From efc013f498573f35ddedf2ed161508e793c3d2fe Mon Sep 17 00:00:00 2001
From: Dwindi Ramadhana <dwindown@DwMacMiniM4.local>
Date: Sat, 21 Feb 2026 21:28:40 +0700
Subject: [PATCH] Add APK release flow with R2 redirects and updater support

---
 apk-direct-release-guide.md                   | 176 ++++------
 .../Http/Controllers/Web/SiteController.php   |  51 ++-
 app/config/dewemoji.php                       |  13 +
 app/resources/views/site/download.blade.php   |  45 ++-
 app/routes/web.php                            |   2 +
 app/tests/Feature/SitePagesTest.php           |  15 +
 deployment-live-walkthrough.md                |  30 +-
 dewemoji-capacitor/.gitignore                 |   1 +
 .../android/app/src/main/AndroidManifest.xml  |   1 +
 .../java/com/dewemoji/app/MainActivity.java   | 322 ++++++++++++++++++
 scripts/apk/build-release.sh                  |  69 ++++
 scripts/apk/make-version-json.sh              |  78 +++++
 scripts/apk/publish-r2.sh                     | 115 +++++++
 scripts/apk/verify-release.sh                 |  67 ++++
 14 files changed, 865 insertions(+), 120 deletions(-)
 create mode 100755 scripts/apk/build-release.sh
 create mode 100755 scripts/apk/make-version-json.sh
 create mode 100755 scripts/apk/publish-r2.sh
 create mode 100755 scripts/apk/verify-release.sh

diff --git a/apk-direct-release-guide.md b/apk-direct-release-guide.md
index 1c25ed6..ae80b5e 100644
--- a/apk-direct-release-guide.md
+++ b/apk-direct-release-guide.md
@@ -1,138 +1,106 @@
-# Direct APK Release Guide (No Play Store)
+# APK Direct Release Guide (Local Build + Cloudflare R2)
 
-This guide is for shipping Dewemoji Android builds as downloadable `.apk` files from your own site.
+This is the Dewemoji direct APK release flow.
 
-## 1) One-time prerequisites
+## 1) One-time setup
 
-1. Decide and keep a stable Android package id (example: `com.dewemoji.app`).
-2. Create and securely store a release keystore.
-3. Keep the same keystore for all future updates.
-4. Keep `versionCode` strictly increasing for each release.
-
-If keystore or package id changes, users will not receive in-place updates.
-
----
-
-## 2) Build release APK
-
-Use your Android build command (NativePHP/Capacitor/Gradle), and ensure output is a **release APK**.
-
-Typical Gradle command:
+### Required tools (local machine)
 
 ```bash
-./gradlew assembleRelease
+brew install awscli
+brew install --cask android-platform-tools
 ```
 
-Expected output path (common):
+### Required environment variables
 
 ```bash
-android/app/build/outputs/apk/release/app-release.apk
+export R2_ACCOUNT_ID="..."
+export R2_ACCESS_KEY_ID="..."
+export R2_SECRET_ACCESS_KEY="..."
+export R2_BUCKET="dewemoji-downloads"
+export R2_PUBLIC_BASE_URL="https://downloads.dewemoji.com"
 ```
 
----
-
-## 3) Sign and verify APK
-
-If your build pipeline does not auto-sign, sign manually.
-
-### A) Sign
+Optional:
 
 ```bash
-apksigner sign \
-  --ks /path/to/keystore.jks \
-  --ks-key-alias your_alias \
-  --out dewemoji-vX.Y.Z.apk \
-  android/app/build/outputs/apk/release/app-release.apk
+export DEWEMOJI_APK_URL="https://dewemoji.com/downloads/dewemoji-latest.apk"
 ```
 
-### B) Verify signature
+### Optional signing environment (recommended)
 
 ```bash
-apksigner verify --verbose --print-certs dewemoji-vX.Y.Z.apk
+export ANDROID_KEYSTORE_PATH="/absolute/path/release.jks"
+export ANDROID_KEYSTORE_PASSWORD="..."
+export ANDROID_KEY_ALIAS="..."
+export ANDROID_KEY_PASSWORD="..."
 ```
 
 ---
 
-## 4) Generate checksum
+## 2) Canonical URLs used by app updater
 
-Publish SHA-256 so users can verify file integrity.
+- `https://dewemoji.com/downloads/version.json`
+- `https://dewemoji.com/downloads/dewemoji-latest.apk`
+
+These endpoints redirect to R2 objects.
+
+---
+
+## 3) Release steps
+
+Run from repo root.
+
+### A. Build APK
 
 ```bash
-shasum -a 256 dewemoji-vX.Y.Z.apk
+./scripts/apk/build-release.sh
 ```
 
-Record output in release notes.
+Output APK:
 
----
+- `dewemoji-capacitor/dist/apk/dewemoji-v{versionName}-{versionCode}.apk`
 
-## 5) Upload APK to your server
+### B. Publish APK + metadata to R2
 
-Recommended path:
-
-```text
-https://dewemoji.com/downloads/dewemoji-vX.Y.Z.apk
+```bash
+./scripts/apk/publish-r2.sh \
+  --apk dewemoji-capacitor/dist/apk/dewemoji-v1.1.2-112.apk \
+  --version-name 1.1.2 \
+  --version-code 112 \
+  --min-supported-version-code 100 \
+  --notes "Bug fixes and update UX improvements" \
+  --force false
 ```
 
-Recommended server headers:
+### C. Verify published release
 
-1. `Content-Type: application/vnd.android.package-archive`
-2. `Content-Disposition: attachment; filename="dewemoji-vX.Y.Z.apk"`
-3. Serve over HTTPS only
-
----
-
-## 6) Update Download page content
-
-On your `/download` page, show:
-
-1. Version (`vX.Y.Z`)
-2. Build date
-3. File size
-4. Minimum Android version
-5. SHA-256 checksum
-6. Install instructions
-7. Changelog
-
-Recommended install instructions for users:
-
-1. Download APK from official Dewemoji URL.
-2. Open file on Android.
-3. Allow installation from browser/files app if prompted.
-4. Install/update.
-
----
-
-## 7) Release checklist
-
-Before publishing:
-
-1. Login works
-2. Search works
-3. Copy/insert flow works on device
-4. Theme/tone UI works
-5. Billing links/webviews (if used) open correctly
-6. No crash on cold start
-7. Version updated and visible in app
-
----
-
-## 8) Quick rollback
-
-If latest APK is bad:
-
-1. Re-point Download button to previous APK URL.
-2. Keep bad APK file archived (do not overwrite silently).
-3. Publish rollback notice/changelog update.
-
----
-
-## 9) Recommended file naming
-
-Use immutable names:
-
-```text
-dewemoji-v1.1.1.apk
-dewemoji-v1.1.2.apk
+```bash
+./scripts/apk/verify-release.sh --base-url https://dewemoji.com/downloads
 ```
 
