Here's a dump of information about the main app: * Entitlements from `codesign -d -v --entitlements :-`: ``` <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <!-- Entitlements to apply to the .app bundle and main browser process executable during codesigning of production channel builds. --> <plist version="1.0"> <dict> <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.application-identifier</key> <string>TEAM_ID.APP_ID</string> <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider-systemextension</string> </array> <key>keychain-access-groups</key> <array> <string>TEAM_ID.*</string> </array> <key>com.apple.developer.team-identifier</key> <string>TEAM_ID</string> <key>com.apple.developer.associated-domains</key> <string>*</string> <key>com.apple.developer.networking.vpn.api</key> <array> <string>allow-vpn</string> </array> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.application-groups</key> <array> <string>TEAM_ID.APP_GROUP</string> </array> <key>com.apple.security.files.user-selected.read-write</key> <true/> <key>com.apple.security.network.client</key> <true/> <key>com.apple.security.network.server</key> <true/> </dict> </plist>% ``` * Entitlements from `security cms -D -i embedded.provisionprofile`: ``` <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AppIDName</key> <string>APP_NAME</string> <key>ApplicationIdentifierPrefix</key> <array> <string>TEAM_ID</string> </array> <key>CreationDate</key> <date>2020-11-30T18:23:25Z</date> <key>Platform</key> <array> <string>OSX</string> </array> <key>IsXcodeManaged</key> <false/> <key>DeveloperCertificates</key> <array> <data>xxxxxx</data> </array> <key>Entitlements</key> <dict> <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider-systemextension</string> <string>app-proxy-provider-systemextension</string> <string>content-filter-provider-systemextension</string> <string>dns-proxy-systemextension</string> <string>dns-settings</string> </array> <key>com.apple.application-identifier</key> <string>TEAM_ID.APP_ID</string> <key>keychain-access-groups</key> <array> <string>TEAM_ID.*</string> </array> <key>com.apple.developer.team-identifier</key> <string>TEAM_ID</string> <key>com.apple.developer.associated-domains</key> <string>*</string> <key>com.apple.developer.networking.vpn.api</key> <array> <string>allow-vpn</string> </array> </dict> <key>ExpirationDate</key> <date>2038-11-26T18:23:25Z</date> <key>Name</key> <string>APP_NAME</string> <key>ProvisionsAllDevices</key> <true/> <key>TeamIdentifier</key> <array> <string>TEAM_ID</string> </array> <key>TeamName</key> <string>TEAM_NAME</string> <key>TimeToLive</key> <integer>6570</integer> <key>UUID</key> <string>xxxxxx</string> <key>Version</key> <integer>1</integer> </dict> </plist>% ``` * Info.plist: ``` <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>BuildMachineOSBuild</key> <string>19H2</string> <key>CFBundleExecutable</key> <string>APP_EXECUTABLE</string> <key>CFBundleIconFile</key> <string>AppIcon</string> <key>CFBundleIconName</key> <string>AppIcon</string> <key>CFBundleIdentifier</key> <string>APP_ID</string> <key>CFBundleInfoDictionaryVersion</key> <string>6.0</string> <key>CFBundleName</key> <string>APP_NAME</string> <key>CFBundlePackageType</key> <string>APPL</string> <key>CFBundleShortVersionString</key> <string>2</string> <key>CFBundleSupportedPlatforms</key> <array> <string>MacOSX</string> </array> <key>CFBundleVersion</key> <string>2.202011301538</string> <key>DTCompiler</key> <string>com.apple.compilers.llvm.clang.1_0</string> <key>DTPlatformBuild</key> <string>12B45b</string> <key>DTPlatformName</key> <string>macosx</string> <key>DTPlatformVersion</key> <string>11.0</string> <key>DTSDKBuild</key> <string>20A2408</string> <key>DTSDKName</key> <string>macosx11.0</string> <key>DTXcode</key> <string>1220</string> <key>DTXcodeBuild</key> <string>12B45b</string> <key>ITSAppUsesNonExemptEncryption</key> <false/> <key>LSApplicationCategoryType</key> <string>public.app-category.utilities</string> <key>LSMinimumSystemVersion</key> <string>10.14</string> <key>LSMultipleInstancesProhibited</key> <true/> <key>NSPrincipalClass</key> <string>NSApplication</string> <key>NSSupportsAutomaticGraphicsSwitching</key> <true/> </dict> </plist> ``` And information about the network extension: * Entitlements from codesign: ``` <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <!