feat: add direct mUSD fiat injection flow for Money Account deposits#9080
Merged
Conversation
OGPoyraz
added a commit
that referenced
this pull request
Jun 10, 2026
d97ba76 to
4f1e16f
Compare
OGPoyraz
added a commit
that referenced
this pull request
Jun 10, 2026
4f1e16f to
436fbe7
Compare
OGPoyraz
added a commit
that referenced
this pull request
Jun 10, 2026
436fbe7 to
f19439b
Compare
f19439b to
79ef620
Compare
matthewwalsh0
requested changes
Jun 11, 2026
matthewwalsh0
requested changes
Jun 11, 2026
… QuoteRequest, flag rename, gas overhead and fallback fixes
OGPoyraz
commented
Jun 12, 2026
matthewwalsh0
approved these changes
Jun 12, 2026
| relayRequestOverrides?: Partial<QuoteRequest>; | ||
| }; | ||
|
|
||
| async function executeFiatQuotePipeline( |
|
|
||
| const relayTotalFeeUsd = gasDeductedFromSource | ||
| ? getRelayTotalFeeUsd(relayQuote) | ||
| : getNonGasRelayFeeUsd(relayQuote); |
Member
There was a problem hiding this comment.
Minor, if we're using our gas station for the relay quote, won't the user still need to cover the source network cost as it's calculated from the gas fee token so includes the original gas fee plus commission but it will be paid via additional input token?
Similarly, if a native token, there could still be a source network cost?
Do we add this back somewhere else?
Member
Author
There was a problem hiding this comment.
As this is for mUSD flow and Monad transactions are paid by us, this was increasing the total ramps quote unnecessarily, but again as this is just for quoting it's safe for now, I will revisit in case if we need presented fee fixes.
This was referenced Jun 12, 2026
Merged
pull Bot
pushed a commit
to dmrazzy/core
that referenced
this pull request
Jun 12, 2026
## Explanation Release `1039.0.0` with a minor version bump for: - **`@metamask/transaction-pay-controller`** `23.5.1` → `23.6.0` ### `@metamask/transaction-pay-controller@23.6.0` #### Added - Add direct mUSD fiat injection flow for Money Account deposits behind `useFiatMUSDQuoteToInjectForMoneyAccount` feature flag. When enabled, probes fiat providers for mUSD on Monad availability and, if viable, purchases mUSD directly to the Money Account, skipping the ETH-to-mUSD bridge. Falls back to the existing flow when no provider supports the direct route. Also moves `fiatPayment.caipAssetId` assignment into fiat quote functions so the asset ID always matches the quote that succeeded. ([MetaMask#9080](MetaMask#9080)) - Make fiat order polling interval and timeout remotely configurable via `confirmations_pay_fiat.orderPollIntervalMs` and `confirmations_pay_fiat.orderPollTimeoutMs` feature flags ([MetaMask#9090](MetaMask#9090)) #### Changed - Bump `@metamask/utils` from `^11.9.0` to `^11.11.0` ([MetaMask#9074](MetaMask#9074)) - Bump `@metamask/assets-controller` from `^9.0.0` to `^9.0.1` ([MetaMask#9083](MetaMask#9083)) - Bump `@metamask/controller-utils` from `^12.1.1` to `^12.2.0` ([MetaMask#9083](MetaMask#9083)) - Bump `@metamask/transaction-controller` from `^67.1.0` to `^68.0.0` ([MetaMask#9089](MetaMask#9089)) - Bump `@metamask/ramps-controller` from `^14.1.1` to `^14.2.0` ([MetaMask#9105](MetaMask#9105)) #### Fixed - Clear stale `fiatPayment.rampsQuote` when a fiat quote fetch fails, preventing the "No quotes" alert from being silently suppressed after a prior successful fetch ([MetaMask#9073](MetaMask#9073)) ### Dependency updates No downstream dependents — no additional changelog entries needed. ## References - [MetaMask#9080](MetaMask#9080) — Direct mUSD fiat injection flow - [MetaMask#9090](MetaMask#9090) — Configurable fiat order polling - [MetaMask#9074](MetaMask#9074) — Bump @metamask/utils - [MetaMask#9083](MetaMask#9083) — Bump assets-controller, controller-utils - [MetaMask#9089](MetaMask#9089) — Bump transaction-controller - [MetaMask#9105](MetaMask#9105) — Bump ramps-controller - [MetaMask#9073](MetaMask#9073) — Fix stale fiatPayment.rampsQuote ## Checklist - [ ] I've updated the test suite for new or updated code as