-Avoid re-uploading different binaries under the same filename.
+---
+
+## 4) Versioning rules
+
+1. Site-only deploy: do not bump APK version and do not publish new `version.json`.
+2. Runtime/app-shell change: bump `versionCode` + `versionName`, then publish.
+3. `versionCode` must always increase.
+4. App update prompt appears only when remote `versionCode` is higher.
+
+---
+
+## 5) Rollback
+
+1. Keep all versioned APK objects immutable (never overwrite).
+2. Re-upload previous good APK to `apk/dewemoji-latest.apk`.
+3. Re-publish `apk/version.json` with matching checksum/version fields.
+4. Re-run verify script.
+
+---
+
+## 6) Notes
+
+- Direct APK update is user-confirmed install (Android policy), not silent.
+- Never embed R2 credentials in app.
+- Keep app update payload over HTTPS only.
diff --git a/app/app/Http/Controllers/Web/SiteController.php b/app/app/Http/Controllers/Web/SiteController.php
index bf6736d..722491d 100644
--- a/app/app/Http/Controllers/Web/SiteController.php
+++ b/app/app/Http/Controllers/Web/SiteController.php
@@ -9,6 +9,7 @@ use App\Models\Subscription;
 use App\Models\UserKeyword;
 use App\Services\System\SettingsService;
 use Illuminate\Contracts\View\View;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
@@ -264,7 +265,40 @@ class SiteController extends Controller
 
     public function download(): View
     {
-        return view('site.download');
+        $downloadBaseUrl = rtrim((string) config('dewemoji.apk_release.public_base_url', ''), '/');
+        $androidEnabled = (bool) config('dewemoji.apk_release.enabled', false) && $downloadBaseUrl !== '';
+
+        return view('site.download', [
+            'androidEnabled' => $androidEnabled,
+            'androidVersionJsonUrl' => $androidEnabled ? $downloadBaseUrl.'/version.json' : '',
+            'androidLatestApkUrl' => $androidEnabled ? $downloadBaseUrl.'/dewemoji-latest.apk' : '',
+        ]);
+    }
+
+    public function downloadVersionJson(Request $request): RedirectResponse|JsonResponse
+    {
+        $target = $this->apkReleaseTargetUrl('version_json');
+        if ($target === '') {
+            return response()->json(['ok' => false, 'error' => 'apk_release_not_configured'], 404);
+        }
+
+        return redirect()->away($target, 302, [
+            'Cache-Control' => 'no-store, no-cache, must-revalidate',
+            'Pragma' => 'no-cache',
+        ]);
+    }
+
+    public function downloadLatestApk(Request $request): RedirectResponse|JsonResponse
+    {
+        $target = $this->apkReleaseTargetUrl('latest_apk');
+        if ($target === '') {
+            return response()->json(['ok' => false, 'error' => 'apk_release_not_configured'], 404);
+        }
+
+        return redirect()->away($target, 302, [
+            'Cache-Control' => 'no-store, no-cache, must-revalidate',
+            'Pragma' => 'no-cache',
+        ]);
     }
 
     public function privacy(): View
@@ -465,6 +499,21 @@ class SiteController extends Controller
         return (string) config('dewemoji.data_path');
     }
 
+    private function apkReleaseTargetUrl(string $key): string
+    {
+        if (!(bool) config('dewemoji.apk_release.enabled', false)) {
+            return '';
+        }
+
+        $base = trim((string) config('dewemoji.apk_release.r2_public_base_url', ''));
+        $objectKey = trim((string) config("dewemoji.apk_release.r2_keys.{$key}", ''));
+        if ($base === '' || $objectKey === '') {
+            return '';
+        }
+
+        return rtrim($base, '/').'/'.ltrim($objectKey, '/');
+    }
+
     /**
      * @param array<string,mixed> $emoji
      */
diff --git a/app/config/dewemoji.php b/app/config/dewemoji.php
index 913e63f..b95e5cd 100644
--- a/app/config/dewemoji.php
+++ b/app/config/dewemoji.php
@@ -123,4 +123,17 @@ return [
         'token' => (string) env('DEWEMOJI_METRICS_TOKEN', ''),
         'allow_ips' => array_values(array_filter(array_map('trim', explode(',', (string) env('DEWEMOJI_METRICS_ALLOW_IPS', '127.0.0.1,::1'))))),
     ],
+
+    'apk_release' => [
+        'enabled' => filter_var(env('DEWEMOJI_APK_RELEASE_ENABLED', false), FILTER_VALIDATE_BOOL),
+        'app_id' => (string) env('DEWEMOJI_APK_APP_ID', 'com.dewemoji.app'),
+        'channel' => (string) env('DEWEMOJI_APK_CHANNEL', 'stable'),
+        'min_supported_version_code' => (int) env('DEWEMOJI_APK_MIN_SUPPORTED_VERSION_CODE', 1),
+        'public_base_url' => (string) env('DEWEMOJI_APK_PUBLIC_BASE_URL', 'https://dewemoji.com/downloads'),
+        'r2_public_base_url' => (string) env('DEWEMOJI_R2_PUBLIC_BASE_URL', ''),
+        'r2_keys' => [
+            'latest_apk' => (string) env('DEWEMOJI_R2_APK_LATEST_KEY', 'apk/dewemoji-latest.apk'),
+            'version_json' => (string) env('DEWEMOJI_R2_APK_VERSION_KEY', 'apk/version.json'),
+        ],
+    ],
 ];
diff --git a/app/resources/views/site/download.blade.php b/app/resources/views/site/download.blade.php
index 7f2df26..3837c5f 100644
--- a/app/resources/views/site/download.blade.php
+++ b/app/resources/views/site/download.blade.php
@@ -1,7 +1,7 @@
 @extends('site.layout')
 
 @section('title', 'Download - Dewemoji')
-@section('meta_description', 'Download Dewemoji for Chrome and get notified when Android app is available.')
+@section('meta_description', 'Download Dewemoji for Chrome and Android.')
 
