the gateway endpoints, dashboard parity, and WebAuthn plumbing land — those are the dependencies, not the app itself.
Getting access early
The repo is private. If you have a reason to want early access (you're building an integration that needs mobile-side signing, you're a design partner, etc.) — open a GitHub issue at github.com/KybernesisAI/arp/issues describing the use case.
Related
- Identity (concept) — what the mobile app holds in hardware
- Architecture — where the mobile client fits in the stack