appropriate - [ ] I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate - [x] I've communicated my changes to consumers by [updating changelogs for packages I've changed](https://github.com/MetaMask/core/tree/main/docs/processes/updating-changelogs.md) - [ ] I've introduced [breaking changes](https://github.com/MetaMask/core/tree/main/docs/processes/breaking-changes.md) in this PR and have prepared draft pull requests for clients and consumer packages to resolve them <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > The PR only changes version numbers and changelog text; behavioral risk depends on the already-merged 23.6.0 features, not on new code in this diff. > > **Overview** > Cuts **release 1039.0.0** by bumping the monorepo from `1038.0.0` to `1039.0.0` and publishing **`@metamask/transaction-pay-controller`** **`23.5.1` → `23.6.0`**. > > The package changelog is finalized for **23.6.0** (new `[23.6.0]` section, compare links updated); the diff does not include implementation changes—only version metadata and release notes for work already merged (direct mUSD fiat injection behind a flag, remote fiat order polling config, dependency bumps, stale `fiatPayment.rampsQuote` fix). > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 1387422. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
pull Bot
pushed a commit
to Dustin4444/metamask-mobile
that referenced
this pull request
Jun 12, 2026
<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until this PR meets the canonical
Definition of Ready For Review in `docs/readme/ready-for-review.md`.
In short: the template must be materially complete (not just section
titles
present), all status checks must be currently passing, and the only
expected
follow-up commits must be reviewer-driven.
-->
<!--
mms-check directive vocabulary — read by
.github/scripts/shared/pr-template-checks.ts
at module load to build the validation plan. Directives are invisible in
rendered
markdown and must NOT be removed or edited without updating the
validator registry.
type=text Section must contain non-placeholder prose.
type=changelog Section must have a valid CHANGELOG entry: line.
type=issue-link Section must have a Fixes:/Closes:/Refs: line with a
value.
type=manual-testing Section must have real testing steps or an explicit
N/A.
type=screenshot Section must have evidence (image/URL) or an explicit
N/A.
type=checklist Section must have all checkboxes consciously checked.
required=true|false Whether a missing/invalid section runs the validator
at all.
blocking=true|false Whether a failure of this check fails the CI
workflow.
Default: false — failures are shown as warnings in the sticky
comment but do not block the PR.
Sections without a directive are checked for structural presence only.
-->
## **Description**
<!-- mms-check: type=text required=true -->
<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->
Bumps `@metamask/transaction-pay-controller` from `23.5.0` to `23.6.0`
in `package.json` and refreshes `yarn.lock` to pull in the corresponding
transitive dependency updates. There are no application source changes
in this PR.
**Why:** fiat payments in MMPay were broken on the previous TPC version.
Version `23.6.0` lands the upstream fixes and behavior changes required
to restore that flow.
**What changes in TPC `23.6.0`:**
- Added: Direct mUSD fiat injection flow for Money Account deposits
behind the `useFiatMUSDQuoteToInjectForMoneyAccount` feature flag. When
enabled and a provider supports mUSD on Monad, fiat is used to purchase
mUSD directly into the Money Account, skipping the ETH→mUSD bridge.
Falls back to the existing flow otherwise. Also moves
`fiatPayment.caipAssetId` assignment into the fiat quote functions so
the asset ID always matches the quote that succeeded.
([core#9080](MetaMask/core#9080))
- Added: Fiat order polling interval and timeout are now remotely
configurable via `confirmations_pay_fiat.orderPollIntervalMs` and
`confirmations_pay_fiat.orderPollTimeoutMs` feature flags.
