Thanks for raising this. It's a valid concern and we appreciate the detailed feedback.
Unfortunately, this is a limitation of the Flutter/Dart runtime (which we use) rather than something we can toggle at the app level. Even though Kagi Translate ships as an AOT-compiled release build (no JIT), the Dart VM on Android still uses mprotect to mark memory pages as executable when loading the pre-compiled snapshots. This is what triggers GrapheneOS's DCL via memory restriction. It's fundamentally different from how the Dart VM works on iOS, where it loads code via shared libraries and doesn't need runtime memory permission changes.
This affects all Flutter-based apps on GrapheneOS. There's no app-side setting we can expose to disable this behavior since it happens deep in the Dart VM runtime before our code even runs.
The good news is that the Dart VM already handles mprotect failures gracefully on iOS. The same approach could be applied to Android, but it would need to be implemented upstream by the Dart team. We'll look into filing or upvoting an issue on the Dart SDK for this.
In the meantime, the workaround on GrapheneOS is to enable DCL via memory selectively for Kagi Translate only using the per-app toggle. We understand that's not ideal from a security posture perspective, but it's the only option until the Dart runtime is updated to handle this restriction gracefully.