 @push('jsonld')
 <script type="application/ld+json">
@@ -78,16 +78,33 @@
                 </section>
 
                 <section class="glass-card rounded-2xl p-6">
-                    <div class="text-xs uppercase tracking-[0.25em] text-gray-400">Coming soon</div>
+                    <div class="text-xs uppercase tracking-[0.25em] text-gray-400">
+                        {{ $androidEnabled ? 'Available now' : 'Coming soon' }}
+                    </div>
                     <h2 class="mt-2 text-2xl font-semibold">Android App</h2>
-                    <p class="mt-2 text-sm text-gray-300">Native app release is in progress. We will launch internal testing first, then public release.</p>
-                    <div class="mt-5 inline-flex items-center gap-2 rounded-full border border-white/10 px-4 py-2 text-xs text-gray-300 bg-white/5">
-                        <i data-lucide="smartphone" class="w-4 h-4"></i>
-                        Android release in preparation
-                    </div>
-                    <div class="mt-4 text-xs text-gray-400">
-                        Recommended for now: use web dashboard + Chrome extension.
-                    </div>
+                    @if($androidEnabled)
+                        <p class="mt-2 text-sm text-gray-300">Direct APK distribution from Dewemoji download channel.</p>
+                        <a
+                            href="{{ $androidLatestApkUrl }}"
+                            rel="noopener"
+                            class="mt-5 inline-flex items-center gap-2 rounded-full bg-brand-sun text-black px-5 py-2.5 text-sm font-semibold hover:brightness-95 transition-colors"
+                        >
+                            <i data-lucide="smartphone" class="w-4 h-4"></i>
+                            Download APK
+                        </a>
+                        <div class="mt-4 text-xs text-gray-400">
+                            Update metadata: <a href="{{ $androidVersionJsonUrl }}" class="underline hover:text-gray-200">{{ $androidVersionJsonUrl }}</a>
+                        </div>
+                    @else
+                        <p class="mt-2 text-sm text-gray-300">Native app release is in progress. We will launch internal testing first, then public release.</p>
+                        <div class="mt-5 inline-flex items-center gap-2 rounded-full border border-white/10 px-4 py-2 text-xs text-gray-300 bg-white/5">
+                            <i data-lucide="smartphone" class="w-4 h-4"></i>
+                            Android release in preparation
+                        </div>
+                        <div class="mt-4 text-xs text-gray-400">
+                            Recommended for now: use web dashboard + Chrome extension.
+                        </div>
+                    @endif
                 </section>
 
                 <section class="glass-card rounded-2xl p-6 lg:col-span-2">
@@ -100,12 +117,14 @@
                             </div>
                             <div class="mt-1 text-sm text-emerald-100">Available</div>
                         </div>
-                        <div class="rounded-xl border border-amber-500/30 bg-amber-500/10 p-4">
-                            <div class="flex items-center gap-2 text-xs uppercase tracking-[0.2em] text-amber-300">
+                        <div class="rounded-xl {{ $androidEnabled ? 'border border-emerald-500/30 bg-emerald-500/10' : 'border border-amber-500/30 bg-amber-500/10' }} p-4">
+                            <div class="flex items-center gap-2 text-xs uppercase tracking-[0.2em] {{ $androidEnabled ? 'text-emerald-300' : 'text-amber-300' }}">
                                 <i data-lucide="bot" class="w-4 h-4"></i>
                                 <span>Android</span>
                             </div>
-                            <div class="mt-1 text-sm text-amber-100">In progress</div>
+                            <div class="mt-1 text-sm {{ $androidEnabled ? 'text-emerald-100' : 'text-amber-100' }}">
+                                {{ $androidEnabled ? 'Available' : 'In progress' }}
+                            </div>
                         </div>
                         <div class="rounded-xl border border-sky-500/30 bg-sky-500/10 p-4">
                             <div class="flex items-center gap-2 text-xs uppercase tracking-[0.2em] text-sky-300">
diff --git a/app/routes/web.php b/app/routes/web.php
index 30a1da0..9bfb6f9 100644
--- a/app/routes/web.php
+++ b/app/routes/web.php
@@ -17,6 +17,8 @@ Route::get('/emoji/{slug}', [SiteController::class, 'emojiDetail'])->name('emoji
 Route::get('/pricing', [SiteController::class, 'pricing'])->name('pricing');
 Route::post('/pricing/currency', [SiteController::class, 'setPricingCurrency'])->name('pricing.currency');
 Route::get('/download', [SiteController::class, 'download'])->name('download');
+Route::get('/downloads/version.json', [SiteController::class, 'downloadVersionJson'])->name('downloads.version');
+Route::get('/downloads/dewemoji-latest.apk', [SiteController::class, 'downloadLatestApk'])->name('downloads.latest-apk');
 Route::get('/support', [SiteController::class, 'support'])->name('support');
 Route::get('/privacy', [SiteController::class, 'privacy'])->name('privacy');
 Route::get('/terms', [SiteController::class, 'terms'])->name('terms');
diff --git a/app/tests/Feature/SitePagesTest.php b/app/tests/Feature/SitePagesTest.php
index 87eecc1..275cf56 100644
--- a/app/tests/Feature/SitePagesTest.php
+++ b/app/tests/Feature/SitePagesTest.php
@@ -11,6 +11,10 @@ class SitePagesTest extends TestCase
         parent::setUp();
 
