refactor(remote-config): make rc container validation domain-specific

[rickvdl]

Part of a stack of PRs, builds on #7067 and aligned with Android PR RevenueCat/purchases-android#3615.

Refactors part of the RCContainer(Element)Parser, RemoteConfigAPI and RCContainer itself to extract it's domain specific logic about the config API into external implementations.

• Introduces the RemoteConfigContainer wrapper type, which has the domain knowledge about the config element at index 0
• Moves element checksum validation to the element itself
• RCContainer validation now no longer validates the element checksums, but only validates it's structure
  • This also allows potentially corrupt blobs to be ignored while still storing valid blobs to disk (storing itself done in a future PR)
• Remote config endpoint validation now works with the RemoteConfigContainer directly in deciding on Request Signature Validation

---

Note

Medium Risk
Changes remote config decode, persistence inputs, and signature-verification interaction for RC Container responses; behavior is covered by new tests but alters when corrupt inline blobs vs invalid config fail requests.

Overview
RC Container parsing is split from remote-config semantics. RCContainer now only structurally indexes wire-order elements and elementsByChecksum; it no longer treats element 0 as config, requires a config element, or rejects payloads whose checksum does not match during parse. Checksum verification moves onto RCContainer.Element via validateChecksum() / isChecksumValid().

Remote config owns validation policy through a new RemoteConfigContainer type (also the HTTP response body for /v2/config). It requires a first element, validates only the config element’s checksum, and exposes remaining elements as inlineContentElements without checksum enforcement at decode time—so structurally valid but corrupt inline blobs can still be returned while a bad config fails decoding. RemoteConfigManager, fetch results, and signature context now use configElement / RemoteConfigContainer instead of RCContainer.config.

Signature verification behavior shifts for inline corruption: tests now expect a corrupted non-config payload not to fail the HTTP response (signing still uses the config checksum), whereas config checksum mismatch still fails typed parsing.

^{Reviewed by Cursor Bugbot for commit f87390e. Bugbot is set up for automated code reviews on this repo. Configure here.}

[emerge-tools]

4 builds increased size

Name	Version	Download	Change	Install	Change	Approval
RevenueCat com.revenuecat.PaywallsTester	1.0 (1)	18.9 MB	⬆️ 48.4 kB (0.26%)	68.5 MB	⬆️ 185.3 kB (0.27%)	N/A
BinarySizeTest com.revenuecat.binary-size-test.local-source	1.0 (1)	4.4 MB	⬆️ 6.1 kB (0.14%)	13.2 MB	⬆️ 21.5 kB (0.17%)	N/A
BinarySizeTest com.revenuecat.binary-size-test.cocoapods	1.0 (1)	6.6 MB	⬆️ 11.6 kB (0.18%)	28.9 MB	⬆️ 42.6 kB (0.15%)	⏳ Needs approval
BinarySizeTest com.revenuecat.binary-size-test.spm	1.0 (1)	4.5 MB	⬆️ 4.4 kB (0.1%)	11.5 MB	⬆️ 21.7 kB (0.19%)	N/A

RevenueCat 1.0 (1)
com.revenuecat.PaywallsTester

⚖️ Compare build
⏱️ Analyze build performance

Total install size change: ⬆️ 185.3 kB (0.27%)
Total download size change: ⬆️ 48.4 kB (0.26%)

Largest size changes

Item	Install Size Change
DYLD.String Table	⬆️ 54.6 kB
DYLD.Exports	⬆️ 4.7 kB
Code Signature	⬆️ 4.4 kB
📝 RCWebPurchaseRedemption.init	⬆️ 2.9 kB
RCWebPurchaseRedemption.Objc Metadata	⬇️ -2.9 kB

View Treemap

BinarySizeTest 1.0 (1)
com.revenuecat.binary-size-test.local-source

⚖️ Compare build
📦 Install build
⏱️ Analyze build performance

Total install size change: ⬆️ 21.5 kB (0.17%)
Total download size change: ⬆️ 6.1 kB (0.14%)

Largest size changes

Item	Install Size Change
📝 RevenueCat.RemoteConfigStrings.value witness	⬆️ 7.9 kB
📝 RevenueCat.RCContainer.Element.withBytes(in)	⬆️ 1.6 kB
🗑 RevenueCat.RCContainer.Parser.checksumString(in)	⬇️ -1.5 kB
DYLD.String Table	⬆️ 1.4 kB
📝 RevenueCat.RCContainer.Element.payloadChecksum	⬆️ 1.4 kB

View Treemap

BinarySizeTest 1.0 (1)
com.revenuecat.binary-size-test.cocoapods

⚖️ Compare build
📦 Install build
⏱️ Analyze build performance

Total install size change: ⬆️ 42.6 kB (0.15%)
Total download size change: ⬆️ 11.6 kB (0.18%)

Largest size changes

Item	Install Size Change
DYLD.String Table	⬆️ 12.5 kB
📝 RevenueCat.RemoteConfigStrings.value witness	⬆️ 7.9 kB
📝 RevenueCat.RCContainer.Element.withBytes(in)	⬆️ 1.6 kB
🗑 RevenueCat.RCContainer.Parser.checksumString(in)	⬇️ -1.5 kB
📝 RevenueCat.RCContainer.Element.payloadChecksum	⬆️ 1.4 kB

View Treemap

BinarySizeTest 1.0 (1)
com.revenuecat.binary-size-test.spm

⚖️ Compare build
📦 Install build
⏱️ Analyze build performance

Total install size change: ⬆️ 21.7 kB (0.19%)
Total download size change: ⬆️ 4.4 kB (0.1%)

Largest size changes

Item	Install Size Change
📝 RevenueCat.RemoteConfigStrings.value witness	⬆️ 7.9 kB
📝 RevenueCat.RCContainer.Element.withBytes(in)	⬆️ 1.6 kB
🗑 RevenueCat.RCContainer.Parser.checksumString(in)	⬇️ -1.5 kB
📝 RevenueCat.RCContainer.Element.payloadChecksum	⬆️ 1.4 kB
📝 RevenueCat.RemoteConfigContainer.init(rcContainer)	⬆️ 1.3 kB

View Treemap

---

🛸 Powered by Emerge Tools

Comment trigger: Size diff threshold of 100.00kB exceeded

[rickvdl]

Stack:

• feat(remote-config): switch config request to v1 and send app user id #7080
• feat(remote-config): store inlined blobs to disk #7073
• refactor(remote-config): make rc container validation domain-specific #7074 👈 (current PR)
• feat(remote-config): add RemoteConfigManager #7067
• main

[rickvdl]

@RCGitBot please test

[RevenueCat-Danger-Bot]

❌ CI Job Failed — run-test-ios-26

View Build