Got in contact with @Vishwas a few days and after some hard work we get to the bottom of this.
Firebase doesn’t recognize our apps as authenticated even if we make everything right, so in order to make it work we must set the rules to the test environment (open).
He said that have added it to their bug tracker and we probably will get a solution to it in the next update once this is a huge issue and everybody’s data that uses Kodular and Firebase are vulnerable now.