         config()->set('dewemoji.data_path', base_path('tests/Fixtures/emojis.fixture.json'));
+        config()->set('dewemoji.apk_release.enabled', true);
+        config()->set('dewemoji.apk_release.r2_public_base_url', 'https://downloads.example.com');
+        config()->set('dewemoji.apk_release.r2_keys.latest_apk', 'apk/dewemoji-latest.apk');
+        config()->set('dewemoji.apk_release.r2_keys.version_json', 'apk/version.json');
     }
 
     public function test_core_pages_are_available(): void
@@ -39,4 +43,15 @@ class SitePagesTest extends TestCase
     {
         $this->get('/emoji/unknown-slug')->assertNotFound();
     }
+
+    public function test_download_redirect_endpoints_are_available(): void
+    {
+        $this->get('/downloads/version.json')
+            ->assertStatus(302)
+            ->assertRedirect('https://downloads.example.com/apk/version.json');
+
+        $this->get('/downloads/dewemoji-latest.apk')
+            ->assertStatus(302)
+            ->assertRedirect('https://downloads.example.com/apk/dewemoji-latest.apk');
+    }
 }
diff --git a/deployment-live-walkthrough.md b/deployment-live-walkthrough.md
index 6367af0..5fe2b8f 100644
--- a/deployment-live-walkthrough.md
+++ b/deployment-live-walkthrough.md
@@ -185,7 +185,34 @@ This avoids extension users hitting endpoints that are not ready.
 
 ---
 
-## 8) Rollback Strategy
+## 8) APK Release (Direct Download)
+
+APK release is independent from site redeploy.
+
+Canonical URLs used by the app updater:
+1. `https://dewemoji.com/downloads/version.json`
+2. `https://dewemoji.com/downloads/dewemoji-latest.apk`
+
+Set these env vars on app server:
+
+```env
+DEWEMOJI_APK_RELEASE_ENABLED=true
+DEWEMOJI_APK_PUBLIC_BASE_URL=https://dewemoji.com/downloads
+DEWEMOJI_R2_PUBLIC_BASE_URL=https://downloads.your-r2-domain.com
+DEWEMOJI_R2_APK_VERSION_KEY=apk/version.json
+DEWEMOJI_R2_APK_LATEST_KEY=apk/dewemoji-latest.apk
+```
+
+Validate redirects:
+
+```bash
+curl -I https://dewemoji.com/downloads/version.json
+curl -I https://dewemoji.com/downloads/dewemoji-latest.apk
+```
+
+---
+
+## 9) Rollback Strategy
 
