25 May 2026 - 7 min read
Over the last couple of days, Riddle Quest has moved from "working app with lots of features" towards "release candidate with evidence." The work was not glamorous in the trailer-screenshot sense. It was the sort of release-readiness work that makes a mobile game less fragile: security hardening, Android device coverage, legal URL checks, store disclosure drafts, funding materials, marketing plans, and a much clearer list of what is still open.
What Was Done
The biggest push was around Android QA and responsive layout confidence.
The app now has a broader Android emulator matrix covering small phones, standard phones, large phones, foldable outer displays, unfolded foldable/tablet layouts, small tablets, large tablets, and a low-density tablet profile. The latest full matrix recorded a pass across all configured devices, with 33 screen and modal surfaces captured per device.
That matters because Riddle Quest has a lot of UI surfaces for a puzzle game: auth screens, game states, settings, profile, achievements, stats, leaderboard, coin shop, fanfare modals, legal/about screens, loading states, and error states. A layout that looks fine on one Pixel-sized screen can still break badly on a foldable or tablet.
Several specific QA issues were investigated and either fixed or turned into explicit follow-up work:
- The provider-auth slow loading problem was fixed. The project notes record a Google provider-auth replay reaching the first non-loading screen in 14.24 seconds after selecting the LAN bundle.
- The fold-unfolded landing failure was traced to a Play Store / Google Play Services background update interrupting the app, not to a layout crash. The matrix runner now guards that case.
- The seven-letter riddle background was too short after responsive updates. GameBoard now renders the riddle background taller, and focused tests plus Pixel 4a evidence confirm the seven-slot QA surface fits.
- Modal infrastructure coverage was strengthened so registry drift, provider wiring, debug-panel access, breadcrumbs, and QA surface inventory are checked before emulator runs.
Security and privacy work also got a serious pass. Server-only secrets were removed from Expo-facing config, local secret files were added to ignore rules, Firestore rules were hardened so clients cannot directly mutate economy/progress/stat state, avatar upload rules were tightened, App Check enforcement flags were added to sensitive callables, admin checks were added to manual riddle generation, and IAP receipt/token logging was redacted.
The legal and store-readiness side was also documented. The app now constructs localised www.roobsworld.com/riddle-quest/{language} legal and support URLs for 17 languages. The local 119 URL matrix passed at localhost:3000, covering each language across the required page types. Live deployment is still unavailable, so production reachability is deferred rather than treated as an app failure.
There was also a funding and marketing documentation push. The repo now contains a coherent funding pack, beta validation plan, 90-day execution plan, pitch deck outline, one-page summary, publisher outreach copy, creator outreach material, ASO/store metadata, press kit copy, KPI tracking guidance, and a pre-launch landing page draft.
Why This Work Happened
The theme was de-risking.
A mobile puzzle game can feel finished when the core loop works, but release risk lives in the edges: account deletion, legal links, device sizes, provider auth, purchase validation, ad callbacks, privacy disclosures, emulator stability, and the places where a user leaves the happy path.
The responsive QA work was done because Riddle Quest is visually dense. It uses modals, game boards, fanfare states, background art, buttons, stats, and long translated text. That combination makes screen-size coverage more important than usual.
The security work was done because the app has real economy and progress state. Coins, hints, purchases, achievements, and progression all need server-side authority. The current direction is correct: clients can request actions, but trusted backend code owns the sensitive mutations.
The legal/store work was done because App Store and Google Play submission is not just a build upload. The privacy policy, data safety answers, account deletion path, support pages, and tracking posture all need to match what the app and SDKs actually do.
The funding and marketing work was done because the project is now past pure implementation. The next useful milestone is not another pile of features; it is player validation, store readiness, and a credible launch story.
Problems Found Along The Way
A few problems were technical, and a few were operational.
The Android emulator environment needed hardening. Older tooling, stale locks, GPU/rendering instability, and process shutdown races all showed up during QA. The scripts now use SDK-local ADB, SwiftShader-pinned AVDs, compatibility checks, emulator health checks, and safer shutdown handling.
The live legal deployment is blocked. The local URL matrix passes, and the app generates the intended production URLs, but live www.roobsworld.com verification cannot be completed until deployment access is available.
iOS simulator verification is also blocked on this Windows host because local xcrun tooling is unavailable. iOS still needs separate verification through EAS/TestFlight or a Mac-based simulator workflow.
There are still deeper functional checks open. The current Android matrix is strong for screen/modal layout evidence, but provider-auth Firebase deltas, production-like billing, some rewarded-ad paths, destructive account deletion confirmation, and live backend state comparisons still need focused validation.
One Sentry development issue reported Requiring unknown module "react-native", but local checks did not reproduce it. Metro status, Android bundle serving, and the installed React Native package looked healthy, so the current next step is to capture fresh failure evidence if it recurs.
Current State
Riddle Quest is in a much stronger state than it was a few days ago.
The project has a working Expo/React Native app, Firebase-backed auth/progress, server-authoritative game logic, achievements, stats, IAP/rewarded-ad infrastructure, legal/store documentation, marketing material, funding material, and a large automated test base recorded in the project notes.
The Android responsive surface coverage is now credible. The latest matrix shows all configured devices passing with no skipped screen/modal surface checks. The known remaining Android items are not hidden layout checks; they are deeper functionality, persona, Firebase, billing, or provider-auth tasks.
The app is not release-ready yet, but the shape of the remaining work is much clearer. That is progress. Ambiguous "we should test more" work has been turned into named issues, evidence paths, blocker notes, and next actions.
Next Steps
The next few moves should stay focused:
- Rerun the complete Android matrix after the seven-letter riddle background fix so every configured device has fresh page-game screenshots.
- Complete destructive account deletion verification with disposable guest and provider-auth accounts, including Firestore, Storage, Auth, and local session cleanup checks.
- Finish provider-auth backend delta testing for wins, hints, skips, stats, achievements, persistence, and leaderboard behaviour.
- Verify production-like billing and rewarded-ad flows where store/provider constraints allow it.
- Resolve the live deployment blocker, then rerun the 119 URL legal/support matrix against production.
- Enter final Apple App Privacy and Google Play Data Safety disclosures in the store consoles.
- Rotate exposed credentials, set fresh Firebase Functions secrets, and run the planned git history purge from a clean clone.
- Produce reviewer builds and start the funding/beta track: pitch video, Android preview, iOS/TestFlight candidate, and beta recruitment.
The useful rule now is simple: do not add complexity until the release evidence catches up with the product. Riddle Quest has enough product to test seriously. The next win is turning that product into verified, reviewable, beta-ready proof.