([core#9090](MetaMask/core#9090))
- Fixed: Clear stale `fiatPayment.rampsQuote` when a fiat quote fetch
fails, preventing the "No quotes" alert from being silently suppressed
after a prior successful fetch.
([core#9073](MetaMask/core#9073))
Full upstream changelog:
[`@metamask/transaction-pay-controller@23.6.0`](https://github.com/MetaMask/core/blob/main/packages/transaction-pay-controller/CHANGELOG.md#2360).
## **Changelog**
<!-- mms-check: type=changelog required=true blocking=true -->
<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`
If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`
(This helps the Release Engineer do their job more quickly and
accurately)
-->
CHANGELOG entry: Fixed fiat payments in MMPay by updating
`@metamask/transaction-pay-controller` to `23.6.0`.
## **Related issues**
<!-- mms-check: type=issue-link required=true -->
Fixes:
## **Manual testing steps**
<!-- mms-check: type=manual-testing required=true -->
```gherkin
Feature: Fiat payment in MMPay
Scenario: User completes a fiat payment in MMPay
Given the user has a wallet set up
And MMPay is enabled
And the user is on a flow that supports paying with fiat (e.g. Money Account deposit / Perps / Predict)
When the user selects a fiat payment method
And the user requests a quote
And the user proceeds with the payment
Then a fiat quote is returned successfully
And the payment is processed end-to-end without error
And the on-ramp order is polled until it settles
And the resulting on-chain transaction (or deposit) is reflected in the account
Scenario: Fiat quote fetch fails after a previous success
Given the user previously fetched a successful fiat quote
When a subsequent fiat quote fetch fails
Then the "No quotes" alert is shown (no longer silently suppressed)
```
## **Screenshots/Recordings**
<!-- mms-check: type=screenshot required=true -->
<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->
### **Before**
<!-- [screenshots/recordings] -->
N/A — dependency-only bump, no UI changes.
### **After**
<!-- [screenshots/recordings] -->
N/A — dependency-only bump, no UI changes.
## **Pre-merge author checklist**
<!-- mms-check: type=checklist required=true -->
<!--
Every checklist item must be consciously assessed before marking this PR
as
"Ready for review". A checked box means you deliberately considered that
responsibility, not that you literally performed every action listed.
Unchecked boxes are ambiguous: they are not an implicit "N/A" and they
are not
a silent "skip". See `docs/readme/ready-for-review.md` for the full
checklist
semantics.
-->
- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.
#### Performance checks (if applicable)
- [x] I've tested on Android
- Ideally on a mid-range device; emulator is acceptable
- [x] I've tested with a power user scenario
- Use these [power-user
SRPs](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/edit-v2/401401446401?draftShareId=9d77e1e1-4bdc-4be1-9ebb-ccd916988d93)
to import wallets with many accounts and tokens
- [x] I've instrumented key operations with Sentry traces for production
performance metrics
- See [`trace()`](/app/util/trace.ts) for usage and
[`addToken`](/app/components/Views/AddAsset/components/AddCustomToken/AddCustomToken.tsx#L274)
for an example
For performance guidelines and tooling, see the [Performance
Guide](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/400085549067/Performance+Guide+for+Engineers).
## **Pre-merge reviewer checklist**
<!--
Reviewer checklist items follow the same semantics as the author
checklist: an
unchecked box is ambiguous, a checked box means the reviewer consciously
assessed that responsibility. See `docs/readme/ready-for-review.md`.
-->
- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> **Medium Risk**
> Touches money-movement and pay/ramps controllers via a transitive
dependency upgrade without local code review of upstream behavior;
regression risk is mainly in fiat/MMPay flows.
>
> **Overview**
> Bumps **`@metamask/transaction-pay-controller`** from **23.5.0** to
**23.6.0** in `package.json` and refreshes `yarn.lock`. There are **no
application source changes** in this PR.
>
> The new TPC release pulls updated transitive packages, including
**`@metamask/assets-controller` 9.x**, **`@metamask/bridge-controller`
75.1.1**, **`@metamask/ramps-controller` 14.2.0**, and a newer
**`transaction-controller`** revision inside TPC’s dependency
tree—aligned with the PR goal of fixing **fiat payments in MMPay**.