 If release is broken:
 1. Re-deploy previous known-good git commit.
@@ -198,4 +225,3 @@ php artisan queue:restart
 ```
 
 3. If issue is emoji dataset, use snapshot activation in admin catalog.
-
diff --git a/dewemoji-capacitor/.gitignore b/dewemoji-capacitor/.gitignore
index 765bf8d..0a687d7 100644
--- a/dewemoji-capacitor/.gitignore
+++ b/dewemoji-capacitor/.gitignore
@@ -7,6 +7,7 @@ android/.idea/
 android/local.properties
 android/app/build/
 android/build/
+dist/
 
 # logs
 npm-debug.log*
diff --git a/dewemoji-capacitor/android/app/src/main/AndroidManifest.xml b/dewemoji-capacitor/android/app/src/main/AndroidManifest.xml
index 340e7df..e8f2973 100644
--- a/dewemoji-capacitor/android/app/src/main/AndroidManifest.xml
+++ b/dewemoji-capacitor/android/app/src/main/AndroidManifest.xml
@@ -38,4 +38,5 @@
     <!-- Permissions -->
 
     <uses-permission android:name="android.permission.INTERNET" />
+    <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
 </manifest>
diff --git a/dewemoji-capacitor/android/app/src/main/java/com/dewemoji/app/MainActivity.java b/dewemoji-capacitor/android/app/src/main/java/com/dewemoji/app/MainActivity.java
index 5e6fde5..a63d763 100644
--- a/dewemoji-capacitor/android/app/src/main/java/com/dewemoji/app/MainActivity.java
+++ b/dewemoji-capacitor/android/app/src/main/java/com/dewemoji/app/MainActivity.java
@@ -1,18 +1,73 @@
 package com.dewemoji.app;
 
+import android.app.AlertDialog;
+import android.app.DownloadManager;
+import android.content.ActivityNotFoundException;
+import android.content.BroadcastReceiver;
+import android.content.Context;
+import android.content.DialogInterface;
+import android.content.Intent;
+import android.content.IntentFilter;
+import android.content.pm.PackageInfo;
+import android.content.pm.PackageManager;
+import android.database.Cursor;
+import android.net.Uri;
+import android.os.Build;
 import android.os.Bundle;
+import android.os.Environment;
+import android.util.Log;
+import android.widget.Toast;
 
+import androidx.annotation.Nullable;
+import androidx.core.content.FileProvider;
+import androidx.core.content.ContextCompat;
 import androidx.core.view.WindowCompat;
 import androidx.core.view.WindowInsetsCompat;
 import androidx.core.view.WindowInsetsControllerCompat;
 
 import com.getcapacitor.BridgeActivity;
 
+import org.json.JSONObject;
+
+import java.io.BufferedInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.util.Locale;
+
 public class MainActivity extends BridgeActivity {
+    private static final String TAG = "DewemojiUpdater";
+    private static final String VERSION_URL = "https://dewemoji.com/downloads/version.json";
+    private static final int CONNECT_TIMEOUT_MS = 10_000;
+    private static final int READ_TIMEOUT_MS = 15_000;
+
+    @Nullable
+    private DownloadManager downloadManager;
+    private long activeDownloadId = -1L;
+    @Nullable
+    private String activeExpectedSha = null;
+    @Nullable
+    private BroadcastReceiver downloadReceiver = null;
+
     @Override
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         hideSystemBars();
+        downloadManager = (DownloadManager) getSystemService(Context.DOWNLOAD_SERVICE);
+        registerDownloadReceiver();
+        checkForUpdates(false);
+    }
+
+    @Override
+    protected void onDestroy() {
+        super.onDestroy();
+        if (downloadReceiver != null) {
+            unregisterReceiver(downloadReceiver);
+            downloadReceiver = null;
+        }
     }
 
     @Override
@@ -32,4 +87,271 @@ public class MainActivity extends BridgeActivity {
             WindowInsetsControllerCompat.BEHAVIOR_SHOW_TRANSIENT_BARS_BY_SWIPE
         );
     }
+
+    private void checkForUpdates(boolean manual) {
+        new Thread(() -> {
+            try {
+                UpdateMetadata metadata = fetchVersionMetadata();
+                if (metadata == null) {
+                    return;
+                }
+                long installedVersion = getInstalledVersionCode();
+                if (metadata.versionCode <= installedVersion) {
+                    if (manual) {
+                        runOnUiThread(() ->
+                            Toast.makeText(this, "Dewemoji is up to date", Toast.LENGTH_SHORT).show()
+                        );
+                    }
+                    return;
+                }
+                runOnUiThread(() -> showUpdateDialog(metadata));
+            } catch (Exception ex) {
+                Log.w(TAG, "Update check failed", ex);
+                if (manual) {
+                    runOnUiThread(() ->
+                        Toast.makeText(this, "Update check failed", Toast.LENGTH_SHORT).show()
+                    );
+                }
+            }
+        }).start();
+    }
+
+    @Nullable
+    private UpdateMetadata fetchVersionMetadata() throws Exception {
+        HttpURLConnection conn = (HttpURLConnection) new URL(VERSION_URL).openConnection();
+        conn.setRequestMethod("GET");
+        conn.setConnectTimeout(CONNECT_TIMEOUT_MS);
+        conn.setReadTimeout(READ_TIMEOUT_MS);
+        conn.setRequestProperty("Accept", "application/json");
+
+        int code = conn.getResponseCode();
+        if (code < 200 || code >= 300) {
+            throw new IllegalStateException("Unexpected status " + code);
+        }
+
+        try (InputStream in = new BufferedInputStream(conn.getInputStream());
+             ByteArrayOutputStream out = new ByteArrayOutputStream()) {
+            byte[] buffer = new byte[8192];
+            int read;
+            while ((read = in.read(buffer)) != -1) {
+                out.write(buffer, 0, read);
+            }
+            String json = out.toString(StandardCharsets.UTF_8.name());
+            JSONObject obj = new JSONObject(json);
+            return UpdateMetadata.fromJson(obj);
+        } finally {
+            conn.disconnect();
+        }
+    }
+
+    private long getInstalledVersionCode() throws Exception {
+        PackageManager packageManager = getPackageManager();
+        PackageInfo info = packageManager.getPackageInfo(getPackageName(), 0);
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
+            return info.getLongVersionCode();
+        }
+        return info.versionCode;
