i99dash docs

Publish your first native app to BYD cars — scaffold the project, attest and upload the APK, then promote a staged rollout.

Walk through one full publish, from an empty directory to a staged rollout on real cars. You bring a release-signed .apk; the SDK hashes, attests, uploads, and submits it for review.

Publishing native apps is invite-only. Your account needs the can_publish_native grant, and the CLI signs in with your SSH key. Without both, apk publish returns 403. See Authentication.

Confirm your prerequisites

Before you start, make sure you have:

The can_publish_native grant on your account (curated invite in v1).
An SSH key registered and signed in per Authentication. The same key attests every artifact you publish (this is K1 — see Signing and trust).
A release-signed .apk you built yourself. The SDK does not build Android; it hashes, attests, uploads, and submits the file you point it at.

Scaffold the project

Create a project directory with a starter apk.json and .gitignore, then move into it.

i99dash apk init my-app
cd my-app

The generated apk.json looks like this:

{
  "id": "com.example.myapp",
  "versionName": "1.0.0",
  "versionCode": 1,
  "apkPath": "./app-release.apk",
  "signerSha256": "REPLACE_WITH_APKSIGNER_SHA256",
  "category": "utilities",
  "requires": { "minAndroidSdk": 29 }
}

Edit the manifest

Read the SHA-256 of your APK signing certificate:

apksigner verify --print-certs ./app-release.apk

Then edit apk.json:

Set id to your Android applicationId (reverse-DNS, e.g. com.acme.dashcam). This is your durable identity — never change it after publishing.
Set apkPath to the relative path of your release-signed .apk.
Paste the certificate SHA-256 into signerSha256 (the value after SHA-256 in the apksigner output).
Set versionName (display string) and versionCode (positive integer; the ordering key).

For the full field reference, see apk.json reference.

Validate

Check the manifest, the .apk, and the signer SHA before you upload anything.

i99dash apk validate

Fix any reported errors until validation passes.

Publish

Validate, hash, SSH-attest, request a presigned URL, PUT the .apk direct to storage, and submit the manifest for review.

i99dash apk publish

The submit lands in pending — native code on a vehicle goes through human review and is not auto-approved. To rehearse without uploading, run i99dash apk publish --dry-run. For every flag, see the CLI reference.

Wait for approval

Check where your release sits in review:

i99dash apk status

The state moves pending → approved once an admin approves it. On approval, the platform mints the signed release envelope the car verifies offline (K3 — see Signing and trust).

Promote a staged rollout

Promote the approved release to a fraction of cars first, then raise it as you gain confidence.

i99dash apk promote --rollout 10

--rollout 10 exposes the release to a stable per-car bucket of roughly 10% of cars. Re-run with a higher percentage as you watch it, and use --status published for a full release that supersedes older versions. See Distribution for how rollout buckets work.

What the owner sees

There is no silent install for third-party apps. The car lists approved apps in its owner-facing Native Apps tab, and the owner installs each one through the standard Android install dialog. The car verifies the release envelope, APK hash, signer SHA, downgrade, and revocation checks offline before that dialog appears.

Next time you ship

Bump versionCode to a value strictly greater than the package current max — a downgrade or replay is rejected at submit. Update versionName, then run i99dash apk publish again. The new version goes back through review, then promote it the same way.

Quickstart