-- Entitlements to apply to the .app bundle and main browser process executable during codesigning of production channel builds. --> <plist version="1.0"> <dict> <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.application-identifier</key> <string>TEAM_ID.NETWORK_EXTENSION_APP_ID</string> <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider-systemextension</string> </array> <key>keychain-access-groups</key> <array> <string>TEAM_ID.*</string> </array> <key>com.apple.developer.team-identifier</key> <string>TEAM_ID</string> <key>com.apple.developer.associated-domains</key> <string>*</string> <key>com.apple.developer.networking.vpn.api</key> <array> <string>allow-vpn</string> </array> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.application-groups</key> <array> <string>TEAM_ID.APP_GROUPU</string> </array> <key>com.apple.security.network.client</key> <true/> <key>com.apple.security.network.server</key> <true/> </dict> </plist>% ``` * Entitlements from the provisioning profile: ``` <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AppIDName</key> <string>NETWORK_EXTENSION_APP_NAME</string> <key>ApplicationIdentifierPrefix</key> <array> <string>TEAM_ID</string> </array> <key>CreationDate</key> <date>2020-11-30T18:24:58Z</date> <key>Platform</key> <array> <string>OSX</string> </array> <key>IsXcodeManaged</key> <false/> <key>DeveloperCertificates</key> <array> <data>xxxxxxxx</data> </array> <key>Entitlements</key> <dict> <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider-systemextension</string> <string>app-proxy-provider-systemextension</string> <string>content-filter-provider-systemextension</string> <string>dns-proxy-systemextension</string> <string>dns-settings</string> </array> <key>com.apple.application-identifier</key> <string>TEAM_ID.NETWORK_EXTENSION_APP_ID</string> <key>keychain-access-groups</key> <array> <string>TEAM_ID.*</string> </array> <key>com.apple.developer.team-identifier</key> <string>TEAM_ID</string> <key>com.apple.developer.associated-domains</key> <string>*</string> <key>com.apple.developer.networking.vpn.api</key> <array> <string>allow-vpn</string> </array> </dict> <key>ExpirationDate</key> <date>2038-11-26T18:24:58Z</date> <key>Name</key> <string>NETWORK_EXTENSION_APP_NAME</string> <key>ProvisionsAllDevices</key> <true/> <key>TeamIdentifier</key> <array> <string>TEAM_ID</string> </array> <key>TeamName</key> <string>TEAM_NAME</string> <key>TimeToLive</key> <integer>6570</integer> <key>UUID</key> <string>xxxxxx</string> <key>Version</key> <integer>1</integer> </dict> </plist>% ``` * Info.plist: ``` <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>BuildMachineOSBuild</key> <string>19H2</string> <key>CFBundleDevelopmentRegion</key> <string>en</string> <key>CFBundleDisplayName</key> <string>NETWORK_EXTENSION_APP_NAME</string> <key>CFBundleExecutable</key> <string>NETWORK_EXTENSION_APP_EXECUTABLE</string> <key>CFBundleIdentifier</key> <string>NETWORK_EXTENSION_APP_ID</string> <key>CFBundleInfoDictionaryVersion</key> <string>6.0</string> <key>CFBundleName</key> <string>NETWORK_EXTENSION_APP_NAME</string> <key>CFBundlePackageType</key> <string>XPC!</string> <key>CFBundleShortVersionString</key> <string>2</string> <key>CFBundleSupportedPlatforms</key> <array> <string>MacOSX</string> </array> <key>CFBundleVersion</key> <string>2.202011301538</string> <key>DTCompiler</key> <string>com.apple.compilers.llvm.clang.1_0</string> <key>DTPlatformBuild</key> <string>12B45b</string> <key>DTPlatformName</key> <string>macosx</string> <key>DTPlatformVersion</key> <string>11.0</string> <key>DTSDKBuild</key> <string>20A2408</string> <key>DTSDKName</key> <string>macosx11.0</string> <key>DTXcode</key> <string>1220</string> <key>DTXcodeBuild</key> <string>12B45b</string> <key>ITSAppUsesNonExemptEncryption</key> <false/> <key>LSMinimumSystemVersion</key> <string>10.14</string> <key>NSExtension</key> <dict> <key>NSExtensionPointIdentifier</key> <string>com.apple.networkextension.packet-tunnel</string> <key>NSExtensionPrincipalClass</key> <string>NETWORK_EXTENSION_APP_NAME.PacketTunnelProvider</string> </dict> <key>com.wireguard.ios.app_group_id</key> <string>APP_GROUPU</string> <key>com.wireguard.macos.app_group_id</key> <string>TEAM_ID.APP_GROUP</string> <key>NetworkExtension</key> <dict> <key>NEMachServiceName</key> <string>TEAM_ID.NETWORK_EXTENSION_APP_NAME.Mach</string> <key>NEProviderClasses</key> <dict> <key>com.apple.networkextension.packet-tunnel</key> <string>NETWORK_EXTENSION_APP_NAME.PacketTunnelProvider</string> </dict> </dict> </dict> </plist> ```