+    }
+
+    private void showUpdateDialog(UpdateMetadata metadata) {
+        StringBuilder message = new StringBuilder();
+        message.append("New version ").append(metadata.versionName).append(" is available.");
+        if (!metadata.notes.isEmpty()) {
+            message.append("\n\n").append(metadata.notes);
+        }
+        if (metadata.force) {
+            message.append("\n\nThis update is required.");
+        }
+
+        AlertDialog.Builder builder = new AlertDialog.Builder(this)
+            .setTitle("Update Dewemoji")
+            .setMessage(message.toString())
+            .setPositiveButton("Update", (dialog, which) -> startApkDownload(metadata))
+            .setCancelable(!metadata.force);
+
+        if (!metadata.force) {
+            builder.setNegativeButton("Later", null);
+        }
+
+        builder.show();
+    }
+
+    private void startApkDownload(UpdateMetadata metadata) {
+        if (downloadManager == null) {
+            Toast.makeText(this, "Download manager unavailable", Toast.LENGTH_SHORT).show();
+            return;
+        }
+
+        Uri uri = Uri.parse(metadata.apkUrl);
+        DownloadManager.Request request = new DownloadManager.Request(uri);
+        request.setTitle("Dewemoji update");
+        request.setDescription("Downloading version " + metadata.versionName);
+        request.setNotificationVisibility(DownloadManager.Request.VISIBILITY_VISIBLE_NOTIFY_COMPLETED);
+        request.setDestinationInExternalPublicDir(
+            Environment.DIRECTORY_DOWNLOADS,
+            "dewemoji-latest.apk"
+        );
+        request.setMimeType("application/vnd.android.package-archive");
+
+        activeExpectedSha = metadata.sha256.toLowerCase(Locale.US);
+        activeDownloadId = downloadManager.enqueue(request);
+        Toast.makeText(this, "Downloading update...", Toast.LENGTH_SHORT).show();
+    }
+
+    private void registerDownloadReceiver() {
+        downloadReceiver = new BroadcastReceiver() {
+            @Override
+            public void onReceive(Context context, Intent intent) {
+                if (!DownloadManager.ACTION_DOWNLOAD_COMPLETE.equals(intent.getAction())) {
+                    return;
+                }
+                long downloadId = intent.getLongExtra(DownloadManager.EXTRA_DOWNLOAD_ID, -1L);
+                if (downloadId <= 0 || downloadId != activeDownloadId) {
+                    return;
+                }
+                verifyAndInstallDownloadedApk(downloadId);
+            }
+        };
+
+        ContextCompat.registerReceiver(
+            this,
+            downloadReceiver,
+            new IntentFilter(DownloadManager.ACTION_DOWNLOAD_COMPLETE),
+            ContextCompat.RECEIVER_NOT_EXPORTED
+        );
+    }
+
+    private void verifyAndInstallDownloadedApk(long downloadId) {
+        if (downloadManager == null) {
+            return;
+        }
+
+        DownloadManager.Query query = new DownloadManager.Query().setFilterById(downloadId);
+        try (Cursor cursor = downloadManager.query(query)) {
+            if (cursor == null || !cursor.moveToFirst()) {
+                showUpdateError("Download record not found");
+                return;
+            }
+
+            int statusCol = cursor.getColumnIndex(DownloadManager.COLUMN_STATUS);
+            int uriCol = cursor.getColumnIndex(DownloadManager.COLUMN_LOCAL_URI);
+            int reasonCol = cursor.getColumnIndex(DownloadManager.COLUMN_REASON);
+            int status = statusCol >= 0 ? cursor.getInt(statusCol) : DownloadManager.STATUS_FAILED;
+            String localUri = uriCol >= 0 ? cursor.getString(uriCol) : null;
+            int reason = reasonCol >= 0 ? cursor.getInt(reasonCol) : -1;
+
+            if (status != DownloadManager.STATUS_SUCCESSFUL || localUri == null || localUri.isEmpty()) {
+                showUpdateError("Download failed (" + reason + ")");
+                return;
+            }
+
+            Uri apkUri = Uri.parse(localUri);
+            String localSha = computeSha256(apkUri);
+            if (localSha == null || activeExpectedSha == null || !localSha.equalsIgnoreCase(activeExpectedSha)) {
+                showUpdateError("Checksum mismatch");
+                return;
+            }
+
+            installApk(apkUri);
+        } catch (Exception ex) {
+            Log.e(TAG, "Failed to verify update APK", ex);
+            showUpdateError("Update verification failed");
+        }
+    }
+
+    @Nullable
+    private String computeSha256(Uri uri) {
+        try (InputStream input = getContentResolver().openInputStream(uri)) {
+            if (input == null) {
+                return null;
+            }
+            MessageDigest digest = MessageDigest.getInstance("SHA-256");
+            byte[] buffer = new byte[8192];
+            int read;
+            while ((read = input.read(buffer)) > 0) {
+                digest.update(buffer, 0, read);
+            }
+            byte[] bytes = digest.digest();
+            StringBuilder out = new StringBuilder(bytes.length * 2);
+            for (byte b : bytes) {
+                out.append(String.format(Locale.US, "%02x", b));
+            }
+            return out.toString();
+        } catch (Exception ex) {
+            Log.e(TAG, "Failed to compute checksum", ex);
+            return null;
+        }
+    }
+
+    private void installApk(Uri downloadUri) {
+        try {
+            Uri installUri = downloadUri;
+            if ("file".equals(downloadUri.getScheme())) {
+                installUri = FileProvider.getUriForFile(
+                    this,
+                    BuildConfig.APPLICATION_ID + ".fileprovider",
+                    new java.io.File(downloadUri.getPath())
+                );
+            }
+
+            Intent installIntent = new Intent(Intent.ACTION_VIEW);
+            installIntent.setDataAndType(installUri, "application/vnd.android.package-archive");
+            installIntent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
+            installIntent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
+            startActivity(installIntent);
+        } catch (ActivityNotFoundException ex) {
+            showUpdateError("No installer found");