>
> <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit
b8eb5d2. Bugbot is set up for automated
code reviews on this repo. Configure
[here](https://www.cursor.com/dashboard/bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Explanation
This PR adds an alternative fiat deposit flow for Money Account behind the
useFiatMUSDQuoteToInjectForMoneyAccountfeature flag (confirmations_pay_fiat).Current flow: Fiat provider buys ETH on Mainnet → Relay bridges ETH to Monad, swaps to mUSD, and vaults into the boring vault.
New flow (flag ON + probe succeeds): Fiat provider buys mUSD directly on Monad → delivers to the Money Account address → Relay only vaults (approve + deposit) on the same chain. No bridging or swapping needed.
New flow (flag ON + probe fails): Falls back silently to the current ETH flow.
Key changes
New file:
fiat-direct-musd-quotes-for-money-account.tsprobeMusdFiatAvailability— lightweight probe that verifies at least one fiat provider can sell mUSD on Monad before committing to the direct pathgetDirectMusdToMoneyAccountQuotes— quote function that usesMUSD_MONAD_FIAT_ASSETas the fiat asset and delivers to the Money Account address (txParams.from) instead of the user's EVM accountModified files:
FiatStrategy.ts— routes to the new quote function when flag is ON + transaction ismoneyAccountDeposit, with fallback togetFiatQuotesif the probe fails or returns emptyfiat-submit.ts— detects the direct-mUSD path at submit time by inspecting the stored quote's source chain/token (immune to flag changes between quote and submit), overrideswalletAddressandfiatAssetaccordinglyTransactionPayController.ts— removes eagercaipAssetIdassignment from theshouldUpdateFiatTokenblock;caipAssetIdis now set by whichever quote function succeeds, eliminating a race condition between the controller's synchronous write and the async quote phasefiat-quotes.ts— exports shared helpers (getRampsQuote,buildRelayRequestFromAmountFiat,combineQuotes,getRelayTotalFeeUsd,getRequiredTokens) for reuse, addscaipAssetIdto theupdateFiatPaymentcallutils.ts— exportsresolveTransactionType, addsisMoneyAccountDepositTransactionfeature-flags.ts— addsuseFiatMUSDQuoteToInjectForMoneyAccounttoFiatFlagstype + getterconstants.ts— addsCHAIN_ID_MONAD,MUSD_MONAD_ADDRESS,MUSD_MONAD_FIAT_ASSET,MUSD_PROBE_AMOUNT_USDDesign decisions
getFiatQuotescaipAssetIdwriter: MovingcaipAssetIdfrom the controller to the quote functions eliminates a race condition and ensures it always matches the actual quote returnedReferences
Plans/transak-musd-inject-money-account.mdChecklist
Note
Medium Risk
Changes fiat quote/submit and relay recipient behavior on Money Account deposit paths; mitigated by feature flag, provider probe, and fallback to the legacy ETH flow.
Overview
Adds an optional direct mUSD fiat deposit path for Money Account deposits when
confirmations_pay_fiat.directMoneyMusdEnabledis on: probes ramps for mUSD on Monad, then quotes/submits with mUSD delivered to the Money Account (txParams.from) and relay overrides (recipient,paymentOverride: moneyAccount), skipping the ETH→bridge→mUSD path. Probe failure or empty direct quotes fall back to the existing fiat+relay flow.fiatPayment.caipAssetIdis no longer set on payment-method change inTransactionPayController; successful quote paths now setcaipAssetIdandrampsQuotetogether ingetFiatQuotes. Submit detects the direct route from the stored quote’s mUSD-on-Monad source (not the flag) for wallet address, asset validation, and order polling.Relay quotes accept an optional
recipient; fiat fee adjustment can exclude source-network gas when the source token is not native gas. New Monad/mUSD constants,isMoneyAccountDepositTransaction, and expanded tests for standard and direct flows.Reviewed by Cursor Bugbot for commit cade68a. Bugbot is set up for automated code reviews on this repo. Configure here.