Have you pushed your schema (changes) from Development to Production in CloudKit?

Are you pushing your schema (changes) from Development to Production in CloudKit?

to determine if a user is signed into iCloud, use CKContainer.accountStatus { … } https://developer.apple.com/documentation/cloudkit/ckcontainer/1399180-accountstatuswithcompletionhandl Going further, record types in CloudKit can have various read and write permissions using security roles. CloudKit Security Roles are not well documented. See this thread for more https://stackoverflow.com/questions/31369181/how-do-the-cloudkit-security-roles-and-permissions-work

How important is user privacy? How important is security? How are you planning to pay for cloud services like FireBase or AppWrite? I choose CloudKit (and CoreData), time and again, because, user data is private and secure by default, the capability to share between users is built in on top of that privacy and security, and users pay for their own cloud storage, not me. In 2019, Apple introduced a sync system between the CloudKit and CoreData, called NSPersistentCloudKitContainer, which might server you well. If you want more control, check out CloudCore. And for Android, check out cloudkit_flutter. fwiw

check the creatorUserRecordID field of the CKRecord https://developer.apple.com/documentation/cloudkit/ckrecord/1462208-creatoruserrecordid

not sure of this, but what thread does Auth.auth().addStateDidChangeListener {} call into? Inside that, you're using the viewContext, which must used be on the main thread.

I suggest turning on all the debugging capabilities of Core Data, this article does a great job summarizing them https://useyourloaf.com/blog/debugging-core-data/

if there is a question here, the answer is to do what it says "Retry after X seconds". The actual time is included in the info dictionary of the error. Here's a snippet from CloudCore, an open-source sync engine, that shows how it retrieves this info… private func handle(error: Error, …) { guard let cloudError = error as? CKError else { … return } switch cloudError.code { case .requestRateLimited, .zoneBusy, .serviceUnavailable: if let number = cloudError.userInfo[CKErrorRetryAfterKey] as? NSNumber { let pauseUntil = Date(timeIntervalSinceNow: number.doubleValue) } … } }

In my experience, no. You should manually trigger your sync logic.

can you reproduce in iOS 16.2? If yes, file a bug in FeedBack Assistant

fwiw having the share link in and of itself doesn't give any access to the root record or zone being shared.

Yes, checking that box encrypts the data on CloudKit. You can learn more about it here https://developers.apple.com/videos/play/wwdc2021-10015/?time=1285 BUT, you might consider storing passwords in the Keychain instead.

explore CoreImage https://developer.apple.com/documentation/coreimage

sounds like a race condition

please file a bug report in the Feedback Assistant app.