+        } catch (Exception ex) {
+            Log.e(TAG, "Failed to launch APK installer", ex);
+            showUpdateError("Cannot open installer");
+        }
+    }
+
+    private void showUpdateError(String message) {
+        runOnUiThread(() -> new AlertDialog.Builder(this)
+            .setTitle("Update failed")
+            .setMessage(message)
+            .setPositiveButton("OK", (DialogInterface dialog, int which) -> dialog.dismiss())
+            .show());
+    }
+
+    private static class UpdateMetadata {
+        final String versionName;
+        final long versionCode;
+        final String apkUrl;
+        final String sha256;
+        final String notes;
+        final boolean force;
+
+        private UpdateMetadata(
+            String versionName,
+            long versionCode,
+            String apkUrl,
+            String sha256,
+            String notes,
+            boolean force
+        ) {
+            this.versionName = versionName;
+            this.versionCode = versionCode;
+            this.apkUrl = apkUrl;
+            this.sha256 = sha256;
+            this.notes = notes;
+            this.force = force;
+        }
+
+        static UpdateMetadata fromJson(JSONObject obj) {
+            String versionName = obj.optString("versionName", "");
+            long versionCode = obj.optLong("versionCode", 0);
+            String apkUrl = obj.optString("apkUrl", "");
+            String sha256 = obj.optString("sha256", "");
+            String notes = obj.optString("notes", "");
+            boolean force = obj.optBoolean("force", false);
+
+            if (versionName.isEmpty() || versionCode <= 0 || apkUrl.isEmpty() || sha256.isEmpty()) {
+                throw new IllegalStateException("Invalid version metadata payload");
+            }
+
+            return new UpdateMetadata(versionName, versionCode, apkUrl, sha256, notes, force);
+        }
+    }
 }
diff --git a/scripts/apk/build-release.sh b/scripts/apk/build-release.sh
new file mode 100755
index 0000000..850bc77
--- /dev/null
+++ b/scripts/apk/build-release.sh
@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+ANDROID_DIR="${ROOT_DIR}/dewemoji-capacitor/android"
+APP_GRADLE="${ANDROID_DIR}/app/build.gradle"
+DIST_DIR="${ROOT_DIR}/dewemoji-capacitor/dist/apk"
+
+if [[ ! -f "${APP_GRADLE}" ]]; then
+  echo "error: missing ${APP_GRADLE}" >&2
+  exit 1
+fi
+
+version_name="$(awk '/versionName /{gsub(/"/, "", $2); print $2; exit}' "${APP_GRADLE}")"
+version_code="$(awk '/versionCode /{print $2; exit}' "${APP_GRADLE}")"
+if [[ -z "${version_name}" || -z "${version_code}" ]]; then
+  echo "error: failed to read versionName/versionCode from ${APP_GRADLE}" >&2
+  exit 1
+fi
+
+mkdir -p "${DIST_DIR}"
+
+echo "== Build release APK =="
+(
+  cd "${ANDROID_DIR}"
+  ./gradlew clean assembleRelease
+)
+
+unsigned_apk="${ANDROID_DIR}/app/build/outputs/apk/release/app-release-unsigned.apk"
+signed_apk_default="${ANDROID_DIR}/app/build/outputs/apk/release/app-release.apk"
+input_apk=""
+
+if [[ -f "${signed_apk_default}" ]]; then
+  input_apk="${signed_apk_default}"
+elif [[ -f "${unsigned_apk}" ]]; then
+  input_apk="${unsigned_apk}"
+else
+  echo "error: release APK not found under app/build/outputs/apk/release" >&2
+  exit 1
+fi
+
+output_apk="${DIST_DIR}/dewemoji-v${version_name}-${version_code}.apk"
+
+if [[ -n "${ANDROID_KEYSTORE_PATH:-}" && -n "${ANDROID_KEYSTORE_PASSWORD:-}" && -n "${ANDROID_KEY_ALIAS:-}" && -n "${ANDROID_KEY_PASSWORD:-}" ]]; then
+  if ! command -v apksigner >/dev/null 2>&1; then
+    echo "error: apksigner is required for signing but not found" >&2
+    exit 1
+  fi
+
+  echo "== Sign APK =="
+  apksigner sign \
+    --ks "${ANDROID_KEYSTORE_PATH}" \
+    --ks-pass "pass:${ANDROID_KEYSTORE_PASSWORD}" \
+    --ks-key-alias "${ANDROID_KEY_ALIAS}" \
+    --key-pass "pass:${ANDROID_KEY_PASSWORD}" \
+    --out "${output_apk}" \
+    "${input_apk}"
+
+  apksigner verify --verbose "${output_apk}" >/dev/null
+else
+  echo "warning: signing env vars are not fully set; copying unsigned/gradle output as-is"
+  cp "${input_apk}" "${output_apk}"
+fi
+
+sha256="$(shasum -a 256 "${output_apk}" | awk '{print $1}')"
+
+echo "Built APK: ${output_apk}"
+echo "Version: ${version_name} (${version_code})"
+echo "SHA256: ${sha256}"
diff --git a/scripts/apk/make-version-json.sh b/scripts/apk/make-version-json.sh
new file mode 100755
index 0000000..0c9af7b
--- /dev/null
+++ b/scripts/apk/make-version-json.sh
@@ -0,0 +1,78 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+usage() {
+  cat <<USAGE
+Usage:
+  scripts/apk/make-version-json.sh \
+    --version-name 1.1.2 \
+    --version-code 112 \
+    --sha256 <hex> \
+    --notes "Release notes" \
+    [--out ./version.json] \
+    [--apk-url https://dewemoji.com/downloads/dewemoji-latest.apk] \
+    [--app-id com.dewemoji.app] \
+    [--channel stable] \
+    [--min-supported-version-code 100] \
+    [--force false]
+USAGE
+}
+
+out="./version.json"
+apk_url="https://dewemoji.com/downloads/dewemoji-latest.apk"
+app_id="com.dewemoji.app"
+channel="stable"
+min_supported_version_code="100"
+force="false"
+version_name=""
+version_code=""
+sha256=""
+notes=""
+published_at="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --version-name) version_name="$2"; shift 2 ;;
+    --version-code) version_code="$2"; shift 2 ;;
+    --sha256) sha256="$2"; shift 2 ;;
+    --notes) notes="$2"; shift 2 ;;
+    --out) out="$2"; shift 2 ;;
+    --apk-url) apk_url="$2"; shift 2 ;;
+    --app-id) app_id="$2"; shift 2 ;;
+    --channel) channel="$2"; shift 2 ;;
+    --min-supported-version-code) min_supported_version_code="$2"; shift 2 ;;
+    --force) force="$2"; shift 2 ;;
+    --published-at) published_at="$2"; shift 2 ;;
+    -h|--help) usage; exit 0 ;;
+    *) echo "error: unknown argument '$1'" >&2; usage; exit 1 ;;
+  esac
+done
+
+if [[ -z "${version_name}" || -z "${version_code}" || -z "${sha256}" ]]; then
+  echo "error: --version-name, --version-code, and --sha256 are required" >&2
+  usage
+  exit 1
+fi
+
+python3 - <<PY
+import json
+from pathlib import Path
+
+payload = {
+    "appId": "${app_id}",
+    "channel": "${channel}",
+    "versionName": "${version_name}",
+    "versionCode": int("${version_code}"),
