User Profile

Thank you so much, Matt and Rich! Much to my surprise, it does appear that my own receipt-checking code is active and is causing the problem. I have a "Demo" build configuration in my Xcode project, that sits as a peer to the standard "Debug" and "Release" and defines the necessary preprocessor macro to omit the receipt-checking code, and that all works fine when I build and run my "TypeMetalDemo" build scheme that's set up to use that "Demo" configuration, but I gather the "Product" -> "Archive" command doesn't end up using that configuration (despite the "TypeMetalDemo" scheme being the selected scheme when I run the "Archive" command), and that appears to be where I went wrong. I need to figure out how to get the "Archive" command to build using my "Demo" configuration, if that is possible.

Thank you for the detailed suggestions, Matt! My Mac is indeed configured to "Allow apps downloaded from: App Store and identified developers", and my exported, notarized .app build appears to pass all of the suggested checks (output below). I'm uploading the app build to Apple's notarization service, letting subsequent export of the notarized app build archive from Xcode do the stapling for me as described in "Notarize Your App Automatically as Part of the Distribution Process" here: https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution The syspolicyd log output from launch of the exported, notarized .app is lengthy. The only clearly suspicious things I see in it are errors like this one. I don't know whether they're alarming or normal: syspolicyd: (Security) [com.apple.securityd:cfloadfile] failed to fetch /Users/troy/Desktop/TypeMetal.app/Contents/_CodeSignature/CodeRequirements-2 error=-10 I see these mentions of "MASReceipt" and wonder if they indicate anything about the intent to receipt-check the app as a condition for being able to run it: syspolicyd: (Security) [com.apple.securityd:csresource] 0x161147db0 rule ^_MASReceipt$ added (weight 0, flags 0x10) ... syspolicyd: (Security) [com.apple.securityd:rscan] try ^_MASReceipt$ Here are the outputs for the suggested diagnostics (hashes and team ID redacted in case I shouldn't post that stuff): [21E258 ascent:~/Desktop] troy% xcrun stapler validate TypeMetal.app  Processing: /Users/troy/Desktop/TypeMetal.app The validate action worked! [21E258 ascent:~/Desktop] troy% codesign -dvvvv TypeMetal.app  Executable=/Users/troy/Desktop/TypeMetal.app/Contents/MacOS/TypeMetal Identifier=com.CoherenceLabs.TypeMetalDemo Format=app bundle with Mach-O universal (x86_64 arm64) CodeDirectory v=20500 size=23915 flags=0x10000(runtime) hashes=736+7 location=embedded VersionPlatform=1 VersionMin=720896 VersionSDK=787200 Hash type=sha256 size=32 CandidateCDHash sha1=(40 hex digits) CandidateCDHashFull sha1=(same 40 hex digits) CandidateCDHash sha256=(40 hex digits) CandidateCDHashFull sha256=(64 hex digits) Hash choices=sha1,sha256 CMSDigest=(64 hex digits) CMSDigestType=2 Executable Segment base=0 Executable Segment limit=2310144 Executable Segment flags=0x1 Page size=4096 CDHash=(same 40 hex digits as "CandidateCDHash sha256") Signature size=9069 Authority=Developer ID Application: Coherence Labs, LLC ([MYTEAMIDENTIFIER]) Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=May 5, 2022 at 11:19:57 AM Info.plist entries=30 TeamIdentifier=[MYTEAMIDENTIFIER] Runtime Version=12.3.0 Sealed Resources version=2 rules=13 files=498 Internal requirements count=1 size=224 [21E258 ascent:~/Desktop] troy% codesign --test-requirement="=notarized" --verify --verbose TypeMetal.app  TypeMetal.app: valid on disk TypeMetal.app: satisfies its Designated Requirement TypeMetal.app: explicit requirement satisfied [21E258 ascent:~/Desktop] troy% codesign --verify --deep --strict --verbose=2 TypeMetal.app  --prepared:/Users/troy/Desktop/TypeMetal.app/Contents/Frameworks/OpenSSL.framework/Versions/Current/. --validated:/Users/troy/Desktop/TypeMetal.app/Contents/Frameworks/OpenSSL.framework/Versions/Current/. TypeMetal.app: valid on disk TypeMetal.app: satisfies its Designated Requirement Is there something else I can try? Do you need more of the syspolicyd log output? Thanks! Troy