+    "minSupportedVersionCode": int("${min_supported_version_code}"),
+    "apkUrl": "${apk_url}",
+    "sha256": "${sha256}",
+    "publishedAt": "${published_at}",
+    "notes": "${notes}",
+    "force": "${force}".lower() == "true",
+}
+
+out = Path("${out}")
+out.parent.mkdir(parents=True, exist_ok=True)
+out.write_text(json.dumps(payload, ensure_ascii=True, indent=2) + "\n", encoding="utf-8")
+print(out)
+PY
diff --git a/scripts/apk/publish-r2.sh b/scripts/apk/publish-r2.sh
new file mode 100755
index 0000000..77a21ba
--- /dev/null
+++ b/scripts/apk/publish-r2.sh
@@ -0,0 +1,115 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+usage() {
+  cat <<USAGE
+Usage:
+  scripts/apk/publish-r2.sh \
+    --apk /path/to/dewemoji-v1.1.2-112.apk \
+    --version-name 1.1.2 \
+    --version-code 112 \
+    [--notes "Release notes"] \
+    [--min-supported-version-code 100] \
+    [--force false]
+
+Required env:
+  R2_ACCOUNT_ID
+  R2_ACCESS_KEY_ID
+  R2_SECRET_ACCESS_KEY
+  R2_BUCKET
+Optional env:
+  R2_PUBLIC_BASE_URL (example: https://downloads.dewemoji.com)
+  DEWEMOJI_APK_URL (default: https://dewemoji.com/downloads/dewemoji-latest.apk)
+USAGE
+}
+
+for required in R2_ACCOUNT_ID R2_ACCESS_KEY_ID R2_SECRET_ACCESS_KEY R2_BUCKET; do
+  if [[ -z "${!required:-}" ]]; then
+    echo "error: missing env ${required}" >&2
+    exit 1
+  fi
+done
+
+if ! command -v aws >/dev/null 2>&1; then
+  echo "error: aws cli is required" >&2
+  exit 1
+fi
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+MAKE_VERSION_SCRIPT="${ROOT_DIR}/scripts/apk/make-version-json.sh"
+
+apk=""
+version_name=""
+version_code=""
+notes=""
+min_supported_version_code="100"
+force="false"
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --apk) apk="$2"; shift 2 ;;
+    --version-name) version_name="$2"; shift 2 ;;
+    --version-code) version_code="$2"; shift 2 ;;
+    --notes) notes="$2"; shift 2 ;;
+    --min-supported-version-code) min_supported_version_code="$2"; shift 2 ;;
+    --force) force="$2"; shift 2 ;;
+    -h|--help) usage; exit 0 ;;
+    *) echo "error: unknown argument '$1'" >&2; usage; exit 1 ;;
+  esac
+done
+
+if [[ -z "${apk}" || -z "${version_name}" || -z "${version_code}" ]]; then
+  echo "error: --apk, --version-name, and --version-code are required" >&2
+  usage
+  exit 1
+fi
+
+if [[ ! -f "${apk}" ]]; then
+  echo "error: apk file not found: ${apk}" >&2
+  exit 1
+fi
+
+endpoint="https://${R2_ACCOUNT_ID}.r2.cloudflarestorage.com"
+export AWS_ACCESS_KEY_ID="${R2_ACCESS_KEY_ID}"
+export AWS_SECRET_ACCESS_KEY="${R2_SECRET_ACCESS_KEY}"
+
+tmp_dir="$(mktemp -d)"
+trap 'rm -rf "${tmp_dir}"' EXIT
+
+sha256="$(shasum -a 256 "${apk}" | awk '{print $1}')"
+versioned_key="apk/dewemoji-v${version_name}-${version_code}.apk"
+latest_key="apk/dewemoji-latest.apk"
+version_json_key="apk/version.json"
+
+apk_url="${DEWEMOJI_APK_URL:-https://dewemoji.com/downloads/dewemoji-latest.apk}"
+version_json_path="${tmp_dir}/version.json"
+"${MAKE_VERSION_SCRIPT}" \
+  --version-name "${version_name}" \
+  --version-code "${version_code}" \
+  --sha256 "${sha256}" \
+  --notes "${notes}" \
+  --apk-url "${apk_url}" \
+  --min-supported-version-code "${min_supported_version_code}" \
+  --force "${force}" \
+  --out "${version_json_path}"
+
+echo "== Upload versioned APK =="
+aws --endpoint-url "${endpoint}" s3 cp "${apk}" "s3://${R2_BUCKET}/${versioned_key}" --content-type application/vnd.android.package-archive
+
+echo "== Upload latest APK alias =="
+aws --endpoint-url "${endpoint}" s3 cp "${apk}" "s3://${R2_BUCKET}/${latest_key}" --content-type application/vnd.android.package-archive
+
+echo "== Upload version metadata =="
+aws --endpoint-url "${endpoint}" s3 cp "${version_json_path}" "s3://${R2_BUCKET}/${version_json_key}" --content-type application/json --cache-control no-store
+
+echo "Published to R2 bucket: ${R2_BUCKET}"
+echo "Versioned APK key: ${versioned_key}"
+echo "Latest APK key: ${latest_key}"
+echo "Version JSON key: ${version_json_key}"
+
+if [[ -n "${R2_PUBLIC_BASE_URL:-}" ]]; then
+  base="${R2_PUBLIC_BASE_URL%/}"
+  echo "Public versioned APK URL: ${base}/${versioned_key}"
+  echo "Public latest APK URL: ${base}/${latest_key}"
+  echo "Public version JSON URL: ${base}/${version_json_key}"
+fi
diff --git a/scripts/apk/verify-release.sh b/scripts/apk/verify-release.sh
new file mode 100755
index 0000000..6f68ebd
--- /dev/null
+++ b/scripts/apk/verify-release.sh
@@ -0,0 +1,67 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+usage() {
+  cat <<USAGE
+Usage:
+  scripts/apk/verify-release.sh [--base-url https://dewemoji.com/downloads]
+USAGE
+}
+
+base_url="https://dewemoji.com/downloads"
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --base-url) base_url="$2"; shift 2 ;;
+    -h|--help) usage; exit 0 ;;
+    *) echo "error: unknown argument '$1'" >&2; usage; exit 1 ;;
+  esac
+done
+
+version_url="${base_url%/}/version.json"
+apk_url="${base_url%/}/dewemoji-latest.apk"
+
+tmp_dir="$(mktemp -d)"
+trap 'rm -rf "${tmp_dir}"' EXIT
+
+version_file="${tmp_dir}/version.json"
+apk_file="${tmp_dir}/dewemoji-latest.apk"
+
+echo "== Fetch version metadata =="
+curl -fsSL "${version_url}" -o "${version_file}"
+python3 - <<PY
+import json
+from pathlib import Path
+
+obj = json.loads(Path("${version_file}").read_text(encoding="utf-8"))
+required = ["appId", "channel", "versionName", "versionCode", "apkUrl", "sha256", "publishedAt"]
+missing = [k for k in required if k not in obj]
+if missing:
+    raise SystemExit(f"error: missing fields in version.json: {', '.join(missing)}")
+
+print(f"versionName={obj['versionName']}")
+print(f"versionCode={obj['versionCode']}")
+print(f"apkUrl={obj['apkUrl']}")
+print(f"sha256={obj['sha256']}")
+PY
+
+echo "== Download latest APK =="
+curl -fL "${apk_url}" -o "${apk_file}"
+
+local_sha="$(shasum -a 256 "${apk_file}" | awk '{print $1}')"
+expected_sha="$(python3 - <<PY
+import json
+from pathlib import Path
+obj = json.loads(Path("${version_file}").read_text(encoding="utf-8"))
+print(obj["sha256"])
+PY
+)"
+
+echo "local_sha=${local_sha}"
+echo "expected_sha=${expected_sha}"
+
+if [[ "${local_sha}" != "${expected_sha}" ]]; then
+  echo "error: checksum mismatch" >&2
+  exit 1
+fi
+
+echo "OK: release metadata and APK checksum are consistent"